Policies
Privacy Notice
Introduction
You need to be aware of this notice if you are using the Swindon SEND information, advice and support service (SIAS).
SIAS collects and processes personal data relating to personal situations in order to provide the right level of information, advice or support.
We are committed to being transparent in how we collect and use data, and meeting our data protection obligations.
What is a Privacy Notice?
A Privacy Notice is a statememnt issued by an organisation which explains how personal and confidential data about individuals is collected, used and shared.
Who is collecting and using your data?
Swindon Borough Council will act as a 'Data Controller' for any personal data that you provide to us. We will ensure that the data given to us is processed in line with the Data Protection Act 2018 (DPA 18) and the EU General Data Protection Regulations (GDPR).
To find out more about Swindon Borough Council's data protection policies please contact our Data Protection Officer dataprotection@swindon.gov.uk or in writing to:
Data Protection Officer Civic Offices Euclid Street Swindon Wiltshire SN1 2JHYour personal data - what is it?
Personal data relates to a living individual who can be identified form that data. Identification can be by the information alone or in conjunction with any other information in the data controller's possession or likely to come into such possession. The processing of data is governed by the General Data Protection Regulation 2016/679 (the GDPR)
What personal data do we collect?
The swindon SEND information, advice and support service (SIAS) collects a range of data during your request for help.
If you are a parent or carer this may include:
- your name, address, phone number and email address.
- Information about the child or young person, including name and age, details of special educational needs, details of medical needs, details of social and educational needs, details of educational progress.
If you are a young person 13 and over this may include:
- your name, age, address, phone number and email address
- details of your special educational needs, details of your medical needs, details of your social and educational needs, details of your educational progress
If you are a professional this may include:
- your name, phone number and email address
How do we process your personal data?
Swindon Borough Council complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
Why do we need your personal information?
The Swindon SEND information, advice and support service (SIAS) collects and processes personal data in order to provide accurate information, advice and support.
SIAS will use information for a variety of reasons:
- to have all the relevant information to hand when processing your request for support
- to conact you about your support
- for statistical analysis and evaluation
- to manage and develop the service that is provided to you
- to train and manage the employment of our workers who deliver the servie
- to check the quality of the service
Where we can, we will only collect and use personal information if we need it to deliver the service.
If we do not need personal information, we will either anonymise your personal data or pseudonymise, or we will not ask you for it. For example in a survey, we may not need you contact details we will only collect your survey responses.
If we use your personal information for research and analysis, we will always anonymise your data unless you have explicitly agreed that your information can be used for that purpose.
How the law allows us to use your personal information
The SEND information, advice and support service (SIAS) is a statutory service under section 32 of the Children and Families Act, and the SEND Code of Practice 2014 which states:
Local authorities must arrange for children with SEN or disabilites for whom they are responsible, and their parents, and young people with SEN or disabilities for whom they are responsible, to be provided with information and advice about matters relating to their SEN or disabilities, including matters relating to health and social care.
In accordance with article 6 of the GDPR, data processing id legal if it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller.
Data concerning health is special category data. In accordance with article 9 of the GDPR, special category data is legal if it is necessay for reasons of substantial public interest (with a basis in law), including statutory etc and government purposes.
This means that we collect and use personal informaiton in circumstances where it is necessary to perform our statutory duties as set out in law.
If we have consent to use your personal information, you have the right to remove it at any time. If you want to remove your consent, contact dataprotection@swindon.gov.uk and tell us which service you are using so we can deal with your request.
Who do we share you information with?
The SEND information, advice and support service is a confidential service which means we do not share your information unless you have asked us to.
If we feel like it may support you to share information with relevant services such as the statutory SEND team or schools, we will always discuss this with you and will not share unless you agree to this.
We may also share your personal information when we feel there is a good reason that is more important than protecting your privacy. This does not happen often, but we may share your information:
- to protect a child
- if there are serious risks to the public, our staff or to other professionals
- to protect adults who are thought to be at risk, for example if they are confused or cannot understand what is happening to them
For all of these reasons the risk must be serious before we can decide to override your right to privacy.
How do we protect your information?
We will do what we can to make sure we hold records about you (on paper and electronically) in a secure way, and we will only make them available to those who have a right to see them.
Examples of our security include:
- controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it.
- training for our staff llows us to make them aware of how to handle information and how and when to report when something goes wrong.
- encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This si done with a secret code, or what is called a 'cypher'. The hidden information is said to then be encrypted.
- regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches).
How long do we keep your personal information?
We hold children and young person's data for set periods of time based on statutory requirements and the council's data retention policy. For processing involving individual case management in the provision of support by the local authority to families, the retention period is 7 years from files closure.
What can you do with your information?
The law gives you a number of rights to control what personal information is used by us and how it is used by us:
- you have the right of access to the information we hold on you
- you have the right to chnage information you think is innaccurate
- you can ask to delete information (right to be forgotten)
- you can ask us to limit what we use your personal data for
Your right to complain
In the event that you wish to complain about the way that your personal data has been handled by Swindon Borough Council, you should contact the data protection officer and clearly outline your case.
Data Protection Officer Civic Offices Euclid Street Swindon Wiltshire SN1 2JHEmail: dataprotection@swindon.gov.uk
Your complaint will then be investigated in accordance with our customer complaint procedure.
If you remain dissatisfied with the way your personal data has been handled, you have the right to complain to the Information Comissioner's Office.
Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AFEmail: casework@ico.org.uk
What if you do not provide personal data?
You are under no statutory obligation to provide personal data to Swindon Borough Council when using the SEND information, advice and support service (SIAS). However if you do not provide personal data we may not be able to provide the full range of support.
How will Swindon Borough Council ensure compliance?
A yearly audit will take place on personal data to ensure that we remain legally compliant in accordance with current data protection legislation. We may also be inspected by external auditors including OfSTED or the Council for Disabled Children.