Last updated: 7 July 2026

Who we are

We provide a range of government services to local people and businesses and needs to collect, use and process personal data to deliver these services.

We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the United Kingdom General Data Protection Regulation (‘UK GDPR’) and the Data Protection Act 2018. We are responsible as ‘controller’ of that personal information. Our Data Protection Officer is Benjamin Watts.

We use TikTok as a corporate communications and engagement channel to:

  • share public information about council services and activities
  • help promote consultations, campaigns, and events
  • signpost residents to official Kent County Council services and information.
  • increase accessibility of council communications, particularly to people less likely to engage through traditional channels

TikTok is not used for service delivery, case management, complaints handling, or decision‑making.

Personal information we collect and use

When you interact with us on TikTok, we may process the following categories of personal data:

a) Data you choose to make public, such as:

  • your TikTok username
  • your profile image
  • comments or replies you post on our content
  • any personal data you include voluntarily in public comments (though we will never ask you to provide such information and it should be avoided).

b) Interaction and engagement data, including:

  • likes, shares, views or other interactions with our content
  • messages sent through TikTok’s messaging functions (if enabled).

c) Analytics data (aggregated)

TikTok provides us with aggregated statistics, such as:

  • video views and watch time
  • general audience demographics (for example, age ranges, broad geographic regions)
  • engagement trends.

This analytics data does not allow us to identify individual users.

d) Our staff appearing in content

Where our staff appear in videos:

  • participation is voluntary
  • processing is limited to professional context content
  • no additional personal data is collected beyond what is visible in the video

We do not intentionally process special category data through TikTok.

How we use your personal information

We use personal data, obtained through our use of TikTok, only to:

  • publish and manage public‑facing communications
  • improve the clarity and accessibility of future communications
  • monitor themes, sentiment, and information gaps
  • respond to general, non‑personal queries or comments, as required.

We do not use TikTok data to:

  • handle individual service requests or complaints
  • verify identity or eligibility
  • profile individuals
  • link TikTok users or data with the council’s internal systems.

How long your personal data will be kept

We do not download or store TikTok user data in its own systems.

Personal data remains:

  • visible on TikTok for as long as you choose to keep it public
  • subject to TikTok’s own retention and deletion policies.

Reasons we can collect and use your personal information

Under UK GDPR, we rely on the following legal bases for processing:

  • Article 6(1)(e) – processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

This applies to public communications and engagement activities undertaken by a local authority.

  • Article 9(2)(e) - processing of special category data that has been manifestly made public by the data subject.

This applies to comments you make on our posts that may include special category data. We do not solicit, analyse, or reuse such information and will apply standard content moderation only.

Who we share your personal information with

TikTok is a separate organisation and processes personal data for its own purposes under its own privacy policies. When you interact with TikTok:

  • TikTok determines how the platform operates
  • TikTok may process personal data outside our control
  • TikTok may process your data outside the UK
  • you should review TikTok’s privacy notices to understand how it processes your data
  • we do not control TikTok’s data retention periods or internal data use.

International data transfers

TikTok is a global platform. Personal data associated with your TikTok account may be:

  • stored or accessed outside the UK
  • subject to different legal regimes

We do not transfer your data internationally but acknowledges that TikTok may do so as part of its platform operations.

Your rights

Under GDPR you have rights which you can exercise free of charge which allow you to:

  • know what we are doing with your information and why we are doing it
  • ask to see what information we hold about you (subject access request)
  • ask us to correct any mistakes in the information we hold about you
  • object to direct marketing
  • make a complaint to the Information Commissioner's Office

Depending on our reason for using your information you may also be entitled to:

  • ask us to delete information we hold about you
  • have your information transferred electronically to yourself or to another organisation
  • object to decisions being made that significantly affect you
  • object to how we are using your information
  • stop us using your information in certain ways

We will always seek to comply with your request however we may be required to hold or use your information to comply with legal duties. Please note, your request may delay or prevent us delivering a service to you.

We can only act on data within our control. For data controlled and processed by TikTok, you must contact TikTok directly.

For further information about your rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioner's Office (ICO) on individuals’ rights under GDPR.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Who to contact

Contact the Information Resilience and Transparency Team at data.protection@kent.gov.uk to exercise any of your rights, or if you have a complaint about why your information has been collected, how it has been used or how long we have kept it for.

Contact our Data Protection Officer, Benjamin Watts, at:

Address
Data Protection Officer
Sessions House
Maidstone
ME14 1XQ

UK GDPR also gives you right to lodge a complaint with Information Commissioner, who may be contacted via the Information Commissioner's website or call 03031 231113.

Read our corporate privacy statement.