Our Appropriate Policy Document (APD) outlines how we process special categories of personal data and criminal offence data.
The Data Protection Act 2018 outlines the requirement for an APD to be in place when processing special category and criminal offence data under certain specified conditions.
Almost all the substantial public interest conditions in Schedule 1 Part 2 of the Data Protection Act 2018, plus the condition for processing employment, social security, and social protection data, require us to have an APD in place.
As part of our statutory and corporate functions, we process special category data and criminal offence data in accordance with the requirements of Article 9 and 10 of the UK General Data Protection Regulation (‘UK GDPR’) and Schedule 1 of the Data Protection Act 2018.
Some of the Schedule 1 conditions for processing special category and criminal offence data require us to have an APD in place, setting out and explaining our procedures for securing compliance with the principles in Article 5 and policies regarding the retention and erasure of such personal data.
This document explains our processing and satisfies the requirements of Schedule 1, Part 4 of the Data Protection Act 2018.
Our processing of special category and criminal offence data for law enforcement purposes is not covered in this document. Processing for law enforcement purposes is carried out by us in our capacity as a competent local authority and falls under Part 3 of the Data Protection Act 2018. For further information see our Law Enforcement Privacy Notice.
See information on:
- special category data
- criminal offence data
- conditions for processing special category and criminal offence data
- description of data processed
- Schedule 1 conditions for processing
- procedures for ensuring compliance with the principles
- retention and erasure policies
- APD review date
- additional special category processing
Special category data
Article 9 of the UK GDPR covers processing of special category data as personal data revealing:
- racial or ethnic origin
- political opinions
- religious or philosophical beliefs
- trade union membership
- genetic data
- biometric data for the purpose of uniquely identifying a natural person
- data concerning health; or
- data concerning a natural person’s sex life or sexual orientation
Criminal offence (criminal offence) data
Article 10 of the UK GDPR covers processing in relation to criminal convictions and offences or related security measures.
In addition, section 11(2) of the DPA 2018 specifically confirms that this includes personal data relating to the alleged commission of offences or proceedings for an offence committed or alleged to have been committed, including sentencing. This is collectively referred to as ‘criminal offence data.'
Conditions for processing special category and criminal offence data
We process special category personal data under the following UK GDPR Articles:
Article 9(2)(a) – explicit consent
In circumstances where we seek explicit consent when required for specific purposes, we make sure that the consent is unambiguous and for one or more specified purposes, is given by an affirmative action and is recorded as the condition for processing.
Examples of our processing include:
- health information we receive from our customers who require a reasonable adjustment to access our services
- taking part in surveys
- subscribing to council updates or newsletters
Article 9(2)(b) – Employment, social security and social protection (if authorised by law)
Where processing is necessary for the purposes of performing or exercising obligations or rights which are imposed or conferred by law on the council or the data subject in connection with employment, social security, or social protection.
Examples of our processing include:
- collection of council tax
- providing social services to residents
Article 9(2)(c) – Vital interests
Where processing is necessary to protect the vital interests of the data subject or of another natural person.
Examples of our processing include:
- providing contact information to other services to conduct safeguarding checks
- using health information about a member of staff in a medical emergency
Article 9(2)(e) – made public by the data subject
Where the processing relates to personal data manifestly made public by the data subject.
Article 9(2)(f) – Legal claims or judicial acts
Where the processing is necessary for the establishment, exercise, or defence of legal claims.
Examples of our processing include:
- employment tribunal
- other litigation
Article 9(2)(g) – Reasons of substantial public interest (with a basis in law)
Where the processing is necessary for the purposes of providing public services in the public interest and is necessary for the carrying out our role.
Examples of our processing include:
- the information we seek or receive as part of investigating a complaint
- the information we seek or receive as part of responding to a Freedom of Information Act 2000 and the Environmental Information Regulations investigating a complaint
- responsibility for monitoring the application of the UK GDPR (as well as the Data Protection Act 2018) to protect the fundamental rights and freedoms of natural persons in relation to processing of their information by the council
Article 9(2)(h) Health or social care (with a basis in law)
Where the processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services provided by the council.
Examples of our processing includes:
- Adult social care
- Childrens social care
Article 9(2)(i) – Public health (with a basis in law)
Where the processing is necessary for reasons of public interest in the area of public health services delivered by the council.
Examples of our processing includes:
- the council’s public health services
Article 9(2)(j) – for archiving purposes in the public interest
Where the processing is necessary for the council to meet its obligations to transfer records for permanent preservation under the Public Records Act 1958 (as amended). The relevant purpose we rely on is Schedule 1 Part 1 paragraph 4 – archiving.
Examples of our processing include:
- transfers to the National Archives
- transfers to the City Archives
We process criminal offence data under Article 10 of the UK GDPR.
