Internal Audit: privacy | Hart District Council

Service area covered by this privacy notice

Internal Audit

Purpose of the processing

The Council processes personal information for the following purposes:

to provide assurance over the Council’s systems of governance, risk management and internal control
to make provision for internal audit in accordance with the Public Sector Internal Audit Standards
to perform consultancy and advisory services related to governance, risk management and internal control as appropriate
to safeguard resources and assets, including data
to advise on commissioning and procurement
investigating errors and allegations of fraud and corruption

Lawful basis for processing personal data

legal obligation
public task

Categories of personal data being processed

name
address
date of birth
telephone number
occupancy status
occupancy dates
employment details
pension details
unique taxpayer reference
income and expenditure details
NI number
e-mail address
name of dependents
photo ID
financial Information, including bank details
Disclosure and Barring Service information
benefit information
grant information
revenues information
supplier details
customer details
payroll information

Special categories of personal data being processed (if appropriate)

nationality
health data
ethnic origin
religion
trade union membership
sexual orientation

Conditions for processing special categories of personal data

substantial public interest

Who the data might be shared with

relevant staff
external audit (Ernst & Young)
Ombudsman
the Cabinet Office's National Fraud Initiative
Department for Work and Pensions
other local authorities
Five Councils Partnership Central Client
other external audit providers
NHS (Test and Trace)
Southern Internal Audit Partnership