Skip to main content

Privacy notice for Early Help Hub


This privacy notice explains what types of personal data we may hold about you, how we collect it, how we use and who we may share information with. We are required to give you this information under data protection law. This privacy notice should be read in conjunction with the corporate privacy notice.

Achieving for Children is registered as a controller with the Information Commissioner’s Office (ICO). Registration number ZA045069

The Early Help Offer is designed to help children, young people and families access early support and we will always aim to make it as accessible as possible. Early help services predominantly support children, young people and families that sit under preventative and targeted services on the windscreen of need (below the threshold of Children’s Social Care).

Personal data we collect

We collect and process the following personal data:

  • Personal identifiers and contacts (such as names of children in the household, parent and guardian names, private fostering arrangements, telephone numbers, email addresses and home addresses)
  • Special category data (such as ethnicity, physical and mental health information)
  • Safeguarding information (such as risk factors, court orders and any professional involvement)
  • School Attendance information
  • Behavioural information (such as exclusions and any relevant alternative provision requests or placements put in place)

What decisions will be made with the personal data collected

We collect personal information from referrals, parents/carers and where possible young people. We use the information to:

  • Gain clarity around the referral information
  • Discuss new referrals at the weekly Early Help Hub meeting
  • Allocate an appropriate service to support your family
  • Evaluate and quality assure the services we provide, and improve our policies
  • To audit and improve our services to ensure they meet you and your child’s needs.
  • Assess performance and set targets for service improvement
  • Complete statistical returns to Government departments
  • Account for our decisions and investigate complaints
  • Help us teach, train and monitor our staff to develop good practice in the services received.

Lawful basis for processing your personal data

We rely on your consent to enable us to progress referrals to the weekly Early Help Hub meetings and allocate an appropriate service. There may be a delay in accessing services without your explicit consent.

Who we share your personal information with

We will only share information where it is appropriate and legal to do so. Where this is necessary, we are required to comply with all aspects of the Data Protection Act 2018.

Depending on the individual circumstances of each situation, we may have to share this information with other teams within Achieving for Children to fulfil other duties and powers to support our work. Partner agencies included are:

  • Social Care Services
  • Thames Valley Police
  • Health services
  • Probation services
  • Education and schools
  • Housing services
  • Child and Adolescent Mental Health Services (CAMHS)
  • Targeted Support services
  • Youth Offending services

We may at times share information with our Commissioners (Windsor and Maidenhead Council).

How long will we keep your information

We only keep your personal data for as long as is required by law and in accordance with our retention schedule.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

Achieving for Children’s email service has been configured to Government Digital Service and we encrypt and authenticate email in transit using Transport Layer Security (TLS) and Domain-based Message Authentication, Reporting and Conformance (DMARC). We will ensure that when we send emails containing your personal information they are sent using appropriate security measures to encrypt the data in transit. This may involve the use of a third party encryption tool where appropriate.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Your rights and access to information

Under data protection legislation you have the right to request access to the information that we hold about you. To request a copy of your data, please read the Individual Rights Requests page and then submit your request using your preferred method of contact.

You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed
  • prevent processing for the purpose of direct marketing
  • object to decisions being taken by automated means
  • redress, either through the ICO, or through the courts

If you have any questions or concerns about the way we process personal data, please contact our Data Protection Officer:

If you want to make a complaint about how we handle your personal data, we ask that you give our Data Protection Officer the opportunity to respond in the first instance but you are not obliged to do this. You can make a complaint directly to the Information Commissioner’s Office at

If you would like to discuss anything in this privacy notice, please contact our Data Protection Officer: