PN159 - Meeting Transcription Privacy Notice

Torfaen County Borough Council is committed to protecting your privacy when you use our services. This Privacy Notice is designed to give you information about the data we hold about you, how we use it, your rights in relation to it and the safeguards in place to protect it.

TCBC Service Area: All
Work area: All
Contact Details: Kevin Davies - kevin.davies@torfaen.gov.uk
Privacy Notice Name: Meeting Transcription

Data Controller: Torfaen County Borough Council, c/o Civic Centre, Pontypool, NP4 6YB

If you wish to raise a concern about the handling of your personal data, please contact the Data Protection Officer on 01495 762200 or email dpa@torfaen.gov.uk

This Privacy Notice explains the information we collect when carrying out recording of in person, remote or hybrid Microsoft Teams meetings to enable the production of meeting records from a transcription. For further information about how the Council will process the data collected in meetings, please see the Service Area Specific Privacy Notices

Who provides your data to the Council?

The personal information we process is provided to us directly by you and is used to identify you as a speaker in meetings you have attended, ensuring that your contribution is recorded correctly.

AND/OR

We receive personal information indirectly from meeting participants if the subject matter is related to you

How does the Council collect this information?

  • By using Transcription technology available in Microsoft Teams
  • From verbal interactions between meeting participants

What information does the Council collect about you?

The transcription collects:

  • Your personal “voice print”
  • Your name and/or username
  • Your email address
  • Your participation in the meeting

Why does the Council process your personal data?

Under Article 6 of the UK General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

(c) We have a legal obligation

(e) We need it to perform a public task

Special categories of personal data

Depending on the nature of the meeting, we may collect the following special category data:

  • personal data revealing racial or ethnic origin
  • personal data revealing political opinions
  • personal data revealing religious or philosophical beliefs
  • personal data revealing trade union membership
  • biometric data (voice print)
  • data concerning health
  • data concerning a person’s sex life
  • data concerning a person’s sexual orientation

We collect this under Article 9 of the UK GDPR.

AND

Where we collect criminal data this is processed within the Council under Article 10 of the UK GDPR.

Who has access to your data?

Your data is shared internally only with the appropriate staff where it is necessary for the performance of their roles.

Your data may also be shared externally with participating organisations who receive copies of the output (minutes, notes or action points) for information or action purposes. The meeting chair/organiser will inform participants who the information is likely to be shared with. These may include, but not be limited to:

  • Partner Agencies such as, but not limited to, Police and Health Service
  • Third parties working under contract to the Council

Please note, the full transcription will only be available to key Council personnel for the duration of the processing for the required output.

Apart from where previously stated, we do not pass your details to third parties unless we are lawfully required do so.

Is the Data transferred out of the UK?

No

How does the Council keep your data secure?

The Council has internal policies in place to ensure the data it processes is not lost, accidentally destroyed, misused or disclosed. Access to this data is restricted in accordance with the Council’s internal policies and in compliance with the UK GDPR.

Data will be stored securely in:

  • The Council’s Microsoft 365 tenant
  • Outputs may be stored in other secure network areas as per the service area’s own privacy notice

Where the Council engages third parties to process personal data on its behalf, they do so on the basis of written instructions. These third parties are also under a duty of confidentiality and are obliged to implement appropriate measures to ensure the security of data.

How long does the Council keep your data?

The Council will hold your personal data only for the period that is necessary and will follow organisational and Local Authority standards in this area. At the end of the retention period the Council will securely destroy or dispose of the data in line with retention schedules.

  • Transcription data is retained until the required output (minutes, notes or action points) is completed and agreed.  It is then deleted.
  • “Voice prints” used for attributing speakers within transcriptions are securely deleted:
    • For staff, if they have not used the function for 12 months
    • For non-staff, after the transcription has been produced
    • For all, if requested as part of their Right to Delete

Are we making automated decisions/profiling with your data?

No

Your rights

You have a number of Rights you can exercise:

  • Access - to obtain a copy of your data on request
  • Rectification – to require the Council to change incorrect or incomplete data
  • Object, Restrict or Delete - under certain circumstances you can require the Council to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing
  • Data portability – to receive and/or transmit data provided to the Council to other organisations (this applies in limited circumstances)
  • Withdraw your consent at any time (where consent has been given)
  • To know the consequences of failing to provide data to the Council
  • To know the existence of any Automated Decision-making, including profiling, and the consequences of this for you.
  • To lodge a complaint with a supervisory authority (Information Commissioners Office)

If you would like to exercise any of these rights, please contact: (Kevin Davies, kevin.davies@torfaen.gov.uk – ICT Client Management Officer)

The Information Commissioner can be contacted at: The Information Commissioner’s Office (Wales), 2nd Floor, Churchill House, Churchill Way, Cardiff, CF10 2HH. Telephone 0330 414 6421 or e-mail  Wales@ico.org.uk.

Last Modified: 23/09/2024 Back to top