This notice explains how we use your personal and business data when you apply for funding through the Portishead Economic Development Fund.
Use of Cognito Forms
We use Cognito Forms to manage and distribute the application form. Cognito Forms hosts the form on its platform and is prohibited from sharing your personal data with third parties. It only processes data in accordance with our instructions and UK data protection regulations.
For more details, see the Privacy Policy - Cognito Forms.
For general information on how North Somerset Council handles personal data, visit: Privacy and cookies | North Somerset Council
About the Application Form
North Somerset Council is committed to protecting your privacy. The information you provide in this application form will be used solely for the purpose of administering, assessing, monitoring, and evaluating applications to the Portishead Economic Development Fund.
Your data will be processed in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It may be shared with members of the Delivery Board, which includes North Somerset Council, Portishead Town Council, and Together Portishead, for the purpose of assessing your application and overseeing the fund.
We will not use your personal or business information for any other purpose without your consent. If your application is successful, project details may be published as part of the Council’s communications and marketing activity.
What Information We Collect
We collect personal and business information, including:
- Contact details (name, email, phone)
- Business registration and legal status
- Financial data (turnover, match funding, VAT status)
- Employment numbers
- Project budgets, quotes, and supplier details
- Subsidy declarations
- Permissions and consents
- Monitoring and evaluation data
This information is necessary to assess eligibility, ensure value for money, comply with subsidy control regulations, and monitor project outcomes.
How We Use and Process Your Data
North Somerset Council is registered with the Information Commissioner’s Office for the purposes of processing personal data. For full details of how we use personal data, please see the Privacy section on our website (Privacy notices and data protection | North Somerset Council).
The information you provide will be held and used in accordance with UK data protection law. Once the grant administration process is complete, non-essential personal data will be removed from application files. However, we may retain relevant personal and business information for up to 7 years to meet audit, monitoring, and funding requirements. After this period, it will be securely deleted or anonymised.
Legal Basis for Processing
The processing of your data is lawful under:
- Article 6(1)(e) of the UK GDPR: The processing is necessary to perform a task in the public interest for our official functions; or the task or function has a clear basis in the law. This application supports the delivery of public services, including to understand your needs, to provide the services that you request, to understand what we can do for you and inform you of other relevant services.
- The lawful basis that applies to this processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; data being processed belongs to business contacts processed during the routine course of business of a government department.
- Article 6(1)(c): necessary to comply with legal obligations related to public funding, audit, and subsidy control. “Processing is necessary for compliance with a legal obligation to which the controller is subject.”
We may also collect geographical data (e.g. postcode) to complete due diligence and ensure eligibility.
Data Security and Sharing
Your data is stored securely and only accessed by authorised personnel. It is not shared or processed outside the UK. We do not use your data for automated decision-making or profiling, except where you have opted into specific communications or where anonymised free-text responses are analysed using encrypted AI tools.
We may lawfully disclose information to public sector agencies to prevent or detect fraud or other crime, or to support national fraud initiatives under the Local Audit and Accountability Act 2014. Under the Digital Economy Act 2017, we may share personal data with other public authorities to improve public service delivery or for statistical research. We do not share your information with other organisations for commercial purposes.
Retention of Data
We may retain your data for up to seven years to meet audit and funding requirements. After this period, it will be securely deleted or anonymised.
Your Rights
You have the right to:
- Access your data
- Request correction or deletion
- Object to or restrict processing