Privacy notice

Who we are?

Foster for East Midlands is a partnership between Derby City Council, Derbyshire County Council, Nottingham City Council and Nottinghamshire County Council. The partnership aims to recruit new foster carers to foster for one of the four councils. Derby City Council is the host for the partnership. Derby City Council is the local government unitary authority for Derby City. Our address is The Council House, Corporation Street, Derby, DE1 2FS. You can contact our Data Protection Officer on 01332 640763 or by email at data.protection@derby.gov.uk.

You can contact the department on 03033 132950 or by email at hello@fosterforeastmidlands.org.uk.

How do we collect information from you?

We collect information from you when you visit fosterforeastmidlands.org.uk, when you fill in any forms on our website, also when you contact us in writing, speak to us on the phone, by email or any other type of electronic communication, or talk to us face to face.

What types of information do we collect from you?

We collect different categories of information about you, depending on the service you want from us and/or the reason why we need to process information relating to you. This could be personal information (for example your name and address), or other more sensitive data that we would only collect and use in very particular circumstances that are set out in law.

Details of information obtained from third parties?

We may receive information from the following;

• NHS (GP's, Hospital)
• Police
• Education Department
• CAFCASS (Children and Family Court Advisory and Support Service)
• Employers
• Personal references from trusted contacts
• Schools
• Family Members
• Disclosure and Barring Service

What is the lawful basis?

The legal basis for data processing we are relying on comes from Article 6 of the UK General Data Protection Regulations (UK GDPR). The following sections apply;

• a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose. - This must be explicit informed consent from the data subject or those with appropriate authority
• b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract. This will only apply to individual contracts i.e., contracts of employment and not other commercial contracts.
• c) Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
• e) Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.

We rely on the following conditions as per Article 9 (2) of the UK GDPR:

• a) Explicit Consent: The data subject has given explicit consent to the processing of those personal data for one or more specified purposes
• h) Health and Social Care: processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health and social care systems and services on the basis of domestic law or pursuant to contract with a health professional.

This condition applies to the following categories of data;

• personal data revealing racial or ethnic origin;
• personal data revealing political opinions;
• personal data revealing religious or philosophical beliefs;
• personal data revealing trade union membership;
• genetic data;
• biometric data (where used for identification purposes);
• data concerning health;
• data concerning a person’s sex life; and
• data concerning a person’s sexual orientation.

If we have asked for your consent you will be able to opt out any time by emailing hello@fosterforeastmidlands.org.uk.

We process all information in accordance with the following provisions:

• Data Protection Act 2018
• UK GPDR 2021
• Statutory Guidance on Private Fostering 2005
• Children Act 1989
• Guidance and Regulations Volume 4 Fostering Services
• The Care Standards Act 2000
• The Adoption and Children Act 2002
• The Children Act 2004
• Children and Young Persons Act 2008.
• Fostering Services Regulations 2011.
• Working Together to Safeguard Children 2023
• the Education Act 1996
• the Equality Act 2010
• Human Rights Act 1998
• the Children and Families Act 2014
• the Children and Social Work Act 2017
• the Health and Social Care Act 2012

How is your information used?

In accordance with our contractual obligations and consent as and when required; we may use your information to:

We may use your information to:

• Advertise the benefits of fostering for your local authority to prospective foster carers.
• Respond to initial contacts with a phone call and follow-up email to arrange a Fostering Enquiry Form/introductory phone call.
• Offer an initial visit by a social worker to prospective carers after completing the Fostering Enquiry Form.
• Following the initial visit the Hub Officers offer advice and support to complete the fostering application form.
• Review applications and share details of the prospective Foster Carer with their chosen local authority, who will then undertake the assessment process.
• Support carers through the assessment process with additional peer support and guidance.
• Administer your enquiry or application.
• Respond to information you have asked for.
• Ensure we know how you prefer to be contacted.
• Keep a record of your relationship with us.
• Occasionally undertake customer research to help us understand how we can improve our services or information.
• to assess your suitability, provide support, guidance and supervision to you if you are acting as a Foster Carer for us.
• to monitor and track recruitment and progression of Foster Carers, or prospective Foster Carers.
• carry out our obligations arising from any contracts entered into by you and us.

COVID-19/Coronavirus

Under the Public Health (Control of Disease) Act 1984 and associated Regulations, Section 1 of the Localism Act 2011, Section 31 of the Local Government Act 2003; and the Coronavirus Act 2020 and associated Regulations the Council has a legal duty to store, process and share personal information. The information will be stored, processed and shared as part of the national, and local Coronavirus Test and Trace operations where necessary for investigations, as well as the testing and tracing of individuals, groups or businesses; and to assist in the investigation into cases of Coronavirus; Coronavirus outbreaks and issues of non-compliance with the Acts and associated Regulations. The information will also be used; interrogated and mapped to inform the Councils actions and decision making processes. Any such storage, processing or sharing of information will be done in the public interest in order to promote health and wellbeing.

