Privacy Policy

Last updated: 19/12/2025

​

Renfrew Community Council (“we”, “us”, “our”) is committed to protecting your personal data and being transparent about how we use it.

​

This Privacy Policy explains how we collect, use, store, and protect personal information when you engage with us — online, by email, or in person.

​

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

​

1. Who we are (Data Controller)

 

Renfrew Community Council is a statutory community body established under the Local Government (Scotland) Act 1973 and recognised by Renfrewshire Council.

​

For data-protection purposes, we are the Data Controller.

Contact details: Renfrew Community Council
Email: renfrewcommunitycouncil@gmail.com
Website: www.renfrewcommunitycouncil.com

​

2. What personal data we may collect

Depending on how you interact with us, we may collect:

​

Identity & contact information

• Name

• Email address

• Phone number

• Postal address (where relevant)

​

Engagement & correspondence

• Messages sent via contact forms or email

• Consultation responses

• Survey answers

• Feedback, submissions, or complaints

• Notes of meetings or conversations where relevant

​

Technical data

• IP address

• Browser type and device information

• Pages visited on our website (Collected via cookies or analytics where enabled.)

​

3. Special category data

We do not routinely collect special category (sensitive) data, such as information about health, ethnicity, religion, or political opinions.

​

If you choose to provide sensitive information voluntarily (for example in a consultation response), we will:

• Use it only for the stated purpose

• Restrict access

• Delete it when no longer required

​

4. How we collect data

We collect information when you:

• Contact us through the website or email

• Take part in consultations, surveys, or engagement events

• Submit issues for us to raise with public bodies

• Interact with our digital platforms or social media (where applicable)

​

5. Why we process your data

We use personal data only where necessary to:

• Respond to enquiries or correspondence

• Carry out consultations and engagement

• Represent community views to public bodies

• Share updates or information you’ve requested

• Maintain accurate records of our work

• Meet legal, governance, and accountability requirements

 

We do not use personal data for:

• Marketing

• Political campaigning

• Commercial purposes

​

6. Lawful bases for processing

Under UK GDPR, we process personal data using one or more of the following lawful bases:

• Consent – where you have clearly agreed

• Public task – where processing is necessary for our statutory role

• Legal obligation – where we are required to retain records

• Legitimate interests – where processing is reasonable and expected, and does not override your rights

​

7. Data retention (how long we keep information)

We only keep personal data for as long as necessary.

​

Typical retention periods include:

• General enquiries: up to 12 months

• Consultation responses: for the duration of the project plus a reasonable archive period

• Formal complaints or representations: retained in line with governance and audit requirements

• Financial or administrative records: retained as required by law

​

Data is securely deleted or anonymised when no longer needed.

​

8. Data storage and security

 

We take appropriate technical and organisational measures to protect personal data, including:

• Secure email accounts and passwords

• Restricted access to information

• Use of reputable hosting and storage services

• Limiting data access to authorised Community Council members

​

We regularly review how data is stored and accessed.

​

9. Sharing personal data

 

We do not sell, trade, or rent personal data.

​

We may share information only where necessary and proportionate, including:

• With Renfrewshire Council or public bodies to raise an issue on your behalf

• With service providers who support our website or digital tools

• Where required by law or regulation

​

We only share the minimum information necessary for the purpose.

​

10. Third-party services and links

 

Our website or communications may link to third-party websites or platforms (e.g. social media).

We are not responsible for the privacy practices of those services.

You should check their privacy policies separately.

​

11. Cookies and analytics

 

Our website may use cookies and analytics tools to understand how it is used and to improve accessibility and content.

​

This information is anonymised and does not identify individuals.

 

You can manage or disable cookies through your browser settings.

​

12. Your rights under data-protection law

 

You have the right to:

• Access your personal data

• Request correction of inaccurate data

• Request erasure of your data (where applicable)

• Restrict or object to processing

• Withdraw consent at any time

• Request data portability

 

Requests can be made using the contact details above.

​

13. Complaints

 

If you have concerns about how your data is handled, please contact us first.

You also have the right to complain to the Information Commissioner’s Office (ICO):
https://ico.org.uk

​

14. Data breaches

In the unlikely event of a data breach that poses a risk to individuals’ rights or freedoms, we will:

• Take immediate steps to contain the issue

• Notify affected individuals where required

• Report to the ICO in line with legal requirements

​

15. Changes to this policy

 

We may update this Privacy Policy to reflect legal changes or how the Community Council operates.

The most recent version will always be published on our website.

​

16. Contact

 

If you have questions about this policy or how your information is used, please get in touch.

We believe trust, transparency, and respect are essential to a strong community.