Blue Badge Privacy Notice | Blue Badge Privacy Notice

Local elections in York

Elections to appoint City of York councillors are held every 4 years; the next 'local elections' are on Thursday 2 May 2019.

Vote in local elections

We keep the Blue Badge Scheme Privacy Notice under review. It was last reviewed and updated in March 2019.

If you have any questions about this Privacy Notice contact the council's Data Protection Officer.

View the Privacy and transparency information for all of the City of York Council (CYC).

Personal data

The Blue Badge Service will collect personal data about you when they apply for a Blue Badge.

We'll:

only ask you for the information that's necessary to provide you with the Blue Badge service
protect it and make sure nobody has access to it who shouldn't
ensure that only relevant employees with authorised access can view confidential data
ensure you know if you have a choice about giving us personal data
make sure data is not kept for longer than necessary

We ask that you:

provide accurate and up to date information
let us know of any relevant changes or updates to your information
inform us immediately if you see any mistakes either in the information in the personal data we hold about you

If you don't provide the personal data requested by us, we may not be able to provide you with the information you need and/or process a Blue Badge application for you.

See further details about how we define personal data and non-personal data.

Using personal data

The personal data provided to us will be used to:

Create a secure record of your paper application on our Case Management System (CMS);
Assess your application to see whether it meets one of the automatic criteria, or will require an Independent Mobility Assessment (IMA);
Process your application for a Blue Badge;
Process £10 payment for a Blue Badge;
Answer any appropriate questions relating to your application or use of a Blue Badge;
Investigate any instances where a Blue Badge is allegedly being misused.

See further details about how we use your personal data.

Sharing personal data

Your data will be shared with the companies listed below, as this falls within the explicit consent you provide when submitting your application. If we're unable to share your data with any of the below, it would mean we could not process your application.

Department for Transport (DfT) - Central Government directive responsible for the Blue Badge Scheme
Northgate - Blue Badge Case Management System, used for securely storing your personal data and processing Blue Badge applications
Valtech - A company managing the Central Blue Badge register called 'Manage Blue Badges'
APS - Print and distribution of Blue Badges
Premier Physical Healthcare (PPH) - Independent health mobility assessments;
Gov.UK - Online applications
Government Digital Services (GDS) - Used for sending email/sms notifications and processing online payments.

We will also share your data with other council services in order to protect the integrity of the Blue Badge service and to tackle any potential misuse of a Blue Badge where appropriate:

Veritau - CYC fraud team
Parking Services - Enforcement and Administration

Sharing data under Data Protection legislation

We may be required or permitted, under data protection legislation, to disclose your personal data without your explicit consent, for example if we have a legal obligation to do so, such as for:

law enforcement
fraud investigations
regulation and licensing
criminal prosecutions
court proceedings

We must protect public funds and may use personal data and data-matching techniques to detect and prevent fraud, collect taxes and ensure public money is targeted and spent in the most appropriate and cost-effective way. To do this, your personal data may be shared with other bodies responsible for auditing or administering public funds, including the Department for Work and Pensions, HM Revenue and Customs, the Police and other local authorities.

Our legal basis for collecting and sharing personal data

The Blue Badge team uses and collects your personal data as you have applied for a Blue Badge. We require this information in order to process a badge for you.

Various documents including but not limited to this Privacy Notice, General Data Protection Regulation, Data Protection Impact Assessment and Information Asset Register, detail how this information is managed, shared and used.

Information is collected by your explicit consent.

Retaining personal data

Your data will be stored electronically on our CMS, which has been provided by Northgate. The Blue Badge scheme is a central government directive owned by the DfT, however each Local Authority is responsible for holding the data for their customers. In order to securely manage the data, we process all Blue Badge applications on our CMS.

Although we manage each application through the CMS, we are required to link this to a Central Badge Register called 'Manage Blue Badges.' The contract to manage this Register was awarded by the DfT to Valtech.

Blue Badges will usually be issued for 3 years, but can be reapplied for and extended for a further period of time. Blue Badge information will only be destroyed once an applicant no longer holds a valid badge.

When a badge has expired or has been cancelled, the data will be destroyed 24 months from the date the badge has expired. If a badge is cancelled due to alleged misuse, we must keep the information for 24 months in case this decision is appealed and ultimately revoked.

If an application has been refused, we will still keep your data for 12 months to allow for any appeals or subsequent applications to be considered accurately and effectively.

When we no longer have a need to keep your information, we will delete or destroy it securely. At the end of this retention period, we may be requested to pass any relevant information or data on to the City Archives.

Our retention policy is based on best practice and business needs of all services, including our fraud team.

Further processing of personal data

If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, then we'll provide you with a new notice.

The new notice will:

explain this new use before we start the processing
set out the relevant purposes and processing conditions

Where and whenever necessary, we'll seek your consent to the new processing, if we start to use your personal data for a purpose not mentioned in this Privacy Notice.

See further details about the further processing of personal data.

Your rights relating to personal data

When we collect your personal data we'll tell you how we are going to use it. Where we process your personal data, you have a number of rights under data protection law.

See further details of your rights relating to personal data.

Also see

Comment on this page

Local elections in York

Personal data

Using personal data

Sharing personal data

Sharing data under Data Protection legislation

Our legal basis for collecting and sharing personal data

Retaining personal data

Further processing of personal data

Your rights relating to personal data

Also see

My Account

My Account

Pay online

Pay online

Report problems

Report problems

Your council

Your council

Council tax

Council tax

Schools and education

Schools and education

Waste and recycling

Waste and recycling

Parking and travel

Parking and travel

Benefits

Benefits

Business

Business

Planning and building

Planning and building

Sports and leisure

Sports and leisure

Libraries and archives

Libraries and archives

Health and social care

Health and social care

Housing

Housing

People and communities

People and communities

Births, marriages and deaths

Births, marriages and deaths

Environment and animals

Environment and animals

Streets, roads and pavements

Streets, roads and pavements

Children and families

Children and families

Jobs, training and volunteering

Jobs, training and volunteering

News centre

News centre

Worried about a child?

Worried about a child?