What we do with your data

How long do we keep your data? 

There’s often a legal reason for keeping your personal information for a set period of time. We have tried to list how long each council service is allowed to keep it for in our retention schedule below.

• View the council's retention and disposal schedule

  Download this document: View the council's retention and disposal schedule (PDF: 1.3 MB)

  This file may not be suitable for users of assistive technology. Request an accessible format.

Who do we share your data with?

We legitimately share information with different government organisations, charities, and companies if they are using it to perform public functions, or they are fulfilling a legislated obligation.

We use a range of organisations to either store personal information or help deliver our services to you. Where we have these arrangements there is always an agreement in place to make sure that the organisation complies with data protection law.

Our legal duties and obligations

Sometimes we have a legal duty to provide personal information to other organisations. This is often because we need to give that data to courts, including if:

• We take a child into care and the court orders that we provide the information.
• Someone is taken into care under mental health law.

We may also share your personal information for the following reasons:

• In order to find and stop crime and fraud.
• If there are serious risks to the public, our staff or to other professionals.
• To protect a child.
• To protect adults who are thought to be at risk, for example if they are frail, confused or cannot understand what is happening to them.

For all of these reasons the risk must be serious before we can override your right to privacy. We will make sure that we record what information we share and our reasons for doing so.

How we protect your data

We’ll do what we can to make sure we hold records about you - on paper and electronically - in a secure way, and we’ll only make them available to those people who have a right to see them.

Examples of our security measures include:

• We make every effort to keep all the personal data we hold secure, whether held electronically or as paper copies. We also ensure that only members of staff with a legitimate reason to access your information have permission to do so
• All employees are provided with relevant training in the correct use of information processing facilities and security procedures, including monitoring for and responding to data security incidents and weaknesses.
• IT facilities and support infrastructures are physically protected from unauthorised access, theft, damage and interference.

Where is your data stored?

The majority of personal information is stored on systems in the UK. But there are some occasions where your information may leave the UK, either in order to get to another organisation or if it’s stored in a system outside the EU. We’ll take all practical steps to make sure your personal information is not sent to a country that is not seen as safe either by the UK or EU Governments.

Each council service area may also collect, share and store your information in a unique way in order to best deliver a service to you. 

• View our service level privacy notices.

Privacy and security on this website

This website - liverpool.gov.uk - has been developed to ensure your visits to it are as secure as possible. 

To make our online services easy to use and reliable, we sometimes need to place small amounts of information on your device, including small files known as cookies. These cannot be used to identify you personally.

We also use secure-server software which encrypts all personal information, including your credit or debit card number, name and address. This software converts the characters you type into bits of code which are then securely transmitted via the internet.

• Find out more about how we use and secure your data when you visit this website.

National Fraud Initiative

We participate in the Cabinet Office's National Fraud Initiative (NFI) which is an exercise that matches electronic data within and between public and private sector bodies to prevent and detect fraud.  We are required by law to provide particular sets of data, including personal data, to the Minister for the Cabinet Office for matching.

The use of data for the NFI exercise is carried out with statutory authority under part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under Data Protection legislation and General Data Protection Regulations 2018.

Data matching by the Cabinet Office is subject to a Code of Practice.

You can view information on what data we share and the Cabinet Office's legal powers and the reasons why it matches particular information.