Privacy notices E+ card privacy notice

Updated: 14 August 2025

Contents

The type of personal information we collect

The type of information we collect about you will depend on the service you are requesting through the e+ card, this includes:

  • full name
  • age
  • postal address
  • email address
  • date of birth
  • gender
  • landline and mobile number
  • photo image

We currently collect and process the following special category data:

  • data concerning sex life or orientation
  • racial or ethnic origin
  • religious or philosophical beliefs

How we get the personal information and why we have it

The personal information we process is provided to us directly by you for one of the following reasons:

  • to process your e+ card application and join you to the services you need under your e+ card account. This may include the following, if selected:
    • library card
    • leisure card
    • leisure Saver Scheme
    • bus pass
    • railcard
    • proof of age card
    • rewards for recycling
    • organ donor register
    • R-bus journeys
    • BFC My Choice
  • data entry and online validation or provision of proofs enables e+ card applicants access to multiple services through a single enrolment process
  • having a single, central data source for registration and updates means all relevant data are cascaded to all selected services in real time - applicants can apply online or visit one council site and join more services by simply selecting additional options presented on the screen

We use the information that you have given us in order to:

  • create a smartcard member’s record and a physical smartcard for use as a personalised token for membership and access to various council services
  • create a physical PASS proof of age card to access age restricted goods, content and services

Equality data is collected at registration and held anonymised to assist service access and monitoring.

User account management

Services within the card management system can be added or removed when requested by a cardholder. Cardholders have access to their own accounts and can view the data held and activity in their own account through secure online password access.

How the law allows us to use your personal information

Lawful basis for processing

Under the UK General Data Protection Regulation (UK GDPR), the lawful basis for processing is Article 6 UK GDPR:

  • (a) you have given your consent
  • (b) process is necessary for the performance of a contract
  • (c) processing is necessary for compliance with a legal obligation

Special category data

Special category data is processed under Article 9 UK GDPR:

  • (a) you have given your explicit consent

You can read the guide to lawful basis for processing special category data on the Information Commissioner's Office website.

Where we use consent to process your personal data, we will explain to you what we are asking you to agree to and why.

If we have consent to use your personal data, you have the right to remove it at any time. If you remove your consent we are unlikely to be able to provide continued services to you.

If you want to remove your consent, please email info.smartcard@bracknell-forest.gov.uk and we will deal with your request.

Our ‘Legal obligation' to provide for concessionary travel is stated in:

  • the Cabinet Office guidance relating to the National Fraud Initiative to provide concessionary travel bus pass rights - National Fraud Initiative 2020/21
  • Section 9, Concessionary Bus Travel Act 2007 as approved by parliament in March 2010

Performance of a contract

‘Performance of a contract’ when providing leisure services with our external provider Everyone Active.

Who we share your information with

We may share this information with:

  • NHS Blood and Transplant - data is shared with the Organ Donor Register when e+ applicants actively request this
  • Everyone Active - staff contracted by the council to enrol and manage records - data fields and photos are required to create and update leisure member records
  • Suez - staff contracted by the council to manage the rewards scheme - data is required to manage the recycling initiative

We will need to share your personal data with third parties to deliver our services. You can ask us for more information on our third-party service providers.

We will not sell your personal data to any party.

Third parties with e+ include the following (this is not an exhaustive list):

  • our e+ data management system is managed by SmartCitizen Ltd
  • our contracted supplier for the recycling incentive scheme is Suez
  • data for concessionary travel (bus passes) are shared with the Fraud Office
  • leisure service data is shared with our contractor Everyone Active (Sports and Leisure Management Ltd)
  • for the library service we use Alto and Capita

Making a request

You are not required to pay any charge for exercising your rights. If you make a request, we have 28 days to respond to you.

To make a request, contact info.smartcard@bracknell-forest.gov.uk

Service adjustments

If you need service adjustments, contact us by: