A boy's hand thrust forward towards the camera

City of York Safeguarding Children Partnership Privacy Notice

The Children Act 2004, as amended by the Children and Social Work Act 2017, and the associated statutory guidance Working Together to Safeguard Children (2018) replaced Local Safeguarding Children Boards (LSCBs) with new local multi-agency safeguarding partnership arrangements (MASA).

The new MASA arrangements placed new duties on the three Statutory Safeguarding Partners (namely: the Local Authority, the Police and the Humber and North Yorkshire Health and Care partnership) in local areas, to make arrangements to work together, and with other relevant agencies locally, to safeguard and promote the welfare of all children in their area.

See further information about the City of York Safeguarding Children Partnership including which organisations are partners.

We regularly review the CYSCP privacy notice, and it was last updated in February 2024.

See details of specific privacy information for each of the statutory partner organisations including details of their ICO registration and Data Protection Officer:

  • City of York Council, including:
    • Lead Member for Children, Education and Young People Children’s Services
    • Legal Services
    • Adult Services
    • Housing Services
    • Education Services
    • Public Health Healthy Child Service
    • Special Educational Needs
    • Youth Justice Service
  • North Yorkshire Police
  • Humber and North Yorkshire Health and Care Partnership
  • Other agencies:
    • Humber and North Yorkshire Integrated Care Board
    • York and Scarborough Teaching Hospital Foundation Trust
    • Tees & Esk Wear Valley NHS Foundation Trust
    • Leeds & York Partnership NHS Foundation Trust
    • NHS England
    • YorSexual Health
    • Probation
    • CAFCASS
    • HMP Askham Grange
    • York CVS
    • IDAS
    • York Drug and Alcohol Service
    • Changing Lives
    • York Adults Safeguarding Board
    • York Racial Equality Network

When appropriate we will provide a ‘just in time’ notice to cover any additional processing activities not mentioned in this privacy notice.

How we collect your information

We get information about you from the following sources.

Directly from you

  • when you visit our website
  • when you contact us in writing, speak to us on the phone, by email or any other type of electronic communication, or talk to us face to face
  • when you contact us and take part in any learning or development opportunities available through the CYSCP. E-learning training is provided through AdaptiVLE at CYSCP Training
  • when you take part in any of our surveys or consultation

We do not collect information when you use a link in our website to other externally operated websites. If you transfer to another site, please read their Privacy Notice or Statement, this will also apply to individual partners and agencies websites within the CYSCP.

If you are accessing online services and are under the age of 13; please get your parent/guardian's permission beforehand whenever you provide us with personal information.

From third parties

We receive information from:

  • partners including public sector organisations such as;
    • Local Authorities
    • health services
    • police
    • GPs
    • schools and other educational settings
    • emergency services
    • the Disclosure and Barring Service (DBS)
    • Probation Services
  • voluntary and third sector organisations such as;
    • care providers
    • Voluntary Adoption Agencies
    • youth groups
    • charities
  • members of the public

Top of page

What personal data we process and why

We process different categories of personal information about you such as your name and address, or other more sensitive data such as health data, about services you have received. The CYSCP may also process criminal conviction data in accordance with our statutory functions.

The purpose of our local arrangements is to support and enable organisations and agencies across York to work together so that:

  • children are safeguarded and their welfare promoted
  • partner organisations and agencies collaborate, share, and co-own the vision for how to achieve improved outcomes for vulnerable children
  • organisations and agencies challenge appropriately and hold one another to account effectively
  • there is early identification and analysis of new safeguarding issues and emerging threats
  • learning is promoted and embedded in a way that local services for children and families can become more reflective and implement changes to practice
  • information is shared effectively to facilitate more accurate and timely decision-making for children and families

The CYSCP provides a limited range of services. To provide some of these services we need to collect and use your information.

We also gather information to know how well agencies are working together to keep children safe. This helps us understand the experiences of children and young people living in York. Where appropriate we will seek information from parents and carers and the wishes and feelings of children (including children who might not ordinarily be heard) about the priorities and the effectiveness of local safeguarding work.

When you take part in learning and development through the CYSCP we work with AdaptiVLE to provide e-learning training and other providers to commission face to face training.

The CYSCP provides multi-agency face-to-face and elearning courses to practitioners working with children and young people, and their families and carers in York. These courses are designed to improve the safeguarding of children and young people in York. We will contact learners who have completed a course, approximately 3 to 6 months after their attendance or completion, to take part in a survey to help us understand and monitor how the training has impacted on their working practices, and on children and young people they work with in York.

The information from these surveys is collated, analysed and reviewed on a quarterly basis, and a summary produced on an annual basis. We never use your name or any other personal identifiable information in any presentations or reports, as it is anonymised and will not identify any individuals. The anonymised information contributes to the annual learning needs analysis as well as helping to understand the quality and impact of the training. A report, based on the anonymous information, is compiled for CYSCP and a summary provided within the CYSCP annual report as part of the partnership’s requirement to monitor the impact of training.

We will process responses using SurveyMonkey. To find out how they use your information, see the Survey Monkey Privacy Notice.

Top of page

Automated decision-making

We do not carry out any automated decision-making without any human intervention in the CYSCP.

Top of page

Collecting information automatically

Please see our Cookies Policy for further information about the information we collect automatically when you use our website.

Top of page

Children's information

Where we provide services directly to children or young people, the information in the relevant parts of this notice applies to children and young people, as well as adults.

Top of page

Lawful basis for processing your personal data

Any personal data including special category data and criminal offence data that we process about individuals is done so in accordance with Article 6, 9 and 10 of the UK GDPR and Schedule 1 of the Data Protection Act 2018 (DPA 2018).

