Cambridgeshire Fire and Rescue Service (CFRS) collects and uses your data in order to carry out our public duties, this privacy notice is designed to give you a clear explanation of our data processing policies. Please note that we periodically review this notice and it may be amended in future to reflect any changes in our services, the law or our organisation.
As a Data Controller we have a legal requirement to make sure you know what we intend to do with your information and who it will be shared with. Any personal information you provide will be processed in accordance with the Data Protection Act (DPA) (2018). All employees or volunteers who have access to your personal data or are associated with the handling of that data are trained and obliged to keep your data confidential and CFRS has appropriate procedures in place for the unlikely event of your information being misused
We need to collect and hold information about you, in order to:
To process your data, we need to ensure we meet at least one of the six lawful reasons as required by the DPA (2018). As a Public Authority; our reasons will typically be because we must process your data to meet a legal obligation to do so or that we can carry out one of our designated public tasks as a fire service. Detailed information on which lawful reasons apply for each of our services can be found via the below links:
When necessary, your personal data will also be provided to companies who carry out some services or functions on behalf of CFRS (“data processors”), to other public bodies - such as the Police, Councils and NHS – and sometimes to non-statutory organisations. In these cases we will inform you which of the information we intend to share and which organisations it will be shared with. Any organisation we do share your information with will also be obliged to protect it in line with the DPA (2018).
We may also share information with the police, intelligence services and other agencies where required to by law for the investigation of fraud under the National Fraud Initative.
This is explained more fully in the specific service pages above.
To find out more about the data collection requirements placed on us by the Home Office (for example; regarding incidents and prevention work) go to: https://www.gov.uk/government/collections/fire-statistics
Our aim is not to be intrusive, and we will only ask you for the information that is necessary for us to complete the task for which it is collected. The information you provide will be subject to rigorous and regularly reviewed procedures to make sure it can’t be seen, accessed or disclosed to anyone who shouldn’t see it and that the systems it is held in are secure.
The information you provide can be held in a variety of systems and formats. This can include but is not limited to information held in Cambridgeshire Fire and Rescue Service data management systems, written correspondence, emails, photographs, audio recordings and video recordings, including CCTV.
We will not keep your information longer than it is needed or where the law states how long this should be kept and we will dispose of paper records or delete any electronic personal information securely.
Under the DPA (2018) you have several statutory rights relating to your own personal data:
For more information on your rights under the GDPR see https://ico.org.uk/for-the-public/
We are required by law to have a designated Data Protection Officer (DPO). If you wish to exercise any of the rights described above, have a query on how personal data is handled within our organisation or just want further information and advice you can contact our DPO using the following contact details:
In the first instance you can make a complaint to us. Please see the Contact Us section on our website here. http://www.cambsfire.gov.uk/contact-us-394.aspx
You can complain to or seek advice from the Information Commissioner’s Office (ICO) (www.ico.org.uk) at
Tel: 0303 123 1113