Privacy and Cookies
Privacy notice for the Interreg France (Channel) England programme
What this document is for
This privacy notice provides details on how, we, Norfolk County Council, use your personal information for the purposes of the Interreg France (Channel) England programme (the Programme) in our capacity as:
· Managing authority for the management and delivery of the Programme
· Certifying authority for payments under the Programme
· Audit authority for auditing of the Programme
By ‘use’ we mean the various ways your personal information may be processed including storing and sharing the information.
What we use your information for
We may use the information about you as follows.
In our role as Certifying Authority and Managing Authority, to:
- Confirm that the expenditure claimed by the projects delivered under the Programme is legal and regular in the meaning of the Common Provision Regulations (EU) 1303/2013 and all relevant EU and national legislation
- Confirm that the expenditure claimed by the Programmes’ beneficiaries has been incurred, in relation to real people and in direct contribution towards the objective of the projects.
- Confirm the accuracy and existence of the achievements claimed by the project.
- Fulfil all other responsibilities attributed to the Certifying Authority and Managing Authority as per EU Regulations.
In our role as Audit Authority, to:
- For the same purpose as the Certifying Authority and Managing Authority
- Maintain a record of the work we have undertaken, in support of potential future audits by the European Commission or the European Court of Auditors who check that Audit Authorities undertake their work properly
- Fulfil all other responsibilities attributed to the Audit Authority as per EU Regulations.
We also use this information to assess the quality of our services and evaluate and improve our policies and procedures.
We may also use information in other ways compatible with the above.
What personal data we collect and use about you
We will collect and use:
· Email address
· Pay details
· Labour market status
· Educational attainment
We may also collect and use information about:
This information is classed as “special category data” under the GDPR. We may only collect these data when it is relevant and for the purposes described above.
The GDPR includes safeguards to protect the use of your special category data. Further details can be found on our website in the document named Special category data and criminal offences data policy - Norfolk County Council which sets out our procedures for compliance with the principles of the GDPR and the retention and erasure of this information.
Who provides this information
We receive your personal information from the Programme lead partner and other organisations that they work with.
Who we share your information with
We may need to share your information with:
· Member States (UK and France) and the European Commission in accordance with the principle of shared management
· Competent regional and local authorities and relevant bodies representing civil society in accordance with the Programme partnership and multi-level governance.
· Our external provider for audit services, who support the delivery of our audit work
· The European Commission or the European Court of Auditors, should they decide to undertake an audit of our work.
Any information which is shared will only be shared on a need to know basis, with appropriate individuals. Only the minimum information for the purpose will be shared.
Your personal information will also be given to third parties contracted by the County Council to provide a service to the County Council. These service providers are known as data processors and have a legal obligation under GDPR and to the County Council to look after your personal information and only use it for providing that service. In particular, the County Council has entered into contracts with:
· Gecko, eMS software specialists
· Cintra, translation services
How the law protects you and the legal basis for processing your information
We have legal grounds under the GDPR to process this information because it is necessary:
· For the performance of a task carried out in the public interest and the task or function has a clear basis in law
The statutory powers and duties are the function of the Managing Authority, Certifying Authority and Audit Authority, and as defined in the Common Provision Regulations (EU) 1303/2013 – Articles 125, 126 &127
We have legal grounds to process (including share) special category data because it is necessary for reasons in the substantial public interest and in the exercise of a statutory function. The statutory functions are the same as the statutory powers and duties referred to above.
How long will we keep your personal information for
When the information is no longer needed for the above purposes, it will be securely deleted.
If we need to use your information for research or reports to the EU Commission, your information will be anonymised and any information taken from notes (handwritten or typed) during any consultation sessions will be securely destroyed. The information will continue to be used in a summarised and anonymised form in any research reports or papers that are published. The anonymised information in the papers may be of historic interest and may be held in public archives indefinitely.
How we keep your information
The information is stored electronically, on the Programme’s electronic monitoring system (eMS), and the County Council’s network including records management systems and in paper files.
The audit work undertaken directly by Norfolk County Council’s audit team is held on database that is hosted by the software provider in the UK.
We do not process your information outside of the UK or European Economic Area.
Automated decision making
We do not make automated decisions about you.
We also provide the following details in our general privacy notice on our website:
· Who we are
· How long we use your information for
· Your rights under the UK General Data Protection Regulation (the GDPR) and
· How to exercise them
You can also ask us for a copy of this information.
Changes to this notice
We may amend this privacy notice at any time so please review it frequently. The date below will be amended each time this notice is updated.
This notice was created on 11th March 2021.
Most browsers allow you to refuse to accept cookies. This may, however, have a negative impact upon the usability of many websites, and may prevent you from accessing some services available on this website.