Cookie preferences
Toggle menu

The Data Protection Team

Data Protection Officer

The Data Protection Officer (DPO):

  • monitors the Council's compliance with the General Data Protection Regulation (GDPR)
  • is independent
  • reports to Senior Management

Contact the DPO if you wish to report a personal data breach. 

What is a personal data breach and how does it happen?

  • a personal data breach is the destruction, loss, alteration or access to personal data
  • this can happen by accident or in deliberate unlawful circumstances

We will handle all requests for information in line with our Corporate Customer Charter.

For further information, contact the Data Protection Officer.

Information Governance Officer (IGO)

The Information Governance Officer can advise you on your rights to our information.

Laws that affect your information rights and privacy include:

  • the General Data Protection Regulation (GDPR)
  • Data Protection law
  • the Freedom of Information Act 2000 (FOIA)
  • the Human Rights Act 1998

The IGO is also responsible for:

  • promoting transparency within the Council
  • overseeing our publication scheme (required under the FOIA)
  • making sure that we have a suitable records retention policy
  • telling staff and councillors how to use personal information and manage records in a legal manner (the FOIA)

Contact the IGO if you wish to:

  • find out if you have a right to information under the Freedom of Information Act 2000
  • if the information relates to the environment, the Environmental Information Regulations 2004
  • access your information rights as set out under GDPR
  • enquire about the way the Council uses personal information
  • report unauthorised disclosures of information or breaches in the Council's information security

All requests for information will be handled in line with our Corporate Customer Charter.

For further information contact the IGO.

Information Assurance Manager (IAM)

The IAM supports the Service Assurance function by implementing the Information and Communications Technology (ICT) and covers:

  • security vision
  • model and principles
  • compliance with Payment Card Industry Data Security Standard
  • General Data Protection Regulation (and other appropriate industry standards)

The IAM will support the organisational strategy across the Guildford Borough Council. The IAM will work with the ICT department to guide the selection and deployment of technical controls.

This is to meet specific security requirements, defines the processes and standards to ensure that security configurations are maintained.

The IAM is also responsible for managing Guildford Borough Council through the implementation of ISO27001.