The legal basis:

  • our legal obligations and public tasks
  • our contractual obligations
  • protection of vital interests of the data subject
  • the provision of health and social care

In some cases, we may rely on consent, such as when you take part in the learner surveys, this will be clearly stipulated where applicable. If you wish to withdraw consent at any time you can do so emailing: [email protected].

The public tasks based on the public interest and legal obligations arise from the following provisions:

  • Children Act 1989
  • The Working Together to Safeguard Children 2018 statutory guidance
  • Children Act 2004
  • Education Act 1996
  • Education Act 2002
  • Education and Skills Act 2000
  • Legal Aid, Sentencing and Punishment of Offenders Act 2012
  • Police Reform and Social Responsibility Act 2011
  • Childcare Act 2006
  • Crime and Disorder Act 1998
  • Housing Act 1996
  • Safeguarding Vulnerable Groups Act (SVGA) 2006

Where we process personal data relating to criminal convictions and offences, this is also under Article 10 UK GDPR that covers processing in relation to criminal convictions and offences or related security measures. In addition, section 11(2) of the DPA 2018 specifically confirms that this includes personal data relating to the alleged commission of offences, or proceedings for an offence committed or alleged to have been committed, including sentencing.

Some of the Schedule 1 conditions for processing special category and criminal offence data require an Appropriate Policy Document (APD) to be in place, that sets out and explains the procedures for securing compliance with the principles in Article 5 and policies regarding the retention and erasure of such personal data. This document explains this processing and satisfies the requirements of Schedule 1, Part 4 of the DPA 2018 and supplements this privacy notice.

See the Appropriate Policy Documents for each of the statutory partner organisations:

Top of page

How long we keep your personal data

Information will only be kept for as long as is necessary by the relevant CYSCP partner.

Top of page

Data sharing

We never use your name or any other personal identifiable information in any presentations or reports, for research or statistical purposes, as it will be anonymised and will not identify any individuals. It will also be relevant and compatible with the purpose the information was collected for.

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

We may be required or permitted, under Data Protection legislation, to disclose your information without your explicit consent, e.g., if we have a legal obligation to do so, such as safeguarding, law enforcement, fraud investigations, regulation and licensing, criminal prosecutions, and Court proceedings.

We will always satisfy ourselves that we have a lawful basis on which to share the information and document our decision-making and satisfy ourselves we have a legal basis on which to share the information

Additionally, we are required under the Public Records Act 1958 (as amended) to transfer records to the City or National Archives (TNA) for permanent preservation. Full consideration will be given to Data Protection and Freedom of Information legislation when making decisions about whether such records should be open to the public.

Top of page

Data processors and/or third parties

Where we have external third parties providing parts or all of our services for us, we only work with them where we are satisfied, they take appropriate measures to protect your personal information and where required, put in place contractual obligations to ensure they can only use your personal information to provide services to us and to you.

Where we use SurveyMonkey for our surveys, find out how they use your information in the Survey Monkey Privacy Notice.

Top of page

Transfers of personal data

We don’t routinely transfer personal data outside of the UK but when this is necessary, we ensure that we have appropriate safeguards in place and that is done in accordance with the UK data protection and privacy legislation.

Top of page

How we protect your information

We are committed to keeping your information safe and secure. There are several ways we do this, such as:

  • IT security safeguards such as firewalls, encryption, and anti-virus software
  • on-site security safeguards to protect physical files and electronic equipment
  • training for all staff and elected councillors
  • policies and procedures

Top of page

Your rights in relation to this processing

To find out about your rights under Data Protection law, you can go to the Information Commissioners Office (ICO).

You can also find information about your rights in the City of York Council Privacy Notice.

If you have any questions about this Privacy Notice, want to exercise your rights, or if you have a complaint about how your information has been used, please contact us on email: [email protected], or telephone: 01904 554145, or write to:

Data Protection Officer
City of York Council
West Offices
Station Rise
York
YO1 6GA

Top of page

Making a payment

To find out what the council does with your information when making an online payment, please see the City of York Council Pay Online page. Where we use Stripe for online payments, you can find their privacy information at the Stripe Privacy Policy.

Top of page

We are the sole owner of the information collected via our website. It does not store or capture personal data of users with general public access, but does log the IP address of a visitor. This enables us to determine which pages are being viewed and helps us to improve our services. It does not use cookies for the general running of the City of York Safeguarding Children Partnership (CYSCP) website, but does use them to enable requested services (for example, payments) and to remember choices during the visit.

Anonymous information about page visits is collected using Google Analytics.

Our website privacy notice does not cover external websites; we encourage you to read the privacy notices on any other websites you visit.

Our website also lists email addresses for external organisations (those addresses that don't contain 'york.gov.uk'); we cannot guarantee what will happen to your personal data if you email an external organisation.

Top of page

Cookies

By using our website you are consenting to certain types of cookie being placed on your device. See our Cookies Policy.

Where our website links to external resources or websites, these may add their own cookies. These are outside our control. Cookies can be disabled by changing the settings in your browser, but you may need to re-enter information at times.

Top of page

Email

Emails that we send to you or you send to us, may be retained as a record of contact and your email address stored for future use in accordance with our record retention schedules. If we need to email sensitive or confidential information to you, we may perform checks to verify the correct email address and may take additional security measures.

Top of page

Unsolicited mail

You will not receive unsolicited paper or electronic mail as a result of sending us any personal data while using our website, unless you have given us permission to do this.

Top of page

Third parties

We do not pass personal data to third parties for marketing, sales or any other commercial purposes without your prior explicit consent.

If we have to share your personal data externally, we require any third party to comply with the principles of data protection legislation, and our procedures and instructions, when they use your information on our behalf.

Top of page