When we use your personal data, Leeds City Council is the data controller.
As the data controller, we must:
- only keep the data that we need to provide services and do what the law says we must
- keep your records safe and accurate
- only keep your data as long as we have to
- collect, store and use your data in a way that does not break any data protection laws
Things you can do to help us:
- tell us when any of your details change; and
- tell us if any of the information we hold on you is wrong
What is personal data?
Personal data is information about a living person that means we can work out who they are such as name, address, telephone number, date of birth, bank details etc. This can include written letters, emails, photographs, audio recordings and video recordings.
Some data is called 'special category data', which is more sensitive and we have to look after it more carefully. This includes details of ethnic origin, religious beliefs, sexual orientation, trade union membership, health data, biometric (e.g. fingerprints, facial recognition) and genetic (e.g. DNA) data.
Why we collect and store personal data
For some of our services, we need to use your personal data so we can get in touch, or provide the service. We can use your personal data under many different laws. The main ones for the Council are the Local Government Acts and the Localism Act 2011, but there are hundreds more. More information on Statutory duties of local authorities can be found on
Some of these laws may have been updated since then, and new ones added. You can see more details for each service in our Service privacy notices section.
In many cases there is a law that says either that we must or we can process your data, and we can do so without your consent or permission.
For some services we process your data under a contract e.g. your leisure centre membership or concert ticket sales.
Where we do not directly provide the service, we may need to pass your personal data onto the organisations that do. These providers are under contract and have to keep your details safe and secure, using them only to provide the service. You can find our list of contracts that shows the companies we deal with on
YORtender – the procurement portal for Yorkshire and & Humber, and on our
Leeds City Council publication scheme page.
Using your personal data
We will use your data to:
- provide council services and anything we must do by law
- carry out our regulatory, licensing and enforcement roles which we have to do by law
- make payments, grants and benefits and spot fraud
- listen to your ideas about council services
- tell you about council services
- analyse statistical data so we can plan how we provide services
- create anonymised data to help improve services and to be published to the
Data Mill North and/or
Leeds Observatory under an Open Government Licence
- create anonymised health related data to improve the health of the population we serve
Any anonymised data will not contain any personal information which means that individuals cannot be identified.
Transferring data abroad
Your data may be transferred outside of the UK, for example, if we use a cloud service that has host servers located in another country. If your data is transferred outside of the European Union, it is done so under contract, which states how those companies must keep your data safe.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on 25 May 2018.