Blue Badge Service privacy notice
Please read our general privacy notice as well as this notice.
What we do
The Customer and Business Delivery Service are responsible for administering the Blue Badge Scheme which includes assessing, issuing, monitoring and withdrawing of Blue Badges plus commissioning of services.
The purposes we use your personal information for
We collect and process your personal information to provide these services to you. This will include:
- processing applications, requests and appeals
- undertaking investigations and audits
- maintaining accounts and records
- undertaking regulatory activities
- planning and commissioning services
- management, assessment and enforcement of Blue Badges
- management of misuse or fraud enforcement history
- analysis of the use of the Blue Badge service.
The personal information we collect and use
We only obtain and use the information we need to provide our services to you. We also obtain and use special category information.
The law we use to process your personal information
The main legislation that provides us with the statutory basis to deliver our services is:
- The Disabled Persons (Badges for Motor Vehicles) (England) Regulations 2000
- The Disabled persons Parking Badges Act 2013
- The Equalities Act 2010
- Chronically Sick and Disabled Persons Act 1970
- Community Care Act 1990
- Care Act 2014
- Mental Health Act 1983
- Mental Capacity Act 2005.
The GDPR/DPA conditions we meet:
The conditions that we use to process your personal information are:
General Data Protection Regulation (GDPR) 2018:
Article 6 – Lawfulness of Processing:
- a) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
- b) processing is necessary for compliance with a legal obligation to which the controller is subject
- c) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Special category personal information.
We also use these additional conditions to process your special category personal information:
Article 9 – Special Categories of Personal Data
- a) processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3.
- Paragraph 3: Personal data referred to in paragraph 1 may be processed for the purposes referred to in point (h) of paragraph 2 when those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies.
Who we may share your information with
We use a range of organisations to either store personal information or to help deliver our services to you. Sometimes we have a legal duty to provide your personal information to other organisations, for example the court service or HMRC.
We may also share your personal information with organisations:
- Health Professionals
- General Practitioners
- District Nurses
- NHS Clinical Commissioning Groups
- NHS Community Trusts
- Independent agencies providing care and support
- South West Ambulance Service
- Dorset and Wiltshire Fire and Rescue Service
- Housing Associations
- National Blue Badge Issue Services
- Department for Work and Pensions
- Financial services for benefit advice and financial assessments
- Volunteer services (food bank)
- Advocacy services
- Mental health services
- Other BCP Council Departments
- Other Local Authorities
- Court of Protection
- Office of the Public Guardian
- Support and advice services
- Local Government Ombudsman.
In instances of complaint, we may share information with independent complaint investigators.
Your information will not be disclosed to any other organisations, except where we are required and allowed to by law.
How long we keep information about you
We will retain this information as stated in our Retention Schedule and in accordance with the Data Protection Act (DPA) 2018 and the General Data Protection Regulation (GDPR) 2018:
- Successful applications – once processed retain until the badge has expired plus 90 days
- Unsuccessful applications – retain for 90 days
- Organisational applications – once processed retain until the badge has expired plus 90 days
- On death of badge holder.