PN128 - Blue Badge Scheme Privacy Notice
Torfaen County Borough Council is committed to protecting your privacy when you use our services. This Privacy Notice is designed to give you information about the data we hold about you, how we use it, your rights in relation to it and the safeguards in place to protect it.
TCBC Service Area: Adults & Communities
Work Area: Blue Badges
Contact Details: firstname.lastname@example.org
Privacy Notice Name: Blue Badge Scheme
Data Controller: Torfaen County Borough Council, c/o Civic Centre, Pontypool, NP4 6YB
If you wish to raise a concern about the handling of your personal data, please contact the Data Protection Officer on 01495 762200 or email email@example.com
The Blue Badge (Disabled Persons’ Parking) scheme was introduced in 1971 under section 21 of the Chronically Sick and Disabled Persons Act 1970.
The scheme provides a national arrangement throughout the UK of on-street parking concessions for people who experience the greatest barriers to their mobility when seeking to access community-based facilities. The scheme is open to eligible people who may be travelling as a driver or a passenger.
Who provides your data to the Council?
In order to carry out the purposes described above, we may obtain your personal data from a variety of sources, including the following:
- Direct from the person making the application
- Individuals themselves
- Relative, guardians or other persons associated with the individual
- Indirectly from partner organisations
- Department for Work and Pensions
- HM Revenue & Customers
- Approved organisations and people working with the Council
- Central Government, Government agencies and departments
- Healthcare, social and welfare advisers or practitioners
- Medical consultants & GPs
- Other departments within the Council
The personal information we process is provided to us by the person(s) listed above. The Blue Badge Service will collect, process and store personal information in order to process your application. If you do not provide your data, we will be unable to process your application.
How does the Council collect this information?
The Council may collect this information in a variety of different ways including:
- During a call to the Contact Centre
- In person via conversation at one of our Customer Care Centres
- An online application via the web or mobile app
- Through Facebook, Twitter or email
- Within My Council Services (MCS) software system
- We may also obtain personal applications forwarded from GOV.UK where an application is submitted online via that website
What information does the Council collect about you?
In the course of delivering the Blue Badge service, we collect the following personal information when you (or others on your behalf) provide it to us:
- date of birth
- contact details
- place of birth
- National Insurance number
- contact details for members of your family and support network if you wish them to advocate for you
- copies of documents showing your proof of identity (for example, passport, birth certificate)
- copies of documents showing your address (for example, council tax bill, benefit letter, driving licence, pay slips)
- your photograph
Why does the Council process your personal data?
Under Article 6 of the UK General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information is;
(e) We need it to perform a public task.
Under Section 21 of the Chronically Sick and Disabled Persons Act (1970), we have a statutory obligation to maintain a register showing the holders of badges issued by the authority.
We store and use your Blue Badge application data to:
- Assess eligibility for a Blue Badge
- Produce and distribute the badge
- Monitor usage
Special categories of personal data
We also collect the following special category data:
- data concerning health - medical information you provide in support of your application
If applicable, copies of documents showing your eligibility to a benefit which automatically qualifies you for a Blue Badge
We collect this under Article 9 of the UK GDPR.
We do not collect any criminal data
Who has access to your data?
Your data is shared internally only with the appropriate staff where it is necessary for the performance of their roles.
Your data may also be shared externally with organisations to enable us to process and safeguard the Blue Badge scheme for yourself and other applicants. As we have a statutory basis for collecting your personal data, we do not need to ask for your permission to share it; however we will only ever share data on a basis of need, in line with legislation and will work transparently with you at all times.
These may include, but not be limited to;
- Cabinet office for data matching under the National Fraud Initiative
- Able 2 Occupational Therapy Services who undertake the Independent Mobility Assessments where it is felt you will need to be assessed to determine eligibility
- Other Local Authorities who administer or enforce the Blue Car Badge service if you move to their area or use the Blue Badge in their area
- Welsh Government and Central Government
- Department for Transport and partner agencies for the processing of applications
- If you are eligible for a badge, your details will also be shared with APS as they produce and post out the badges.
- We will contact the Department for Work and Pensions to check you are receiving the benefits you have declared in connection with your mobility if you have not supplied evidence of this.
- Your details will be shared with Valtech Limited as they host the national Blue Badge system.
Apart from where previously stated, we do not pass your details to third parties unless we are lawfully required do so.
Is the Data transferred out of the UK?
How does the Council keep your data secure?
The Council has internal policies in place to ensure the data it processes is not lost, accidentally destroyed, misused or disclosed. Access to this data is restricted in accordance with the Council’s internal policies and in compliance with the UK GDPR.
Data will be stored securely in;
- My Council Services secure cloud-based platform
Where the Council engages third parties to process personal data on its behalf, they do so on the basis of written instructions. These third parties are also under a duty of confidentiality and are obliged to implement appropriate measures to ensure the security of data.
How long does the Council keep your data?
The Council will hold your personal data only for the period that is necessary and will follow organisational and Local Authority standards in this area. At the end of the retention period the Council will securely destroy or dispose of the data in line with retention schedules.
- Information will be kept for a period of 42 months (from the date of application)
Are we making automated decisions/profiling with your data?
You have a number of Rights you can exercise:
- Access - to obtain a copy of your data on request
- Rectification – to require the Council to change incorrect or incomplete data
- Object, Restrict or Delete - under certain circumstances you can require the Council to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing
- Data portability – to receive and/or transmit data provided to the Council to other organisations (this applies in limited circumstances)
- Withdraw your consent at any time (where consent has been given)
- To know the consequences of failing to provide data to the Council
- To know the existence of any Automated Decision-making, including profiling, and the consequences of this for you.
- To lodge a complaint with a supervisory authority (Information Commissioners Office)
If you would like to exercise any of these rights, please contact firstname.lastname@example.org
The Information Commissioner can be contacted at: The Information Commissioner’s Office (Wales), 2nd Floor, Churchill House, Churchill Way, Cardiff, CF10 2HH. Telephone 0330 414 6421 or e-mail Wales@ico.org.uk
Last Modified: 28/11/2023
Back to top