Personal data is any information which relates to and identifies a living person; for example, name, address, bank details, CCTV images, computer IP address, email address.
Some types of personal information is classified as ‘sensitive personal data’ and this includes ethnicity; religious beliefs, physical/mental health; sexuality, information about criminal offences or proceedings.
How we collect information
Doncaster Council domestic abuse team may collect personal information in the following ways:
- Directly from you for example if you refer yourself for support
- From other organisations, with your permission – for example if the police or other agency makes a referral to us for support on your behalf
- Publicly available information – we may use data freely available to the public, such as within the criminal courts system or published in articles
- From organisations, without consent – for example if there is a legal reason to do so, for example with a high risk victim being referred to the Multi Agency Risk Assessment Conference (MARAC)
What information do we collect and why?
Doncaster Council domestic abuse team needs to collect personal data in order to fulfil its role as an employer; in our work to provide support to victims of domestic abuse, to meet our obligations as members of various statutory review panels and to raise awareness of domestic abuse in the wider community.
We ensure that we only use personal data for a purpose that you would reasonably expect. Other data will be collected with the consent of the individual concerned.
Detailed below are the types of personal data which we collect and the reasons, or legal basis, for doing so:
- We are required to collect information on staff, trustees and volunteers that is necessary to fulfil our role as an employer. We will also collect personal data from prospective employees or volunteers in order to process the application.
- Data relating to people who are referred to our services for support are collected to enable us to make safe contact with them. Doncaster Council has a legitimate interest in processing names, addresses, contact details and demographic/health information if this is available, in order to make contact to offer support.
- Clients who accept support from Doncaster Council may be asked for further information in order to provide the best possible support to them. This may include demographic information, details of their children, emergency contact details, health information. This information may also be used for equalities monitoring and in this situation, all data will be anonymised. Consent will always be asked when collecting this information.
- Personal data of high risk MARAC cases will be recorded on our system. Processing of this data is required in order for Doncaster Council to fulfil its official function as MARAC coordinator and MARAC partner.
- Name and contact details will be taken for people attending training and other events and sessions held by Doncaster Council. Consent will always be asked when collecting this information.
Some anonymised data will be used for monitoring and reporting purposes. No individuals will be identifiable from data used for this purpose.
Is my data secure with Doncaster Council?
Yes it is. Personal data may be stored electronically on the computer, in paper files, and/or on locked and protected mobile devices. We make sure that all personal data is held in a secure way and only relevant and appropriate people will be able to access it. Detailed below are some examples of how we keep information secure:
- Access to personal data on case management systems is restricted on a ‘need to know’ basis. Appropriate permission levels are applied so only relevant staff have access to data.
- Data stored electronically will be password protected and only appropriate staff will have access.
- All staff are fully trained in how to handle personal data including when and how it can be shared.
- Doncaster Council systems have full IT security protection, including firewalls and encryption.
Personal data will be retained by Doncaster Council for a minimum period of time in accordance with legislation. Data which is no longer required will be securely deleted and disposed of.
Who does Doncaster Council share information with?
Doncaster Council uses various other organisations to help deliver support and to assist with our legal obligations by processing data on our behalf. Where we deliver services and contracts in partnership with others, these companies are also known as Data Controllers. They have agreements with us about the types of data we hold and share to be able to offer services. We also work with other companies who process data on our behalf, these companies are known as Data Processors. Your data may be shared with all or some of these organisations and it will only be shared if it is necessary to complete our obligations. For example, individuals who are referred for support will have their details added to a case management system.
When Doncaster Council shares personal information with another organisation an agreement will be in place to ensure that they comply with all data protection law.
In the course of providing support to clients, Doncaster Council may also ask for consent to share personal data with other organisations so that we can provide the best support to you. For example, this could include specialist voluntary and charitable agencies, housing providers, health agencies, education or any other relevant agencies. This will be explained to you at the start of support and you can give or withdraw your consent to share data with other agencies at any time.
On a rare occasion it may be necessary for us to share personal information without consent if we are required to do so by a court order or if there are other valid reasons, such as the protect a child or adult who is thought to be at risk or to stop a crime. If this happens, then we will record our reasons for doing it, the information we have shared. We will also let you know what we have done, if it is safe to do so.
We never sell your personal information on to anyone else.
It’s your personal data
The data we hold is about you and the law gives you rights about what we can do with your information:
- Consent - You can give or withdraw consent for Doncaster Council to share your personal data at any time. There may be circumstances in which we override your consent, but reasons for this will be always explained to you.
- Subject Access Request - You can ask for all the information we hold about you and this is called a ‘Subject Access Request’. For more information about how to access your records contact firstname.lastname@example.org. There may be some parts of your data which would not be able to let you see and this could include information which could cause serious harm to your, or someone else’s well-being; or confidential information about other people; for example any other professionals involved in your case. This will be explained to you.
- Inaccurate information - If you think that any of the data we hold is wrong, please let us know by informing your support worker. Doncaster Council would always ask that if you are receiving support from us, that you keep us informed with your correct address and contact details.
- Right to be forgotten - It is possible to ask for all your personal information to be deleted from Doncaster Council's records. Requests for your data to be deleted should be made to your support worker. There may be some reasons why we are unable to delete all your personal information, for example, if we are required to keep it by law.
Further information about privacy and personal data
If you would like to get independent advice about data protection, data sharing issues or privacy, or lodge a complaint about how we process your data, you can contact the Information Commissioner’s Office (ICO) at the following address:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number