Integrated Team for Families and Parenting Service (ITFPS) service privacy notice
The data controller for your data
Brighton & Hove City Council is the data controller for purposes of the Data Protection Act (2018) and The General Data Protection Regulation (EU) 2016/679 ("GDPR") and is registered as a data controller with the Information Commissioner’s Office (ICO) under registration number Z5840053.
Brighton & Hove City Council are committed to protecting your personal information. As a data controller we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law.
Why we’re collecting your data
- We are collecting your data for the purpose of improving the wellbeing of children, young people and their families in Brighton and Hove; monitoring the performance of our team and how we progress with your family.
- We may also collect your data for the purpose of the National Evaluation of the Troubled Families programme on the legal basis of public interest. Families with a range of problems often struggle to get the right help and support at the right time. The council is working to ensure that families with multiple issues receive coordinated help and support when it is most needed, and that this help and support is delivered using a whole family approach. This help and support is funded by the national Troubled Families programme and is known locally as “Stronger Families, Stronger Communities”.
What is the legal basis for collecting your Data
- We have a legal basis for collecting this data as it is considered necessary to enable us to carry out our tasks, functions, duties or powers or to perform a task carried out in the public interest. Local Authorities have a statutory duty to work with families to offer a range of Early Help services to promote the wellbeing of young people in partnership alongside other agencies (Children Act 1989, and Children Act 2004).
- We shall be collecting Special Category data on the basis of Provision of Health and Social Care.
The data we may collect
We may collect personal data or special category data. The type of information collected from you is as follows:
- Contact details; including name, address, email address, telephone number, etc.
- Date of birth
- Information about your family
- Social and personal circumstances
- Financial details
- Housing information relating your council tenancy
- Visual images, personal appearance and behaviour
Special category data
We may also collect Special Category (sensitive data) of personal data that may include:
- Physical or mental health details
- Racial or ethnic origin
- Gender and sexual orientation
- Political opinions and affiliation
- Offences (including alleged offences)
- Criminal proceedings, outcomes and sentences
Who we’ll share your data with
- Your data may be shared with other community and voluntary organisations who are part of the Team Around the Family. It may also be shared with other relevant council departments where appropriate.
- Your data may also be shared for the purpose of contributing to a national evaluation of the Troubled Families Programme commissioned by the Ministry of Housing, Communities and Local Government (MHCLG). When shared for this purpose, the information will be protected by encryption. Any published results from the evaluation will be anonymised in accordance with national standards in order to prevent disclosure of your identity or that of family members. Read the Troubled Families service privacy notice for information on how your data will be used.
- The council operates shared services with Surrey County Council and East Sussex County Council. We may share your information with one of these partners if necessary to provide these services
How long we’ll keep data for and why
We will hold your data until the young person’s 25th birthday.
How your data will be stored
- Your information will be stored electronically.
- We will only make your information available to those who have a right to see them. Example of the security measures we used are:
- Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong
- We use Encryption meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code. The hidden information is said to then be ‘encrypted’.
- Pseudonymisation meaning that we’ll use a different name so we can hide parts of your personal information from view. This means that someone outside of the council could work on your information for us without ever knowing it was yours.
- Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it.
- Regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches).
Transferring data outside the European Economic Area
The only time your data is transferred outside the European Economic Area is if you use the Eventbrite website to book onto one of our parenting courses. Eventbrite is based in the US but is part of the EU-US Privacy Shield Framework protecting your data. No special category data is transferred.
Depending on the legal basis for processing your information you may have the following rights:
- A right to a copy of data held about you, an explanation for its processing and who it has been shared with – this right applies to data processed under any lawful basis
- A right to rectification (correction) of data which is demonstrably wrong – this right applies to data processed under any legal basis
- A right to restrict processing – this right applies if it has been shown that there is no legal basis for processing your data, but you wish it to be retained
- A right to object to processing – this right does not apply where the council is under a legal duty to process your data, but can be used where you dispute that there is a legal basis to process your data until the council can demonstrate what basis exists
- A right to erasure – this applies where there is no longer a legal basis to retain you data
- A right to portability of your data (having it moved to another organisation) – this right applies only where the legal basis was either consent or performance of a contract but data will usually be transferred to another local authority if a child in care moves to a new location.
- A right to object to automated decision making – this right is applicable under all lawful bases for processing
How to get advice or make a complaint
Data Protection Contacts
If you wish to discuss any of your data protection rights, you can contact the Data Protection Team on 01273 29 5959 or by email at firstname.lastname@example.org
The council has also appointed a Data Protection Officer. Contact the Data Protection Officer.
Whilst we would prefer that you contact us first with any concerns that you might have, you can also contact the Information Commissioner’s Office. The ICO is the national regulator with responsibility for ensuring compliance with data protection.
Information Commissioner’s Office
You also have the right to lodge a complaint with a supervisory authority.
Contact details for ICO are stated below:
The ICO can be contacted:
- on their website
- by phone: 0303 123 1113
- by post: Wycliffe House, Water Ln, Wilmslow SK9 5AF
This privacy notice will be subject to review when there is a change.