How we use your information
If you make a Freedom of Information (FOI) or an Environmental Information (EIR) request, we’ll keep all information about your request in an electronic case file. We don’t use your personal data for any other purpose than to correspond with you about your request.
If you request a review of your response, your personal data may be shared with our Committee Services Team for the purpose of processing the review and responding to you.
We publish responses to FOI and EIR requests on our Disclosure Log, but we remove all your personal information from responses before we publish them.
How long we keep your information for
Where a request has not been appealed to the Scottish Information Commissioner for a decision, we keep our FOI and EIR Case Files for the current year, plus three years, from the date that your enquiry was closed. Where a request has been appealed to the Scottish Information Commissioner for a decision, we keep the case files for the current year, plus six years. We also keep a register of all FOI and EIR request we receive for a longer period of time, so we can understand what the trends are in the numbers and types of request we get, but this is kept in anonymised form (your data isn’t kept).
You have rights in relation to your data, including the right to ask for a copy of it. See the Your data page more information about all the rights you have, as well as the contact details for the Council’s Data Protection Officer. You also have the right to make a complaint to the Information Commissioner's Office if you think we haven’t handled your data properly.
Our legal basis
Aberdeen City Council is the Data Controller for your data we hold as part of receiving and responding to your FOI or EIR request. The Council has a statutory duty under the Freedom of Information (Scotland) Act 2002 and the Environmental Information (Scotland) Regulations 2004 to respond to requests for information. This means that we understand our legal basis for processing your data as Article 6(1)(c) of the General Data Protection Regulation. Responding to FOI and EIR requests is something we have to do by law, and we can’t do it without processing your data.