Privacy Policy

Our Privacy Policy explains:

  • What information we collect and how we collect it
  • Why and how we use your information.
  • How long we keep your information
  • How we may share your information
  • Your rights on the information we hold about you
  • Security-how we keep your information safe
  • Changes to this Privacy Policy
  • How to contact us

The Data Controller is Tring Child Contact Centre

Information We Collect

In order to provide our services and for the other purposes set out in Use of Information below, we collect and process Personal Data from the users of our Contact Centre.   We may collect the following information

  • Personal information (for example, your name, email address, mailing address, phone numbers, date of birth and address)
  • Sensitive Personal Data
  • Attendance information (such a attended, number of absences and absence reasons)
  • Safeguarding incidents

From time to time and as permitted by applicable law(s), we may collect Personal Data about you and update any existing Personal Data that we currently hold from other third-party sources

We collect your information from

  • Self Referral Forms
  • Safe Referral process from the NACCC website
  • Referrals from organisations e.g. Cafcass, Family Solicitors
  • Pre visit checklist

We may also collect information from telephone conversations, emails and written and verbal communications and from records of the Contact Centre sessions.

How we Use of Information

Your Personal Data may be used in the following ways:

  • To provide our services to you,
  • To respond to your requests and inquiries,
  • To improve our services, for example evaluation sheets
  • To request your participation in surveys, or other initiatives which help us to gather information used to develop and enhance our services,
  • To comply with applicable law(s) (for example, to comply with a search warrant or court order) or to carry out professional ethics/conduct investigations,
  • To enable us to provide, to maintain our own accounts and records and to support and manage our employees.

Consent and lawful Processing of data.

Our legitimate interests, which include processing such Personal Data for the purposes of

  • providing and enhancing the provision of our services.
  • administration and programme delivery
  • for dealing with medical needs-any information you provide we must have had explicte consent to use.
  • all other cases: that it is necessary for our legitimate interests which are to run the contact centre

How long will we keep your information?

File Type Retention Period
HR files

Employment references

Redundancy details

 6 years after employment/volunteering ceases
Parental leave  5 years from birth/adoption or 18 if child receives a disability allowance
Disclosure and Barring Service Certificate (formerly Criminal Records Bureau disclosures certificates) obtained as part of the vetting process. The actual disclosure form must be destroyed after 6 months. However it is advisable that organisations keep a record of the date of the check, the reference number, the decision about vetting and the outcome.
Finance records

Income tax, NI returns, income tax records and correspondence with IR, Parental leave,

Wages and salary records

HMRC advise you must keep records for 6 years from the end of the last company financial year they relate to, or longer if: they show a transaction that covers more than one of the company’s accounting periods.
Supported contact only – Referrals, with court orders or CAFCASS involvement, pre- visit forms, attendance records Securely disposed of after three years unless a safeguarding or child protection

issue

Supported contact only – Self-referrals  with NO court order or CAFCASS involvement, pre- visit forms, attendance records Securely disposed of after one year unless a safeguarding or child protection

issue

Information relating to paid/unpaid staff not covered above that are not used for three years should be treated as confidential waste and disposed of as such. Securely disposed of after three years.
Accident books and paperwork relating to safeguarding or child protection issues about

a specific child

Should be kept indefinitely as children can request this information up to

the age of 25 years by Local Authorities.

Sharing and Disclosure to Third Parties

We may disclose your Personal Data to third parties from time-to-time under the following circumstances:

  • You request or authorise the disclosure of your personal details to a third party.
  • The information is disclosed as permitted by applicable law(s) and/or in order to comply with applicable law(s) (for example, to comply with a search warrant or court order).
  • The information is provided to  service providers who perform functions on our behalf.
  • Hosting providers for the secure storage and transmission of your data
  • Legal and compliance consultants, such as external counsel, external auditors
  • Technology providers who assist in the development and management of our web properties

Subject Access/User Rights

As a user, you are subject to the following rights:

  • The right to be informed of the use of your Personal Data
  • The right to access and/or to require the correction or erasure of your Personal Data
  • The right to block and/or object to the processing of your Personal Data
  • The right to not be subject to any decision based solely on automated processing of your Personal Data
  • In limited circumstances, you may have the right to receive Personal Data in a format which may be transmitted to another entity.

If you have a complaint in relation to the processing of your data carried out under this Privacy Policy, you have the right to lodge a complaint with the Information Commissioner Office .

You may seek to exercise any of these rights by updating your information online (where possible) or by sending a written request Tring Child Contact Centre, Old Church House, Western Road, Tring. HP23 4BT.

Information security

We are working to protect your personal information that we hold, its confidentially, integrity and availability.

  • We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
  • We restrict access to personal information to contact centre staff and volunteers subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
  • We have Security Information Policy in place which defines the measures we take to protect your personal information. We use a combination of technology and procedures to ensure that our paper and computer systems are protected, monitored and are recoverable.
  • We only use third party service providers where we are satisfied that they provide adequate security for your personal data.

Compliance and cooperation with regulatory authorities

 We regularly review our compliance with our Privacy Policy. If we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the ICO to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.

Compliance and cooperation with regulatory authorities

 We regularly review our compliance with our Privacy Policy. If we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the ICO to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.

Changes

Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. Date of this revision:  May 2018

How to Contact Us:

Tring Child Contact Centre, Old Church House, Western Road, Tring. HP23 4BT

Phone: 07826 110 875

E-mail: info@tringchildcontactcentre.org.uk

You may download a copy of this policy by following this link: Privacy Policy May 2018

Data Protection Policy

The Data Protection Act 2018 requires that anyone processing personal data must comply with the eight enforceable principles of good practice. Tring Child Contact Centre will comply with these requirements by ensuring that:

1. CCC has conducted an information audit to map data flows.

2. CCC has identified your lawful bases for processing and documented them.

3. CCC has reviewed how you ask for and record consent.

NB. The GDPR sets a high standard for consent but remember you don’t always need consent. You should also assess whether another lawful bases is more appropriate.  Consent to process children’s personal data for online services is also required.  If your business offers online services directly to children, you communicate privacy information in a way that a child will understand.  You must provide children with the same fair processing information as you give adults. It will be good practice to also explain the risks involved in the processing and the safeguards you have put in place.

4.  Registered with the Information Commissioners Office.

5. To fulfil the obligations to data subjects’ right to be informed, everyone will receive a copy of the privacy notice. Tring Child Contact Centre has a process to recognise and respond to individuals’ requests to access their personal data.

Individuals have the right to obtain:

  • confirmation that their data is being processed;
  • access to their personal data; and
  • other supplementary information – this largely corresponds to the information provided in the privacy notice.

Tring Child Contact Centre also has

  • processes to ensure that the personal data you hold remains accurate and up to data,
  • a process to securely dispose of personal data that is no longer required or where an individual has asked you to erase it
  • procedures to respond to an individual’s request to restrict the processing of their personal data.
  • processes to allow individuals to move, copy or transfer their personal data from one IT environment to another in a safe and secure way, without hindrance to usability.
  • procedures to handle an individual’s objection to the processing of their personal data.
  • processes to identify, report, manage and resolve any personal data breaches.

These are all included in the Privacy Policy.

You may download a copy of this policy by following this link: Data Protection Policy May 2018

Return to Home

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail