Who we are
Information Governance Department
Royal Borough of Windsor and Maidenhead
Town Hall
Maidenhead SL6 1RF
Lawful basis for processing the information
The lawful basis for processing is Article 6 GDPR:
e) Our legal bases for using your personal information are to exercise our tasks in the public interest.
How we collect information
We will use the information you have reported to us in your email to report a data security concern.
Information we collect
We will collect the information necessary in order to fully investigate your concerns and ascertain whether a breach has taken place. This can include your name, address, contact details including phone number and address, details of the incident and information around the circumstances of how the concern or incident happened.
How we use the information provided
We will use the information you have provided to fully investigate the concern and take steps to mitigate any risk to data subjects.
Who has access to the information about you
The Data Protection Officer and information governance team.
Who we may share your information with
We will share your concerns with the relevant department involved in the concern. Details of the incident (not including your personal details) will be shared with the Senior Information Risk Owner so we can take the necessary steps to improve processes.
How long we store your information
We keep a record of incidents for five years.
Does your service utilise automated decision making? – No.