Page contents (skip menu), (show/hide menu)
- Why we collect information about you?
- What information do we collect about you?
- Who do we share the information with?
- Is any information transferred to or stored on servers based outside the EEA?
- How long do we keep your information?
- Who do we collect information from?
- What are the consequences if we don’t collect the data?
- Are any decision about you made by automatic means?
- Legal basis for processing?
Why we collect information about you?
We have access to personal information for the following purposes:
To provide assurance over the Council’s systems of governance, risk management and internal control.
To make provision for internal audit in accordance with the Public Sector Internal Audit Standards.
To perform consultancy and advisory services related to governance, risk management and control as appropriate.
To facilitate the delivery of audit training.
What information do we collect about you?
As a service we do not collect data from the public directly but have access to the systems used across the council and we will draw conclusions from this personal data. The types of data we have access to are:
Basic details about you such as name, address, telephone number, email address and date of birth
Income and expenditure
National insurance number
Criminal convictions and offences
Who do we share the information with?
We may share personal information about you with the following types of organisations:
Other departments or teams within the Council in order to provide our services.
Our appointed external auditors
External independent reviewer in order for them to perform an external review of the internal audit service against the Public Sector Internal Audit Standards
Counter Fraud Unit - to provide information to support fraud investigations
Department of Work and Pensions - to support performance of audits in connection with Housing Benefits and we also share information when requested as part of any ongoing complaint investigation.
Is any information transferred to or stored on servers based outside the European Economic Area?
We do not transfer any of your personal information outside the European Economic Area (EEA).
How long do we keep your information?
We only keep your information for as long as it is required by us or other regulatory bodies in order to comply with legal and regulatory requirements or for other operational reasons. Our retention schedule provides further details on the length of time we retain different types of documents.
Who do we collect information from?
We do not collect data directly from the public but have access to the systems used across the council and we will draw conclusions from this personal data.
What are the consequences if we do not collect the data?
If we did not have access to the information that we currently collect, then we would be unable to fulfil our required statutory functions (see legal basis for processing).
Are any decision about you made by automatic means?
Legal basis for processing?
Tewkesbury Borough Council has a statutory requirement to maintain an Internal Audit function. The ‘Accounts and Audit Regulations (2015)’ requires every local authority in England to maintain an effective internal audit service to evaluate the effectiveness of its risk management, control and governance processes taking into account the Public Sector Internal Auditing Standards and associated guidance.
The Council’s Head of Financial Services and Asset Management has a statutory duty under Section 151 of the ‘Local Government Act 1972’ to establish a clear framework for the proper administration of the authority’s financial affairs. To perform that duty the Section 151 Officer relies, amongst other things, upon the work of Internal Audit in reviewing the operation of systems of internal control and financial management.
Local Government Act 1972
Accounts and Audit (England) Regulations 2015
Local Government Finance Act 1992
Companies (Audit, Investigation and Community Enterprise) Act 2004
Charities Act 2011
Companies Act 2006
Public Sector Internal Audit Standards (2017)
Fraud Act 2006
Last updated: 25 June 2019 (AG)