During the investigation of cases and/or outbreaks of Coronavirus, information which is gathered may be shared between departments within Derby City Council; with other Councils associated with an outbreak; other health services or with other government bodies associated with the control of the Coronavirus. The Council has a duty to notify national Government bodies, such as Public Health England, and the relevant local authority where an individual resides (if different), where there are suspected Coronavirus cases. The Council will disclose the information under Article 9(2)(j) of the UK GDPR (processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health), and confidential information may be lawfully disclosed in the public interest, without consent, where the benefits to an individual or to society outweigh both the individual’s and the public interest in maintaining the confidentiality of such data.

The Council may contact staff, service users, residents, patients, businesses and premises with messages relating to Coronavirus by text, phone, letter or e-mail. This contact is not direct marketing; therefore we do not need your Consent before contacting you. There is more information available on the national Information Commissioners Office approach to the current epidemic.

Research and statistics

Anonymised and pseudonymised data may be used for research and statistical purposes. Any data collected may be used for research and statistical purposes that are relevant and compatible with the purpose that the data was collected for.

Who has access to your information?

We may share personal information with one of all of the organisations that form the partnership: Derby City Council, Derbyshire County Council, Nottingham City Council and Nottinghamshire County Council.

We have agreements in place with each to ensure that your data is secure at all times and cannot be accessed or used for any other purpose.

Partners have their own privacy notices, which provide you with information relating to how they use your data. You can access these privacy notices on their websites:

• Derby City Council privacy notice
• Derbyshire County Council privacy notice
• Nottingham City Council privacy notice
• Nottinghamshire County Council privacy notice

We will not share any personal details with any other third parties without your agreement, unless required in order to fulfil our contract with you or allowed to by law.

In general, the third-party providers used by us to fulfil our contract with you will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. These providers include our email distribution services.

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes.

International Data Transfers

If your data is transferred to a country that is not in the UK, the Council will ensure your information is properly protected. If the country is not considered to have laws that are equivalent to UK data protection standards then safeguards will be put in place to ensure the third party reflects those standards.

What are your rights in relation the personal data we process?

• Access – you can request copies of any of your personal information that is held by the Council.
• Rectification – you can ask us to correct any incorrect information.
• Deletion – you can ask us to delete your personal information. The Council can refuse to delete information if we have a lawful reason to keep this.
• Portability – you can ask us to transfer your personal data to different services or to you.
• Right to object or restrict processing – you have the right to object to how your data is being used and how it is going to be used in the future.
• Right to prevent automatic decisions – you have the right to challenge a decision that affects you that has been made automatically without human intervention, for example an online form with an instant decision.

National Data Opt Out

We are one of many organisations working within health and social care to improve health and wellbeing for patients as well as the public. Information collected from you when you use our services may be stored and shared with services or partner organisations for purposes other than your individual care, for instance to help with:

• Improving the quality and standards of care provided
• Research into the development of new treatments
• Preventing illness and diseases
• Monitoring safety

This may only take place when there is a clear legal basis to use this information. Confidential information about your health and care will only be used in limited circumstances where it is not possible to use anonymised data.

You have a choice about whether you want your confidential information to be used in this way. If you are happy for your information to be used in this way you do not need to do anything. If you do choose to opt out your confidential patient information will still be used to support your individual care.

For more information or to register your choice to opt out please visit the NHS website. You can choose to opt in at any time.

Please be aware that the National Data Opt Out does not apply to information used for marketing purposes, your data would only be used in this way with your specific agreement.

All Health and Social Care organisations should have systems and process in place so they can be compliant with the national data opt-out and apply your choice to any confidential patient information they use or share for purposes beyond your individual care.

Our organisation is compliant with the national opt out policy.

How long will we keep your information for?

We keep and dispose of all records in line with our record retention schedule. We will comply with Data Protection legislation.

What security precautions are in place to protect the loss, misuse or alteration of your information?

We are strongly committed to data security and will take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption. We have put in place physical, electronic, and managerial procedures to safeguard the information you provide to us. However, we cannot guarantee the security of any information you transmit to us. We recommend that you take every precaution to protect your personal information.

Keeping your data up to date

We want to ensure any information we hold is accurate. You can help us by promptly informing us of any changes to the information we hold about you.

Under 13

If you are accessing online services and are under the age of 13‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.

Cookies

Cookies are small text files which identify your computer to our servers. They are used to improve the user experience. View what cookies we use and how you can manage them by visiting our cookies pages at fosterforeastmidlands.org.uk.

IP addresses

Internet Protocol (IP) addresses are collected when our site is used:

• for statistical/analytic purposes
• to identify any malicious activity

More information can found on our cookies page.

Complaints

If you would like to make a complaint regarding the use of your personal data you can contact our Data Protection Officer;

• By post: Information Governance, The Council House, Corporation Street, Derby, DE1 2FS
• By phone: 01332 640763
• By email: data.protection@derby.gov.uk

For independent advice about data protection, privacy and data sharing issues, you can contact the Information Commissioner's Office (ICO):

• By post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
• By phone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

Alternatively, visit ico.org.uk or email casework@ico.org.uk.