You are right Jules.The council is not just the clerk. It as an entity which includes councillors too. Many people have their own flawed views about what GDPR is about. Essentially it sets out how organisations must control how they manage personal data, process it and share it. If a councillor simply sees a persons name and address and does not store or share it, they have not breached any of the principles of GDPR. If they make their own copy of it or share it with some other organisation or person, they have breached GDPR unless they gained consent, or implied consent via accepting the terms of a privacy notice.