Data Protection Act 2018 and the General Data Protection Regulation (GDPR)
Northamptonshire County Council is committed to protecting your personal data, and ensuring it is processed fairly and lawfully. Information you provide to Northamptonshire County Council will be processed in accordance with the General Data Protection Regulation, the Data Protection Act 2018 and any subsequent legislation.
Northamptonshire County Council is a Data Controller for the purposes of the Data Protection Act 2018 and the General Data Protection Regulation (GDPR).
Why we may use your information
The information you provide helps us to support you and your family and meet our legal responsibilities, for example as part of an assessment of educational, social care or family support needs.
The data we hold may include personal information such as your name, contact details, gender and age, along with data used to support early help, social care and education related assessments. It may also include special categories of data such as your ethnicity, health, special educational needs and disability (SEND) information. We use the information to:
- provide appropriate support and care to children and families
- assess whether our services are making a difference
- develop and improve services, including measuring how well the council is doing as a whole
- administer and protect public funds
The processing of personal data is necessary for compliance with a legal obligation to which the council is subject (detailed below). Where special category data is processed including information relating to health, race and ethnicity, the processing is necessary for reasons of substantial public interest. If there is an alternative legal basis for processing this will be specified.
Definitions of legal basis and conditions for using special categories of data can be found on the
Information Commissioner's website.
The statutes that underpin the above legal basis and condition are:
- Education Act 1996
- Children and Families Act 2014
- Children Act 1989
- Education and Inspection Act 2011
- Education and Skills Act 2008
- Working together to Safeguard Children 2015 – Statutory Guidance
- Children and Social Work Act 2017
- Adoption and Children Act 2002
- Foster Services Regulations 2011 – Statutory Guidance
- Care Standards Act 2000
- Securing Sufficient Accommodation for Looked Children – Statutory Guidance
- Crime and Disorder Act 1998
- Equalities Act 2010
Who we share data with
Your information will always be held, used and shared in accordance with Data Protection Act 2018, the General Data Protection Regulation (GDPR), and any subsequent legislation.
We are required by law to pass on personal data relating to children to the Department for Education (DfE), other Government departments and our partner organisations who use it to help with policy development, service delivery, performance management, funding and to assist with the development of good practice.
For further information on who we share data with, please see our main
privacy notice page.
Wherever possible we will discuss with you the reasons for sharing information and ask for your consent. However, in some circumstances, the law and our policies allow us to share information without your consent (for example when we feel that you or others are at risk of harm). When sharing information we do so in line with data protection legislation and agreed information sharing protocols.
How long will we keep your information?
Your information will only be held for as long as necessary to achieve the relevant purpose unless we are legally required to retain it for a specific period of time. It will only be held for the periods stated in our Record Retention Schedule, after which it will be destroyed. See our
Record Retention Schedule for greater detail.
How we keep your information secure
To ensure you or your child's information is kept safe we have the following controls in place:
- The information will not be used for any purpose other than those stated in this notice.
- The information will be held within secure systems or locations, with appropriate levels of security, that comply with relevant data protection legislation.
- The information will only be shared for lawful purposes and with an appropriate level of security that complies with relevant data protection legislation.
For more detail on how we keep your data secure, please see our main
privacy notice page.
What are your rights?
You have the following rights, subject to lawful exemptions, to:
- access copies of any records we hold about you or your child
- have any information we hold about you or your child corrected
- have any information we hold about you or your child erased
- restrict how information we hold about you or your child can be used or shared
- object to information about your you or your child being held
- have any information we hold about you or your child transferred to a third party
- challenge decisions relating to you or your child made using automated decision making and profiling
We will not give information we hold about you or your child to anyone without your consent unless the law and our policies state we are required to do so. When you give your consent for you or your child's information to be held and / or shared for any purpose you can withdraw that consent at any time.
For more detail on your rights, please see our main
privacy notice page.
Speak, or write, to your named contact in the service you're dealing with when you have any concerns or complaints about the information we hold about you or your child or how we, as an organisation, obtain, process, store or share personal data relating to you or your child. Alternatively, you can contact:
Data Protection Officer
Northamptonshire County Council
One Angel Square,
Telephone: 01604 368 360
If, however, you are dissatisfied with the council's response to your data handling complaint you can contact:
Information Commissioner's Office
Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number
Fax: 01625 524 510