Privacy Notice Liverpool City Region Local Business Support Grant February 2021

Who is the Data Controller for the information I provide?

Liverpool City Council (LCC).

Why we collect your data

We collect this information so that we can:

  • assess your application for eligibility for financial support
  • confirm account validity
  • confirm your identity
  • make payments of the awards
  • send reports to government departments
  • detect and prevent fraud and error
  • make sure public money is correctly used

What is the legal basis for collecting and processing this data?

LCC will be processing personal data to administer and award discretionary grant according to the following lawful basis:

  • Article 6 (1) (e) GDPR: ‘processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.’
  • Article 9 (2) (b) GDPR provides LCC with the lawful basis for processing: ‘special category (sensitive) data: ‘processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law in so far as it is authorised by Union or Member State law or a collective agreement pursuant to the Member State law providing for appropriate safeguards for the fundamental rights and the interests of the data subject.’
  • Article 9 (2) (g) GDPR: 'processing is necessary for reasons of substantial public interest, on the basis of Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide suitable and specific measures to safeguard the fundamental rights and the interests of the data subject'.

Information we may collect

The categories of information being processed include:

  • business name and contact details
  • name and contact details of business owner
  • business financial information – such as banking details, accounts and payment detail
  • business personnel records
  • evidence to demonstrate a substantial loss in income as a result of the pandemic
  • evidence of complying with the definition of an SME
  • evidence of State Aid compliance
  • other relevant information needed to process your application, such as evidence of property costs

Do I have to provide this information and what will happen if I don’t?

If you are not able to provide some or all of the information we may not be able to assess your application for discretionary grant.

Who is your data shared with?

  • government departments, Liverpool City Region Combined Authority and other public bodies such as HMRC, Department for Work and Pensions, Home Office, Department for Business, Energy & Industrial Strategy, Ministry for Housing, Communities and Local Government
  • other Liverpool City Council teams so they can carry out their statutory roles and support our service such as social services, housing, environmental services, complaints, legal services and business rates teams
  • all organisations we pass your information to will have an information-sharing agreement with us to ensure they meet the standards of the GDPR and the Data Protection Act 2018, and will be covered by a legal basis allowing them to collect, use and share your personal information

How will my information be stored?

Data is stored in a range of different places, including in the LCC IT systems, including email system.

The LCC takes the security of your data seriously. We have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed and is not accessed except by its employees in the performance of their duties.

How long will you keep this information for?

Personal data will not be retained for longer than necessary in relation to the purposes for which they were collected. There is usually a legal reason for keeping your personal information for a set period of time – this ranges from months for some records to years for more sensitive records.
We securely destroy all information once we have used it and no longer need it.

What rights do I have when it comes to my data?

 You have a number of rights that are set out on the How to access your data page of this section.

Where can I get advice?

View our Help and advice page for more information.

National Fraud Initiative

We participate in the Cabinet Office's National Fraud Initiative (NFI) which is an exercise that matches electronic data within and between public and private sector bodies to prevent and detect fraud.  We are required by law to provide particular sets of data, including personal data, to the Minister for the Cabinet Office for matching.

The use of data for the NFI exercise is carried out with statutory authority under part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under Data Protection legislation and General Data Protection Regulations 2018.

Data matching by the Cabinet Office is subject to a Code of Practice.

You can view information on what data we share and the Cabinet Office's legal powers and the reasons why it matches particular information.