Front Door For Families privacy notice

Brighton & Hove City Council is committed to protecting your personal information. As a data controller we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law

The primary laws which govern how Brighton & Hove City Council collects and use personal information (known as 'data') about you are:

General Data Protection Regulation (GDPR)
Data Protection Act (DPA) (2018)

However Front Door For Families is also subject to specific other laws which define when and for what purposes it can use your personal data.

Why we’re collecting your data

  • we are collecting your data for the purpose of safeguarding children

What is the lawful basis for collecting your data

  • we have a lawful basis for processing your data for the reason of legal obligation. This is done under the Children Act 1989 (sections 17 and 47) and Article 8 of the Human Rights Act 1998
  • we also have the lawful basis of performance of a task carried out in the public interest (Data Protection Act 2018 schedule 3, part 3 para 18; Working Together to Safeguard Children statutory guidance July 2018)
  • we have a lawful basis for processing special category data for substantial public interest

The data we may collect

We may collect personal data or special category data

The type of personal information collected from you is as follows:

Personal data

  • contact details; including name, address, email address, telephone number, etc.
  • date of birth
  • proof of identity
  • information about your family
  • social and personal circumstances
  • financial details for purposes of receiving or making payments
  • housing information relating your council tenancy

Special category data

We may also collect special category of personal data that may include:

  • physical or mental health details
  • racial or ethnic origin
  • gender and sexual orientation
  • offences (including alleged offences)
  • religious
  • criminal proceedings, outcomes and sentences

Who we’ll share your data with

  • your data may be shared with Children’s Social Work Services and other departments within the council, as well as external agencies such as NHS, other health agencies, Police and schools, in accordance with our duty of care towards children
  • the council operates shared services with Surrey County Council and East Sussex County Council and may share your information with one of these partners if necessary to provide these services

Holding your personal information

We will not keep your data for longer than is necessary, subject to any legal obligations we have to retain the data. How long we keep it will vary according to the services you are involved with and the lawful basis for processing within those services.

However the principles we will use to determine how long your data will be kept include:

  • what type of services you received and whether you are still receiving them
  • whether we still are still under a legal obligation either to you or under UK law
  • any standards and guidance set out by the various regulators for our functions
  • whether you have expressed a preference that your data be retained, such although exercising a right to restrict processing

All data will be kept in accordance with the family, children and learning retention schedule.

How your data will be stored

  • your information will be stored on secure electronic databases and document management systems

Who can access your data

  • we will only make your information available to those who have a need to know in order to perform their council role

How we protect your data

Examples of the security measures we use include:

  • training for our staff making them aware of how to handle information securely and how and when to report when something goes wrong
  • we use encryption when data is being sent, meaning that information is scrambled so it cannot be read without access to an unlock key. The hidden information is said to then be ‘encrypted’
  • where possible, data will be pseudonymised, meaning that your identity will be removed, so that work can be done without your identity being known by the people doing that work
  • controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
  • regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches)

Transferring data outside the European Economic Area

  • your information is not processed outside of the European Economic Area

Your individual rights

You have the following rights in relation to your personal information:

The right to be informed – you have right to know about the collection and use of your personal data. We will inform you through our service-specific notices

The right of access – you can request to know what we hold on you along with an explanation for how it is used by making a “Subject Access Request”

The right to rectification – you have the right to ask us to update, amend or change your information if it is factually inaccurate or incomplete

The right to restrict processing – you have the right to request that we limit using your personal data  for specific purposes if you do not believe we have a lawful basis for a particular purpose or where you consider the data to be incorrect.  Upon receiving a restriction request, we are obliged to consider our use of the data and provide you with a response

The right to object – you have the right, in certain circumstances, to object to us collecting, using and storing your information.  Upon receiving a request of this type, we are required to stop using your data whilst we investigate and provide a response

Automated decision making and profiling - we will tell you if we make an automated decision, including profiling, with your personal information. If we do this you have the right to ask us to make this decision manually instead

At present, the council only uses automated decision processes to identify first round offers of school placements.  These offers are subject to appeal and you have the right to seek a review of your school placement offer by a council officer.

How to get advice or make a complaint

Data protection contacts

If you wish to discuss any of your data protection rights, you can contact the Data Protection Team on 01273 295959 or by email at data.protection@brighton-hove.gov.uk

Contact the council's Data Protection Officer 

Whilst we would prefer that you contact us first with any concerns that you might have, you can also contact the Information Commissioner’s Office. The ICO is the national regulator with responsibility for ensuring compliance with data protection.

Information Commissioner’s Office

You also have the right to lodge a complaint with a supervisory authority. Contact details for the ICO is stated below:

You can contact the ICO:

  • on their website
  • by telephone: 0303 123 1113
  • by post: Wycliffe House, Water Ln, Wilmslow SK9 5AF

This Privacy Notice will be subject to review when there is a change.