We regularly review the City of York Safeguarding Children Partnership (CYSCP) Privacy Notice, and it was last updated in September 2023.
The Children Act 2004, as amended by the Children and Social Work Act 2017, and the associated statutory guidance Working Together to Safeguard Children (2018) replaced Local Safeguarding Children Boards (LSCBs) with new local multi-agency safeguarding partnership arrangements (MASA).
The new MASA arrangements placed new duties on the three Statutory Safeguarding Partners (namely: the Local Authority, the Police and the Humber and North Yorkshire Health and Care partnership) in local areas, to make arrangements to work together, and with other relevant agencies locally, to safeguard and promote the welfare of all children in their area.
See further information about the City of York Safeguarding Children Partnership including which organisations are partners.
See details of specific privacy information for each of the statutory partner organisations including details of their ICO registration and Data Protection Officer:
When appropriate we will provide a ‘just in time’ notice to cover any additional processing activities not mentioned in this privacy notice.
We get information about you from the following sources.
We do not collect information when you use a link in our website to other externally operated websites. If you transfer to another site, please read their Privacy Notice or Statement, this will also apply to individual partners and agencies websites within the CYSCP.
If you are accessing online services and are under the age of 13; please get your parent/guardian's permission beforehand whenever you provide us with personal information.
We receive information from:
We process different categories of personal information about you such as your name and address, or other more sensitive data such as health data, about services you have received. The CYSCP may also process criminal conviction data in accordance with our statutory functions.
The purpose of our local arrangements is to support and enable organisations and agencies across York to work together so that:
The CYSCP provides a limited range of services. To provide some of these services we need to collect and use your information.
We also gather information to know how well agencies are working together to keep children safe. This helps us understand the experiences of children and young people living in York. Where appropriate we will seek information from parents and carers and the wishes and feelings of children (including children who might not ordinarily be heard) about the priorities and the effectiveness of local safeguarding work.
When you take part in learning and development through the CYSCP we work with AdaptiVLE to provide e-learning training and other providers to commission face to face training.
We do not carry out any automated decision making without any human intervention in the CYSCP.
Please see our Cookies Policy for further information about the information we collect automatically when you use our website.
Where we provide services directly to children or young people, the information in the relevant parts of this notice applies to children and young people, as well as adults.
Any personal data including special category data and criminal offence data that we process about individuals is done so in accordance with Article 6, 9 and 10 of the UK GDPR and Schedule 1 of the Data Protection Act 2018 (DPA 2018).
The legal basis:
In some cases, we may rely on consent, this will be clearly stipulated where applicable. If you wish to withdraw consent at any time you can do so by emailing: [email protected].
The public tasks based on the public interest and legal obligations arise from the following provisions:
Where we process personal data relating to criminal convictions and offences, this is also under Article 10 UK GDPR that covers processing in relation to criminal convictions and offences or related security measures. In addition, section 11(2) of the DPA 2018 specifically confirms that this includes personal data relating to the alleged commission of offences, or proceedings for an offence committed or alleged to have been committed, including sentencing.
Some of the Schedule 1 conditions for processing special category and criminal offence data require an Appropriate Policy Document (APD) to be in place, that sets out and explains the procedures for securing compliance with the principles in Article 5 and policies regarding the retention and erasure of such personal data. This document explains this processing and satisfies the requirements of Schedule 1, Part 4 of the DPA 2018 and supplements this privacy notice.
See the Appropriate Policy Documents for each of the statutory partner organisations:
Information will only be kept for as long as is necessary by the relevant CYSCP partner.
We never use your name or any other personal identifiable information in any presentations or reports, for research or statistical purposes, as it will be anonymised and will not identify any individuals. It will also be relevant and compatible with the purpose the information was collected for.
We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.
We may be required or permitted, under Data Protection legislation, to disclose your information without your explicit consent, e.g., if we have a legal obligation to do so, such as safeguarding, law enforcement, fraud investigations, regulation and licensing, criminal prosecutions, and Court proceedings.
We will always satisfy ourselves that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information
Additionally, we are required under the Public Records Act 1958 (as amended) to transfer records to the City or National Archives (TNA) for permanent preservation. Full consideration will be given to Data Protection and Freedom of Information legislation when making decisions about whether such records should be open to the public.
Where we have external third parties providing parts or all of our services for us, we only work with them where we are satisfied, they take appropriate measures to protect your personal information and where required, put in place contractual obligations to ensure they can only use your personal information to provide services to us and to you.
We don’t routinely transfer personal data outside of the UK but when this is necessary, we ensure that we have appropriate safeguards in place and that is done in accordance with the UK data protection and privacy legislation.
We are committed to keeping your information safe and secure. There are several ways we do this, such as:
To find out about your rights under Data Protection law, you can go to the Information Commissioners Office (ICO).
You can also find information about your rights in the City of York Council Privacy Notice.
If you have any questions about this Privacy Notice, want to exercise your rights, or if you have a complaint about how your information has been used, please contact us on email: [email protected], or telephone: 01904 554145, or write to:Data Protection Officer
To find out what the council does with your information when making an online payment, please see the [City of York Council Privacy Notice].
Anonymous information about page visits is collected using Google Analytics.
Our website privacy notice does not cover external websites; we encourage you to read the privacy notices on any other websites you visit.
Our website also lists email addresses for external organisations (those addresses that don't contain 'york.gov.uk'); we cannot guarantee what will happen to your personal data if you email an external organisation.
By using our website you are consenting to certain types of cookie being placed on your device. See our Cookies Policy.
Where our website links to external resources or websites, these may add their own cookies. These are outside our control. Cookies can be disabled by changing the settings in your browser, but you may need to re-enter information at times.
Emails that we send to you or you send to us, may be retained as a record of contact and your email address stored for future use in accordance with our record retention schedules. If we need to email sensitive or confidential information to you, we may perform checks to verify the correct email address and may take additional security measures.
You will not receive unsolicited paper or electronic mail as a result of sending us any personal data while using our website, unless you have given us permission to do this.
We do not pass personal data to third parties for marketing, sales or any other commercial purposes without your prior explicit consent.
If we have to share your personal data externally, we require any third party to comply with the principles of data protection legislation, and our procedures and instructions, when they use your information on our behalf.