Bristol City Council is the data controller for the Keeping Bristol Safe Partnership for the purposes of the Data Protection Act 2018 and other regulations including the General Data Protection Regulation (Regulation (EU) 2016/679), which means it determines what your data is used for and why it is collected. The purpose of this privacy notice is to tell you about what information we collect about you when you use our service, how we use that information and who we may share it with.
The contact details of the data controller are Bristol City Council, City Hall, Bristol.
This Privacy Notices covers three data processing activities of the Board:
Activity 1 - Serious Case Reviews, Learning Reviews and Ofsted Serious Incident Notification
What data we need to collect and the legal basis for processing it:
To provide this service, we will process data including name, date of birth, addresses, records from professionals who have worked with you or your children including health records, criminal records and social care files. We are collecting this data because this data is necessary to carry out Child Safeguarding Practice Reviews and Ofsted Serious Incident Notifications as required under the Children Act 2004, Safeguarding Adult Reviews under The Care Act 2014, and Domestic Homicide Reviews under the Crime and Disorder Act 1998.
How long we will keep your data for:
We will hold this information for 25 years after the publication date of the Serious Case Review or Ofsted Notification date. After this, your information will be deleted.
Why we need to collect your data:
We will use this information for informing Ofsted of Serious Incidents or undertaking Statutory learning reviews.
Who we share your data with and why:
This data will be shared with commissioned review authors, Keeping Bristol Safe Partnership Members, and Professional Members of the review panel.
Where we have received your data from a third party:
We got this data from professional organisations in the city who have provided a service to you or your children. The data we have is not publically available although the final Learning Review report may be. You will be given the opportunity to read this report and provide factual accuracy points before it is published.
Activity 2 - Quality Audits, Complaints, Escalations, Safeguarding
What data we need to collect and the legal basis for processing it:
To provide this service, we will process details such as your name, date of birth, address, family members’ details, and records of your involvement with professionals. We are collecting this data because we are required to under Working Together 2018 to carry out quality and assurance work, and because we store records of safeguarding decisions made.
How long we will keep your data for:
The period of time that we will hold this data for will depend on the use. Personalised data used for audits will be deleted after the anonymous audit report is written. Details of escalations, complaints or safeguarding discussions will be stored for 10 years. After this, your information will be deleted or archived.
Why we need to collect your data:
We will use this information for undertaking safeguarding assurance activities such as audits or determining compliance with safeguarding policies and processes.
Who we share your data with and why:
This data will be shared with professionals who are involved in the audit or compliance activity.
Where we have received your data from a third party:
We got this data from other organisations in the city who are Board members. The data we have is not publicly available.
Activity 3 – Learning, Development and Partnership Services for Safeguarding Professionals and Organisations
What data we need to collect and the legal basis for processing it:
To provide the training service, KBSP will process data for professionals attending including name, work email, telephone number and address which you provide when you apply for a training place or agree to represent your organisation at the partnership. We are collecting this data because this data is necessary to deliver the training programme and strategic KBSP Business plan, provide you with course materials and minutes, and monitor compliance with inter-agency training requirements and attendance.
How long we will keep your data for:
We will hold this information for 5 years. After this, your information will be deleted.
Who we share your data with and why:
This data will be shared with your organisation’s training department, your manager or your organisation’s commissioner so that they can monitor compliance with training, meeting attendance and process payments for training. If you are a partnership Member or Sub Group Member your name and professional role will be publicly available in our annual reports. If you give consent at application we will use your contact details to send you information about upcoming training and conference.
If we have your consent to use your data:
You can withdraw your consent for us to process your information at any time by emailing KBSP@bristol.gov.uk
Your rights as a data subject:
You have the right to ask for access to your data and where data is found to be inaccurate to have that data corrected. In certain circumstances you have the right to have data held about you erased, or the use of it restricted. You may be able to object to processing and may also have the right to have your data transferred to another data controller.
You also have a right of complaint to the Information Commissioner’s Office (ICO) at www.ico.org.uk if you think we have not dealt with your information in a proper manner.
You can ask to see what information we hold about you and have access to it. You can do this by contacting:
Senior Data Protection Officer
Bristol City Council
ICT Commissioning and Information Governance
P O Box 3399
BRISTOL
BS3 9FS
Data.protection@bristol.gov.uk
Other questions about the data being processed may also be sent to the above address.
Fraud Prevention and Detection:
Bristol City Council is required by law to protect the public funds it administers. It may share information provided to it with other bodies responsible for auditing, administering public funds, or where undertaking a public function, in order to prevent and detect fraud. For more information visit www.bristol.gov.uk/data-protection-foi/fraud-prevention-and-detection
