Customer Contact Centre Privacy Notice

Skip to:

We use personal information to deliver our customer (telephony and chat) Contact Centre service and to enable us to continue to make improvements to the customer experience within this service.

Personal information we collect on every call

  • Incoming telephone number (where not withheld) – the caller’s number
  • Other personal information is collected, as provided by the caller and needed to enable us to deal with the enquiry.  This may include:
    • Name
    • Address & contact details
    • Criminal/Prosecution Information 
    • DOB
    • Education Information 
    • Employment information
    • Equalities Information
    • Family/Relationship Information
    • Financial information
    • Health/Medical Information  
    • Housing Information  
    • Information from the Local Authority from where you live and previously lived
    • NHS Number
    • Other Agencies Involved 
    • Property information
    • Referral/Assessment Information
    • Social Services Records 
    • Support Network

Our lawful bases for processing this information is as follows:

  • Article 6 1(e) Public Task. The customer contact centre carries out a number of tasks across a wide range of services (see below* for full list) in the public interest or in the exercise of official authority vested in us.
  • Article 6 1(a) consent, where we are sending SMS messages to people who call us using a mobile phone to signpost them to information or services. This is only done where the user requests this.
  • Substantial public interest under the laws that apply to us where this helps us meet our broader social obligations such as where it is necessary for us to fulfil legal obligations and regulatory requirements. This applies where:
    • information provided contains special category data (e.g. health, religion, or ethnicity), or,
    • information provided contains criminal convictions and offences (including alleged offences).

All data processed by the Contact Centre in relation to our wider services is processed in accordance with the relevant legislation for those services and in accordance with individual privacy notices for these services.

The full list of services covered

  • Assisted Travel
  • Children's and Family Services (including activities for children / young people, parenting courses, early years childcare support). The most sensitive calls on safeguarding are passed to the council’s MASH (Multi-Agency Safeguarding Hub) service.
  • Council Tax Recovery
  • Covid Support
  • Elections
  • Libraries
  • Member's Enquiries
  • My Account Support
  • Parking
  • Re (inc. Building Control, Planning, Highways, Environmental Health & Pest Control and Licensing)
  • Registrars
  • Revenues and Benefits (Council Tax & Housing Benefits)
  • Schools (including admissions, school meals, and school transport). Some calls are passed to specialised back-office teams such as special educational needs.
  • Street Scene
  • Switchboard (Covering the entire council)

Incoming and outgoing calls are recorded to:

  • assess customer satisfaction
  • train and develop staff
  • review call quality
  • keep a verbal record of what is said in the event of a subsequent complaint
  • protect our employees so that threatening behaviour is evidenced and acted upon where necessary.

Live calls may also be monitored by a manager to monitor staff performance, support training needs and assist with escalated calls. When you make a payment over the telephone the recording function is turned off, and therefore no payment information is recorded to comply with Payment Card Industry Security Standards (PCI DSS).

Who we share the information with

Information maybe shared with the following, where it is legally permitted.

  • Council legal service
  • Council services:
    • Services for whom contact centre operates (see full list above*) as well as
    • Barnet Homes and Boost
    • Insight & Intelligence
    • Assurance Services, inc. Elections, Governance, Members Enquiries, Information Management
  • DWP 
  • Government departments
  • HMRC
  • Housing providers
  • Legal representatives 
  • Other local authorities
  • Person acting on behalf of the customer
  • Police 
  • Probation/Prison Services
  • UK Border Agency
  • Voluntary Agencies/Third Sector

In some cases, a person will be acting on behalf of the customer. E.g. a relative with power of attorney or a support worker. Prior to sharing information or discussing the customer’s case or details, confirmation would be sought that the customer had provided authority for us to discuss their details with the third party or that appropriate authority was held, e.g. power of attorney.

Where information is shared with the Police or other external agencies, this would only be in response to a formal request. This is assessed on a case-by-case basis and a lawful basis for sharing would have to be established.

Legislation that applies

  • Data Protection Act 2018 (DPA) including the UK GDPR
  • Privacy & Electronic Communications (EC Directive) Regulations 2003 (PECR)
  • Equalities Act 2010

Additional legislation will apply as relevant to the specific council service, such as Revenues and Benefits. See the privacy policies for these services for full details.

How long we keep your information

  • Contact records are held for 24 months in accordance with Amazon’s regulatory responsibilities as a telephone services provider.
  • Call recordings and advisor-supported chat transcripts are held for 6 months. Recordings and transcripts older than 6 months are deleted by an automated process.
  • A separate process applies to calls or advisor-supported chats which are subject to investigation as part of a Stage One complaint. These will be downloaded from AWS Connect server and held for 18 months from the date the Stage One complaint was received, as agreed with the Barnet Complaints Monitor. For further information and complaints which subsequently proceed to Stage Two, and then LGO investigation, see the council’s Corporate Complaints privacy notice.

Contractors

Amazon Web Services

Amazon Web Services (AWS) collects a small amount of data from each call and is the controller of that data. The data is:

  • the incoming caller’s telephone number, known as the Automatic Number Identification (ANI)
  • the number dialled when making an outbound call or transfer, known as the Dialled Number Identification Service (DNIS)

AWS’ lawful basis for processing this data under GDPR Article 6 is AWS’ legitimate interests necessary for AWS’ legal obligations as a regulated telecommunications provider.

Amazon explains this:

“In processing this [data], AWS is acting similarly to any other provider of communication services engaged in public switched telephone network services or messaging services. In simple terms, processing by AWS is analogous to processing by a telephone services provider in the UK when it provides for the capability to connect telephone calls or deliver messages across other providers’ networks, and to the extent that AWS is engaging in a regulated telecommunications activity in the UK, it is subject to the same regulatory requirements as any other provider of services similar to AWS’s services, collecting and retaining contact metadata as part of an industry-standard approach to providing network switching and maintaining contact infrastructure.”

AWS’ commitments as a data controller are contained primarily within the AWS Privacy Notice.