Bradford Children and Families Trust
Bradford Children and Families Trust Limited (BCFT or the Trust) is registered as a ‘data controller’ with the Information Commissioner’s Office under the Data Protection Act 2018 (Data Protection Act).
Under the UK General Data Protection Regulations (UK GDPR), the Trust collects and processes your information, including personal data about you, the citizens of Bradford and other website visitors. In these cases we require explicit consent from you. Information may be collected on paper or online forms, by phone, email or by a member of BCFT staff.
Why do we collect information about you?
We need to collect and use information about you, in order to:
- deliver services to you
- confirm your identity to provide some services
- contact you by post, email or telephone about your requirements
- understand your needs to provide the services that you request
- update your records
- help us build up a picture of how we are performing at delivering services to you
- prevent and detect fraud and corruption in the use of public funds
- allow us to undertake statutory functions efficiently and effectively
- make sure we meet our statutory obligations including those related to diversity and equality
We may not be able to provide you with a product or service unless we have enough information, or your permission to use that information.
How we use your information
We will use the information you provide in a manner that complies with the Data Protection Act and associated legislation. We will endeavour to keep your information accurate and up to date and not keep it longer than is necessary. Information will be kept in line with our retention policy. In some instances the law sets the length of time information has to be kept.
We will only use your information and share it between Trust services for the following purposes:
- to provide the service you requested, and to monitor and improve our performance in responding to your request
- to ensure that we meet our legal obligations
- to prevent and detect fraud or crime
- to process financial transactions including grants, payments and benefits involving the Trust, or where we are acting on behalf of government bodies such as City of Bradford Metropolitan District Council (Bradford Council)
- where necessary to protect individuals from harm or injury (safeguarding)
- to allow the statistical analysis of data so we can plan the provision of services
- to create anonymised data to be used and published to help improve services. This anonymised data will not contain any personal information which means that individuals cannot be identified.
Information sharing with other organisations
We may share your information with Bradford Council as the Trust is a wholly-owned subsidiary of Bradford Council.
We may need to pass your information to other people and organisations that provide a service on our behalf. These providers are obliged to keep your details securely and use them only to provide the service to you or in accordance with our instructions. This sharing will always be done with your explicit consent and will be explained to you at the point of requesting our services.
We may also obtain information from certain external organisations or provide information to them in order conduct data matching exercises to:
- verify the accuracy of the information we hold
- assist with service delivery by assessing eligibility for services
- enable the anonymisation of data for the use and publication of datasets and statistical analysis of data to improve services
- comply with the Trust’s legal obligations
We may share information with third parties where we are required by law to do so or where otherwise permitted by the Data Protection Act, for example, where the disclosure is necessary to enable the Trust to exercise its statutory functions.
Where we need to share sensitive or confidential information such as children’s data, financial data or health information with third parties, we will do so only with your prior explicit consent, or where we are required by law to do so, or where otherwise permitted by the Data Protection Act, for example, where the disclosure is necessary to enable the council to exercise its statutory functions.
We may share your information including sensitive or confidential information where it is necessary for the prevention or detection of crime or to prevent risk of harm to an individual.
We will endeavour to ensure where possible that appropriate steps have been taken by the recipient to protect personal information that is shared.
Detect and prevent fraud or crime
We may use any of the information you provide to us for the prevention and detection of fraud or may share with the Police if it is suspected that a crime may have been committed.
Bradford Council is required by law to protect the public funds it administers. As a wholly owned subsidiary of Bradford Council, we may share information you provide to us with other bodies that are responsible for auditing or administering public funds, including Bradford Council’s external auditor, the National Audit Office, the Department for Work and Pensions, and other local authorities, HM Revenue and Customs, and the Police for example.
In addition to undertaking our own data matching to identify errors and potential frauds, Bradford Council is required to take part in national data matching exercises undertaken by the Cabinet Office. The use of data by the Cabinet Office in a data matching exercise is carried out under its powers in Part 6, Schedule 9 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned. For more information see Bradford Council’s National Fraud Initiative web page.
Emergency response management
Data matching may also be used to assist the Trust in responding to emergencies or major incidents, by allowing the Trust, in conjunction with the emergency services, to identify individuals who may need additional support in the event of, for example, an emergency evacuation.
We will always inform you if we record or monitor any telephone calls you make to us. This will be used to increase your security, for our record keeping of the transaction and for our staff training purposes.
Please note that unless encrypted, email messages sent via the internet may not be secure and could be intercepted and read by someone else. Please bear this in mind when deciding whether to include personal or sensitive information in any email messages you intend to send. If you email us we may keep a record of your contact, your email address and the email for our record keeping of the transaction.
If you use an online form on our website and you give us your email address, we may send you an email receipt containing the details of what you told us on the online form. Please bear this in mind when deciding whether to include personal or sensitive information in any messages you send to us using an online form. If you contact us using an online form, we may keep a record of your contact and the information that you send us for our record keeping of the transaction.
Cookies are small text files that ‘remember’ bits of information from your visit to a website. They make the interaction between you and the website faster and easier. Without cookies the website thinks you are a new visitor every time you move to a new page.
Cookies on this site are not used to identify you personally.
We also use them to collect anonymous statistics about how people use the site, and to help us to make it as easy for you to use as we can.
A cookie is stored on your computer or mobile device by a website’s server. Only that server can retrieve or read the contents of that cookie. Each cookie is unique to your web browser. So if we put a cookie on your computer it cannot be read by any other website.
Electronic data and networks controlled by the Council are subject to strict security arrangements, both physical (such as firewalls and anti-virus protection), and administrative (non-disclosure and confidentiality). In addition, any debit or credit card details that you might supply us for any payments are not retained by the Council, and are not accessible by any Council employee. The Council complies with the requirements of the Payment Card Industry Data Security Standard and with central government codes of connection for the transmission and handling of sensitive information.
If you have signed up for the Stay Connected/GovDelivery/Granicus email updates we will have your email address and the answers to any questions you have chosen to answer which will help us to only send you emails which are relevant to you. You can unsubscribe from these email updates at any time by using the ‘unsubscribe’ link in the email bulletins that we send.
We have installed CCTV systems in some of our premises used by members of the public, for the purposes of public and staff safety and crime prevention and detection. In all locations signs are displayed notifying you that CCTV is in operation.
We will only disclose CCTV images to others who intend to use the images for the purposes stated above or where disclosure is legally required or otherwise permitted under the Data Protection Act or UK GDPR. CCTV images will not be released to the media for entertainment purposes or placed on the internet.
Images captured by CCTV will not be kept for longer than necessary. However, on occasions there may be a need to keep images for longer – for example where a crime is being investigated.
How we protect your information
Our aim is not to be intrusive, and we won’t ask irrelevant or unnecessary questions. The information you provide will be subject to rigorous measures and procedures to make sure it cannot be seen, accessed or disclosed to anyone who shouldn’t see it.
We will not keep your information longer than it is needed or where the law states how long this should be kept. We will dispose of paper records or delete any electronic personal information in a secure and confidential way.
Rights for individuals under the UK GDPR
Changes to this privacy notice
We will continually review and update this privacy notice to reflect changes in our services and feedback from service users, as well as to comply with the changes in the law.
Privacy notices for individual services
Complaints about data protection should be sent to the Trust Data Protection Officer at firstname.lastname@example.org
If you have any questions regarding this Privacy Notice please contact our Information Governance Team:
Information Governance Team
Sir Henry Mitchell House
4 Manchester Road
For Freedom of Information (FOI) requests, please contact email@example.com