Privacy Policy

Buckinghamshire Fire & Rescue Service serves a population of more than 800,000 in the South East of England.

Last updated: March 2020

Copyright, Privacy and Disclaimer Notice

Thank you for visiting our website and showing an interest in what we do. We obviously encourage people to use material posted on this site, but parts of it have been used with the kind permission of other parties who hold and control the copyright. Therefore, should you wish to reproduce any part of this site for anything other than personal and private use, please contact us first at enquiries@bucksfire.gov.uk.

We would be grateful if you would read through the “small print” below.

Disclaimer

Liability: All visitors to this website use and view all functions at their own risk. Buckinghamshire & Milton Keynes Fire Authority (the Authority) accepts no liability for any consequential damage caused to the user or their software, data or property as a result of their visit to or use of our website.

The Authority tries hard to maintain the accuracy and reliability of the information on this website, which is provided for convenience as part of the service we offer. It accepts no liability for problems arising from the use of, or reliance on, this information.

Hyperlinks: This website may contain links to and/or advertisements relating to other websites maintained by us in addition to links to websites maintained by unrelated companies and people. A link to, or an advertisement relating to, a non-Buckinghamshire & Milton Keynes Fire Authority (the Authority) website does not mean that the Authority approves, endorses or accepts any responsibility for that website, its content or use, or the use of products and services made available through it.

If you decide to leave our website and access these other websites, you do so at your own risk. All rules, policies and operating procedures of these websites will apply to you while you are on them.

People providing access to our website via a link from another website are solely responsible for the content, accuracy, opinions expressed, privacy policies, products or services of, or available through, the source website and for any representations made or impressions created concerning the Authority.

The Authority as a Data Controller determines the purposes for collecting and using your data in order to carry out our public duties. The Authority is committed to protecting your personal information and this Privacy Notice explains how we use and share your information and how we protect your privacy.

Personal data refers to any information with which a living individual can be identified.

Privacy Notice

Buckinghamshire & Milton Keynes Fire Authority (the Authority) is committed to protecting you and your family’s personal information. Our privacy notice tells you what to expect when the Authority collects personal information

Why we collect your personal information

To deliver our services effectively, we may need to collect and process personal data about you. We collect data using:

Online forms.
Telephone calls.
Personal contact, including visits.
Letters and paper forms.
Emails.

We collect and use different kinds of information for taking 999 calls and responding to an emergency:

Incident details, including location.
What services have been provided.
Recording of 999 calls.
Type of household, for example, single occupant, children.
Information about buildings which might affect how we respond to an emergency, for example, stored flammable goods.

For advising on fire risks at home:

Personal details – for example, name, age, address.
Contact information.
Physical or mental health details.
Lifestyle and social circumstances relating to fire risk or other high risks.
Opinions and decisions on fire safety.
What services have been provided.

To identify community fire risks:

Locations of fire related incidents.
Addresses of fire related risks, for example, occupiers over 65, use of home oxygen, threats of arson.

For business fire safety advice and enforcement action:

Contact information.
Licences, certificates held.
Opinions and decisions on fire safety.

To check our services meet legal duties, including for diversity and equality of opportunity:

Age group.
Gender identity.
Disability.
Racial or ethnic origin.
Religious or other beliefs.

Where might we collect your personal data from?

You.
Your family members, employer or representative.
Other public bodies such as the police, ambulance service, local councils and the NHS.
Charities and support services who you have given permission to share your information for fire safety reasons.
Other organisations such as companies who you have given permission to share your information for security or key holding purposes.

Legal basis for using your personal data

We have the right to process your personal data if at least one of the following applies:

Processing is necessary for carrying out legitimate public duties of a Fire and Rescue Service as defined in the Fire and Rescue Services Act 2004.
Explicit consent for activities that help us in carrying out our public power of improving general community safety.
Processing is necessary for collaborating with public organisations such as the police and ambulance service in undertaking public safety functions.
For recruitment, employment, social security purposes or a collective agreement.
Processing is carried out by a non-profit body with a political, philosophical, religious or trade union aim provided:
To protect someone from danger either from themselves or others. This could be danger to you, people around you, our employees or employees in other services such as the police or ambulance service.

Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use before starting the processing and setting out the relevant purposes and processing conditions. Whenever necessary, we will seek your prior consent to the new processing.

Who will we share your personal information with?

Sometimes, it is in line with our legal duties and in the interest of public safety to share information with other organisations such as the police, the NHS or social services.

For example, NHS England, the Royal College of General Practitioners and Fire and Rescue Services in England work together to share information to allow fire service employees to offer Home Fire Safety Visit for people who have a higher risk of experiencing a house fire. This is by sharing data that lets Fire and Rescue Services identify home address of people over 65 so we can offer home fire safety checks to households identified with a possible higher fire risk. (For more information about how NHS England use and share your information see: https://www.england.nhs.uk/contact-us/privacy-notice/your-information/)

We may also share personal information about you with others. These organisations include, but are not limited to:

The Home Office, regarding for example, incidents and prevention work (for more information: https://www.gov.uk/government/collections/fire-statistics)
Other blue light emergency services, for example police and ambulance so we can respond to incidents.
Public utilities, for example to cut off a gas supply in an emergency.
Local councils, if we have serious concerns about your wider safety that a local council can help with.
Welfare organisations, if you agree to your information being shared.
Central government, for example anonymised information about our activities used for national fire statistics.
Courts and law enforcement, prosecuting authorities, solicitors.
Insurance companies and loss adjusters where they are authorised to act on your behalf following an incident at your property.
When appropriate, your personal data will also be provided to companies who carry out services or functions on behalf of the Authority. These are known as “data processors” as they act only under direct instruction from the Authority and there is always a contract to ensure that our legal and organisational requirements on handling personal data are met.

National Fraud Initiative (NFI) – Fair Processing Statement

The Authority is required to protect the public funds it administers. It may share information provided to it with other bodies responsible for auditing, or administering public funds, or where undertaking a public function, in order to prevent and detect fraud.

The Cabinet Office is responsible for carrying out data matching exercises.

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

We participate in the Cabinet Office’s National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data (payroll, pensions and creditor data) to the Minister for the Cabinet Office for matching for each exercise, as detailed here.

NHS Data – Fair Processing Statement

NHS England, the Royal College General Practitioners and fire and rescue services in England work together to ensure preventative resources are offered to those who may benefit most. This is achieved by referrals and the sharing of information (where relevant, proportionate and necessary) to allow fire service personnel to undertake Safe and Well Visits. If you require more information about how NHS England use and share your information, please click here.

Research has shown that those at high risk from fire death and injury are those who are most likely to impact on a range of NHS services. Safe and Well Visits are developed between local health practitioners and FRSs to meet local health-risk priorities. They therefore represent an intervention which can improve people’s quality of life while reducing demand on critical services.

The majority of fire deaths in the UK occur amongst the elderly population. However, older people are most vulnerable to fire and a number of other risks. A Safe and Well Visit from the FRS is proven to make them safer and can reduce risk significantly across a range of factors.

In one area of the United Kingdom where this work has been piloted since 2007, there has been a very significant reduction in fire deaths and injuries which has developed into a current trend well below the national average. So we know this work can save many lives.

The FRS and NHS will continue to work together in the future to ensure the Visits undertaken by the FRS are effective in helping to make making people safe and well.

How we protect your information

We have physical, electronic and organisation procedures to protect and safely use the information that we hold about you.

Our aim is not to be intrusive, and we won’t ask irrelevant or unnecessary questions. The information you provide will be subject to rigorous measures and procedures to make sure it can’t be seen, accessed or disclosed to anyone who shouldn’t see it.

We use anonymised data wherever we can, so individuals can’t be identified.

We have an Information Governance Framework that includes Data Protection and Information Security procedures. These define our commitments and responsibilities to your privacy and cover a range of information and technology security measures.

We provide training to staff that handle personal information and take appropriate measures if they misuse or do not look after your personal information properly.

How long we keep your information

We will not keep your information longer than it is needed or where the law states how long this should be kept and we will dispose of paper records or delete any electronic personal information securely. For details of how long we retain records for each service, please contact the Data Protection Officer (DPO).

