We keep this privacy notice under regular review and was last updated on 5th December 2023.
Dudley Council respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
Who we are
Dudley Metropolitan Borough Council (DMBC) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the United Kingdom General Data Protection Regulation (‘UK GDPR’) and the Data Protection Act 2018. We are responsible as ‘controller’ of that personal information.
DMBC is a member of Safe and Sound, Dudley’s Community Safety Partnership which provides the strategic leadership for addressing community safety matters across the borough. One of Safe and Sound’s responsibilities is to provide governance for Domestic Homicide Reviews (DHRs) as they are required in the borough. Officers within DMBC provide the management and administration of reviews.
Domestic Homicide Reviews are further explained on the GOV.UK website, and have included domestic abuse related suicides since 2016.
In the course of conducting a domestic homicide review we collect the following personal information about the deceased and others associated with them from statutory and voluntary bodies who have been directly involved in the case.
Personal information: • Name. • Relationship to deceased. • Contact details. • Minutes from meetings and interviews.
We also collect the following ‘special category data’ (personal data which is more sensitive and is treated with extra care and protection) from medical records, social care records and information from specialist providers (such as providers of domestic abuse services or provider of substance misuse services):
• Racial or ethnic origin. • Religious or philosophical beliefs. • Health. • Sexual orientation.
We also collect the following criminal offence data:
• Criminal record information supplied by crime prevention services such as the police or youth justice service.
We use your personal information to:
(a) establish what lessons can be learned from the domestic homicide/domestic abuse related death regarding the way in which local professionals and organisations work individually and together to safeguard victims
(b) identify clearly what those lessons are both within and between agencies, how and within what timescales they will be acted on, and what is expected to change as a result
c) apply these lessons to service responses including changes to inform national and local policies and procedures as appropriate
(d) prevent domestic abuse and homicide and improve service responses for all domestic violence and abuse victims and their children by developing a co-ordinated multi-agency approach to ensure that domestic abuse is identified and responded to effectively at the earliest opportunity
(e) contribute to a better understanding of the nature of domestic violence and abuse
(f) highlight good practice.
Information that we collect from you will be obtained via face-to-face discussions and interviews, through email and telephone communications, via review of medical and social care records and via discussions with professionals who have been involved with the victims and their families. Collection and sharing of this information is via Microsoft 365 tools such as Word, Outlook, Forms and Teams. MS Teams meetings may also be recorded to assist with accuracy.
We use your personal information to support the DHR process only and will remove from the published Overview Report any personal details such as:
This data is used locally and nationally to understand trends from demographic information relating to victims and perpetrators of domestic abuse. This pseudonymised data may be kept for statistical research/analysis across DHRs to enhance the ability to achieve the aims (a) to (e) stated above.
Where we are processing personal data about you as part of a Domestic Homicide Review, we rely upon the following lawful conditions:
• Article 6(1)(c) – processing that is necessary for DMBC to fulfil a statutory obligation, namely those placed upon DMBC by the Domestic Violence, Crime and Victims Act 2004
• Article 6(1)(e) – processing that is necessary for the purposes of delivering a public task carried out in the public interest
The legislation underpinning these legal obligations and tasks includes:
• Children Act 2004 (Section 10 – improve wellbeing of children, Section 11 – safeguard and promote the welfare of children).
We rely on the following lawful bases on which we collect and use your special categories of personal data:
• Article 9(2)(g) – processing is necessary for substantial public interest (for statutory purposes and for the purpose of safeguarding children and individuals at risk).
• Article 9(2)(j) – processing for research purposes.
We also rely on condition (4) - research, of Schedule 1 of the Data Protection Act (‘DPA’) 2018, where relying on Article 9(2) (j) to process your special category and criminal offence data.
We take the following appropriate safeguards in respect of your special category and/or criminal convictions data when relying on the conditions above:
• We maintain a record of our processing in our ‘Record of Processing Activities’ and record in it any reasons for deviating from the periods in our Retention Schedule.
We will hold your personal information for 6 years following the closure of the domestic homicide review and then we will securely destroy your information. An exception to this is the recordings of meetings which will be deleted once minutes have been finalised.
When the decision to initiate a DHR is taken an Independent Chair is appointed and a multi-agency Review Panel is convened. The review panel is made up of representatives from a range of organisations who are best placed to contribute to the review and take forward any recommendations that come out of the process. This includes members of safe and sound as well as external specialists where required. (Section 9 of the Domestic Violence, Crime and Victims Act (2004) lists the statutory agencies required to participate in DHRs.) We will securely share information relevant to the review with those organisations participating in the review process as described within the Statutory Guidance for the Conduct of Domestic Homicide Reviews. Collection and sharing of this information is via Microsoft 365 tools such as Word, Outlook, Forms and Teams. Review panel members are signatories to the Safe and Sound Information Sharing Agreement and a record of processing is kept for this sharing.
We are required by the Home Office to collect data as outlined in this data collection template.
We will share personal information with law enforcement or other authorities if required by applicable law or in connection with legal proceedings.
We will share personal information with our legal and professional advisers in the event of a dispute, complaint or claim. We rely on Article 9(2)(f) where the processing of special category data is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.
Your rights
Under the UK GDPR you have rights which you can exercise free of charge that allow you to:
• know what we are doing with your information and why we are doing it • ask to see what information we hold about you (subject access request) • ask us to correct any mistakes in the information we hold about you • object to direct marketing • make a complaint to the Information Commissioner's Office
Depending on our reason for using your information you may also be entitled to:
• object to how we are using your information • ask us to delete information we hold about you • have your information transferred electronically to yourself or to another organisation • object to decisions being made that significantly affect you • stop us using your information in certain ways
We will always seek to comply with your request however we may be required to hold or use your information to comply with legal duties. Please note, your request may delay or prevent us delivering a service to you.
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Who to contact
Please contact the Dudley Councils Corporate Information Governance Team at Information.Governance@dudley.gov.uk to exercise any of your rights, or if you have a complaint about why your information has been collected, how it has been used or how long we have kept it for.
You can contact our Data Protection Officer at Information.Governance@dudley.gov.uk, or write to: Data Protection and Information Governance Manager, Corporate Information Governance, Finance & Legal, Dudley Council, Priory Road, Dudley, DY1 1HF. Or call Dudley Council Plus on 0300 555 2345 and ask to speak to the Data Protection Officer.
UK GDPR also gives you the right to lodge a complaint with the Information Commissioner, who may be contacted via the Information Commissioner's website.