Examples of our processing of criminal offence data include pre-employment checks:
- declarations by an employee in line with contractual obligations;
- Youth Justice Service
- Community safety, neighbourhood enforcement
- Public protection
- Trading Standards
Description of data processed
We process the special category data about our employees that is necessary to fulfil our obligations as an employer. This includes information about their health and wellbeing, ethnicity, photographs, and their membership of any trade union.
Further information about this processing can be found in City of York Council Employees Privacy Notice.
Our processing for reasons of substantial public interest relates to the data we receive or obtain to fulfil our statutory functions as a local authority. This may be evidence provided to us as part of a complaint or intelligence information we gather for our investigations.
Further information about this processing can be found in our published privacy notices.
We also comply with the requirement for a record of our processing activities in accordance with Article 30 of the UK GDPR.
Schedule 1 conditions for processing
Special category data:
We process special category data in Part 1 of Schedule 1 and in Part 2 of Schedule 1 as set out in our published privacy notices.
Criminal offence data:
We process criminal offence data as set out in the published Law Enforcement Processing privacy notice.
Procedures for ensuring compliance with the Principles
We have put in place the following procedures to ensure compliance:
Accountability principle
We have put in place appropriate technical and organisational measures to meet the requirements of accountability. These include:
- the appointment of a data protection officer who reports directly to our highest management level
- taking a ‘data protection by design and default’ approach to our activities
- maintaining documentation of our processing activities
- adopting and implementing data protection policies and ensuring we have written contracts in place with our data processors and also with joint or independent data controllers
- implementing appropriate security measures in relation to the personal data we process
- carrying out data protection impact assessments for our high-risk processing
We regularly review our accountability measures and update or amend them when required.
Principle (a) - Lawfulness, fairness, and transparency
Processing special category and criminal offence data must be lawful, fair, and transparent. It is only lawful if and to the extent it is based on law and either the data subject has given their consent for the processing, or the processing meets at least one of the conditions in Schedule 1.
We provide clear and transparent information about why we process special category and criminal offence data including our lawful basis for processing in our published privacy notices and this policy document.
Our processing for purposes of substantial public interest is necessary for the exercise of a function of providing services to residents of York, for example council tax collection, or waste collection.
Our processing for the purposes of employment relates to our obligations as an employer.
Principle (b) - Purpose limitation
We process special category data for purposes of substantial public interest as explained above when the processing is necessary for us to fulfil our statutory functions, where it is necessary for complying with or assisting another to comply with a regulatory requirement to establish whether an unlawful or improper conduct has occurred, to protect the public from dishonesty, preventing or detecting unlawful acts or for disclosure to elected representatives.
We are authorised by law to process special category data for these purposes. We may process special category data collected for any one of these purposes (whether by us or another controller), for any of the other purposes here, providing the processing is necessary and proportionate to that purpose.
If we are sharing data with another controller, we will document that they are authorised by law to process the data for their purpose.
If we are sharing data with a “processor”, we will document their processing and purposes in a contract and data processing schedule.
We will not process special category data for purposes incompatible with the original purpose it was collected for.
Principle (c) - Data minimisation
We collect special category data necessary for the relevant purposes and ensure it is not excessive. The information we process is necessary for and proportionate to our purposes.
Where special category data is provided to us or obtained by us, but is not relevant to our stated purposes, we will erase it.
Principle (d) - Accuracy
Where we become aware that special category data is inaccurate or out of date, having regard to the purpose for which it is being processed, we will take every reasonable step to ensure that data is erased or rectified without delay.
If we decide not to either erase or rectify it, for example because the lawful basis we rely on to process the data means these rights don’t apply, we will document our decision.
Principle (e) - Storage limitation
All special category data processed by us for the purpose of employment or substantial public interest is, unless retained longer for archiving purposes, retained for the periods set out in our retention schedule.
We determine the retention period for this data based on our legal obligations and the necessity of its retention for our business needs. Our retention schedule is reviewed regularly and updated when necessary.
Principle (f) - Integrity and confidentiality (security)
Electronic information is processed within our secure network. Hard copy information is processed in line with our security procedures.
Our electronic systems and physical storage have appropriate access controls applied.
The systems we use to process personal data, special category data and criminal offence data allow us to erase or update it at any point in time where appropriate.
Retention and erasure policies
Our retention schedule including actions to take at end of the retention period are set out in council retention schedule.
APD review date
This policy will be retained for the duration of our processing and for a minimum of 6 months after processing ceases.
This policy will be reviewed annually or revised more frequently if necessary and it was last reviewed in November 2024.
Additional special category processing
We process special category personal data in other instances where it is not a requirement to keep an appropriate policy document. Our processing of such data respects the rights and interests of the data subjects. We provide clear and transparent information about why we process personal data including our lawful basis for processing in our published privacy notices and staff privacy notice.