Your rights

Subject to any legal exemptions, you have the following rights with respect to your personal data:

Access – you have the right to know what data we hold relating to you and why and to receive a copy of it;
Rectification – you have the right to have inaccurate information about you corrected (where there is a dispute in relation to the accuracy or processing of your personal data, you have the right to request a restriction is placed on further processing);
Objection – you have the right to object to the Authority using your information, and we would have to stop unless we have a sound overriding reason to continue;
Erasure, restriction and portability – in specific circumstances, you have the right to have your personal data deleted, to put limits on what the Authority may do with it or to receive a copy in machine-readable form to take to another organisation;
Complaints – The right to lodge a complaint with the Information Commissioners Office.
There are also specific legal rights relating to automated decision making but the Authority does not use any such processes to support the delivery of its public services. For more information on your rights under the GDPR see https://ico.org.uk/for-the-public/

While we will endeavour to give you access to everything we have recorded about you we will not share any parts of your details which contain:

Confidential information about other people or
If it is in the interest of public safety and security to withhold that information from you.

How can you exercise your rights?

You can contact our DPO if you wish to exercise any of your rights as described, have a query on how personal data is handled within our organisation or just want further information and advice.

If you want a copy of, or a description of, the personal data we hold that relates to you, please ask in writing, by letter or email. Please be as specific as possible about the information you want.

We will reply with your information within one month of receipt, or from the day on which we have the necessary information to confirm your identity. There are some lawful restrictions on information we send you, for example, other people’s personal information.

Cookies

What is a cookie? | How to delete and control cookies

We use cookies on this website. We will not use cookies to collect personally identifiable information about you. A cookie is a small piece of text stored on your computer, phone or whatever you use to surf the internet. Cookies have various uses and we’ve listed the ones we use below, as well as details about managing them.

Cookie Type	Name	Function
Cookie Type Name Function Strictly Necessary Cookies	OptanonConsent	This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor.
Performance Cookies	_ga	This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners.
	_gat	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
	_gid	This cookie name is associated with Google Universal Analytics. It stores and updates a unique value for each page visited.
Targeting Cookies	YSC
	VISITOR_INFO1_LIVE	This cookie is used as a unique identifier to track viewing of videos
	IDE
	GPS

Access to personal information

Buckinghamshire & Milton Keynes Fire Authority (the Authority) tries to be as open as possible in giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:

Give you a description of it
Tell you why we are holding it
Tell you who it could be disclosed to.
Let you have a copy of the information in an intelligible form.

To make a request to Buckinghamshire & Milton Keynes Fire Authority (the Authority) for any personal information we may hold, you need to put the request in writing and address it to our Internal Compliance Team at: Buckinghamshire Fire & Rescue Service Headquarters, Stocklake, Aylesbury, HP20 1BD.

Links to other websites

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

Complaints or queries

Buckinghamshire & Milton Keynes Fire Authority (the Authority) aims to achieve the highest standards when collecting and using personal information and takes any complaints it receives about this very seriously. We encourage people to let us know if they think that our collection or use of information is unfair, misleading or inappropriate. We also welcome suggestions for improving our procedures.

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of the Authority’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.

Contact details

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice.

If you have any questions about this privacy notice, including any requests to exercise all relevant rights, queries of complaints please contact the DPO on 01296 744442 or by email at InformationGovernance@bucksfire.gov.uk

If you’re not happy with how we deal with your personal information complaint you can complain to the Information Commissioner’s Office (ICO). The ICO is an independent body set up to uphold information rights in the UK. They can also provide advice and guidance and can be contacted through their website: www.ico.org.uk or their helpline: 0303 123 1113, or in writing to:Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Keeping this privacy notice up to date

We will continually review and update this privacy notice to reflect changes in our services and feedback from service users, in order to improve our transparency and comply with legislation.

When such changes occur, we will revise the ‘last updated’ date at the top of this notice.

Questions

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of the Authority’s collection and use of personal information. If you have any questions about this privacy statement or concerns about the way we process your personal data, please contact the DPO using the number or email address above.