Accounts Payable Privacy Notice

For the purpose of making payments to our customers and suppliers, we will collect the following information:

• Personal information – such as your name, address, email address, bank details and payment details.
• Supplier information – such as your name, trading name, address, e-mail addresses for orders and remittances, bank details, VAT Registration Number, Company Registration Number, Unique Taxpayer Reference (UTR) Number, National Insurance Number, invoice details and payment details.

We collect your information from you directly or from our partners in the following ways:

• By asking you or our partners to complete an online form.
• By using incoming correspondence such as emails, letters or forms.
• By recording details of all payment requests, invoices and payments made in our systems.

Your information will be used to create a customer/supplier record in our financial and document retention systems in order to:

• Purchase and pay for goods and services.
• Make miscellaneous payments such as grants, insurance claims, refunds, compensation and personal allowances.
• Retain records to comply with statutory requirements.

The legal basis for processing all personal data is that it is necessary:

• To perform a task in the public interest.
• In the exercise of our local government functions e.g. as provided for by the Local Government Finance Act 1988 and any other relevant legislation.
• To make a payment to you, e.g. as part of our obligations under a contract.
• To satisfy our legal obligations, e.g. with HMRC.

We sometimes need to share your information within the Council or with other organisations. We will only share your information when necessary and when the law allows us to, and we will only share the minimum information we need to.

For Accounts Payable matters we may need to share your information with:

• Your Councillor (for example, if you have made a complaint to them about the Council).
• Customer representatives such as MPs, solicitors, factoring agents etc.
• Cabinet Office for the National Fraud Initiative (NFI). You can find more information about the NFI at: http://www.doncaster.gov.uk/services/the-council-democracy/the-national-fraud-initiative-and-data-matching
• Audit.
• Policing Authorities for the prevention and detection of a crime.
• Payroll.
• Other Council departments and our partners.
• Third parties contracted by the Council to carry out specific functions relating to Accounts Payable.
• HM Revenue and Customs.
• BACS Bureau.
• Banks.
• Enforcement Agents and legal service providers who are under contract with the Council.

Sometimes, we might share your information without your knowledge.

The Council will never sell your information to anyone else.

We will keep your information for different periods of time, depending on what we are using it for. We only keep your information for as long as we need to, after which we will securely delete it.

The law gives you specific rights over your information. These rights are:

• To be informed of our use of information about you.
• To access information about you.
• To rectify information about you that is inaccurate.
• To have your information erased (the ‘right to be forgotten’).
• To restrict how we use information about you.
• To move your information to a new service provider.
• To object to how we use information about you.
• To not have decisions made about you on the basis of automated decision making.
• To object to direct marketing.
• To complain about anything the Council does with your information (please see the ‘Complaints’ section below).

Some of the rights listed above apply only in certain situations, and some have a limited effect. Your rights are explained further in the Individuals’ Rights Procedure on our website, as is how to make a request under one or more of them. You can request information about yourself by making a subject access request on this page of the Council’s website.

This notice is kept under regular review to make sure it is up to date and accurate.

The Council is required by law to have a DPO. The DPO has a number of duties, including:

• Monitoring the Council’s compliance with data protection law.
• Providing expert advice and guidance on data protection.
• Acting as the point of contact for data subjects.
• Co-operating and consulting with the Information Commissioner’s Office (see ‘Complaints’ below).

The Council’s Data Protection Officer can be contacted by email at information.governance@doncaster.gov.uk 

If you are unhappy with the way in which your information has been handled you should contact the Council’s Data Protection Officer so that we can try and put things right. Alternatively, and if we have been unable to resolve your complaint, you can also refer the matter to the Information Commissioner’s Office (ICO). The ICO is the UK's independent body set up to uphold information rights, and they can investigate and adjudicate on any data protection related concerns you raise with them. They can be contacted via the methods below:

Website: www.ico.org.uk

Telephone: 0303 123 1113

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.