Data Protection and GDPR

In order to deliver services to the citizens and communities in West Lothian, it is necessary for the council to collect, gather and process personal data about residents, staff and other individuals.

The Data Protection Law regulates the way we handle and process personal information within the council. 

The existing Data Protection Act (1998) will be replaced on 25th May 2018 by new legislation in the form of the General Data Protection Regulation (GDPR). The GDPR is a European regulation that sets out the changes that the UK will need to implement in a new Data Protection Act.

Personal data is information which relates to a living person who can be identified from the information itself, or by linking it with other information. For example, it could be your name and address, a school pupil's record or a client's health information.

Processing personal data is the name given to anything that we do with your personal data that we hold. For example, entering your details into our computer systems or storing a completed form in a filing cabinet.

The sections below explain the arrangements we have in place to protect the information entrusted to the council.

Changes to Data Protection Law
Who we are
Why we process your data
Sharing and protecting your information
How long we keep your information
Privacy Notices
How to make an enquiry or lodge a complaint
Making A Subject Access Request and/or Enquiry