Skip to main content

Data Protection

General Data Protection Regulation 2016

Rochford District Council is fully committed to ensure compliance with the objectives and obligations of the General Data Protection Regulation 2016 (GDPR) and the forthcoming new Data Protection Act.  

The processing of data by the Council is essential to services and functions and will often involve the use of personal and/or ‘special category’ personal data.  Compliance with the data protection legislation will ensure that such processing is carried out fairly and lawfully.

To do this we have been working hard to review and update our processes to ensure that privacy of your personal information is at the forefront of all our practices.

GDPR will provide for:

  • A more modern definition of ‘personal data’.
  • Strengthened data protection laws and improved rights for data subjects.
  • Greater accountability in organisations.
  • New obligations for data processors (previously none under DPA).
  • Privacy by design – data protection should be designed and be part of any development of business processes, new systems and undertake Privacy Impact Assessments.   
  • New rights for data subjects
    1. The right to be forgotten – in some cases the individual can ask for their personal data to be deleted;
    2. Changes to the consent required by individuals;
    3. Where consent for the use of personal fate is required it must be explicit, non-ambiguous and given freely; and
    4. Consent can be withdrawn by the individual.
  • Changes to the rules on consent, allowing individuals the right to object to processing, to withdraw consent, or the right to erasure.  
  • Mandatory breach notification – in some circumstances we will need to inform the Information Commissioner’s Office about unauthorised disclosures of personal data as soon as they are discovered.  If the disclosure has serious implications for any individuals they will have to be informed as well.
  • Changes to information access rights - no charges for subject access requests, and shorter timescales for responses.

Our Data Protection Officer can be contacted by email on

To find out more please see the document in the Related Content section.