Privacy Policy

What this policy covers

We, Dacorum Borough Council (the ‘Controller’), on behalf of our SW Herts partner authorities – Hertsmere Borough Council, St Albans City and District Council, Three Rivers District Council, Watford Borough Council and Hertfordshire County Council – take our privacy obligations seriously.  We have created this privacy policy to explain how we process your Personal Information collected on this website. ‘Personal Information’ means any information relating to an identified or identifiable natural (living) person (‘data subject’).

Our collection, use and disclosure of your personal information is regulated by the United Kingdom’s General Data Protection Regulation (‘GDPR’) and the Data Protection Act 2018.

The software platform this website runs on and associated technology operations are provided by Bang the Table Pty Ltd. Click this link for the Privacy Policy governing their service.(External link)

What personal information we collect:

Profile Information

We collect information from you when you register to use this site. This includes:

  • Login name and password (required).
  • Postcode (required).
  • Email (required).
  • Additional demographic information as provided by you on the registration form (optional).

Please note that you are able to browse any publicly accessible sections of this website completely anonymously without signing up.

Special Categories of Data

If you are providing us with optional special category personal information (such as details about your health), we will be processing this under Article. 9(2) and Article 10:  

  • Equalities Information including gender, age, disability and ethnic monitoring

Processing of Special Category Data is carried out specifically under the following:

Article 9(2) (a) – the data subject has given explicit consent to the processing of those personal data for one or more specified purposes, except where Union or Member State law provide that the prohibition referred to in paragraph 1 may not be lifted by the data subject.

Engagement Information

The content you create as part of your interactions with this website. These can include responses to surveys, comments on discussion forums, or any of the other engagement opportunities available here.

Usage Information

We collect information about your usage of the site.  We do have a specific Cookie Policy where you can manage the use of cookies on your browser. The link to the Cookie Policy is here:

How we use the information we collect

Information usage

We collect this information in order to:

  • Analyse and interpret it to help meet our objectives and obligations;
  • Communicate information to you about engagement opportunities (both statutory and non statutory);
  • Conduct surveys and gather evidence to inform policy and outcomes;
  • Inform preparation of the Joint Strategic Plan and any associated supplementary guidance; and
  • Help inform the districts and borough councils with SW Herts to prepare their related Local Plans and associated supplementary guidance.

Who we share your information with

The South West Herts Joint Strategic Plan will share information with;

  • Partner authorities;
  • Other local authorities;
  • Planning Inspectorate; and
  • Service providers (e.g. NHS) – anonymously
  • Elected Members and MP’s (as your representative)
  • Herts LEP, Herts County Council
  • Herts Growth Board

How long will we keep this information?

To determine how long we should keep information, we consider what the legislation states and what is good practice. This means we will securely destroy the information once we no longer need it.  This would normally be up to 2 years after adoption of the Joint Strategic Plan.  If you would like to know the specific period of time that relates to your personal information, please contact

Security and Location of Data

We will ensure that all personal information is kept securely on servers hosted in the United Kingdom.

Access to all our user information is restricted. Only employees who need the information to perform a specific job are granted access to personally identifiable information.

External links

Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible or liable for the privacy practices of linked websites and we suggest you review the privacy policies of those websites before using them.


While no online service is completely secure, we strive to ensure we protect your Personal Information against unauthorised access, use, alteration, or destruction, and take all reasonable measures to do so.

Measures include:

  • Maintenance of ISO 27001 compliance since 2018 – a global standard for information security management.
  • Applications are continually monitored and tested for security weaknesses, using both automated and manual processes.
  • Operating systems and database are continually monitored and patched with the latest security fixes.
  • Independent Vulnerability Assessment and Penetration Testing (VAPT) carried out once a quarter.
  • Network secured through Amazon Web Services (AWS), which provides significant protection against security attacks.

Your rights

Subject to applicable local laws and regulations, you may have some or all of the following rights with respect to your personal data:

  • to access your personal data (submit a ‘Subject Access Request’);
  • to rectify any inaccuracies within that personal data;
  • to request for the erasure of your personal data residing with us;
  • to request your personal data in portable, machine-readable format; and
  • to withdraw your consent to our processing of their personal data.

If you wish to contact us to with a request relating to personal information we hold about you, please contact us at  including your name and contact details. We may need to verify your identity before providing you with your personal information.

In some cases, we may be unable to provide you with access to all your personal information and where this occurs, we will explain why. We will deal with all requests for access to personal information within a calendar month.

Management of policy

Notification of changes

From time to time, it will be necessary to update this Privacy Policy. This is in order to ensure our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

If at any point, we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy in force at the time the information was collected.

Data Protection Officer

Our Data Protection Officer for the purposes of Articles 37 to 39 of the General Data Protection Regulation is the Information Security Team Leader (Legal Governance).  You can contact them via

Policy Version

Version 1 - This Policy was last updated on 1st August 2022

Contact Us

For further information about our privacy policy and related information practices, or to access or correct your personal information, or make a complaint, please contact us on