This privacy notice explains what types of personal data we may hold about you, how we collect it, how we use and who we may share information with. We are required to give you this information under data protection law. This privacy notice should be read in conjunction with the corporate privacy notice.
Achieving for Children is registered as a controller with the Information Commissioner’s Office (ICO). Registration number ZA045069.
The Advisory and Outreach Service for Autism, Speech, Language and Communications Needs (ASD/SLCN) is part of the Special Educational Needs Service (SEND). The service provides support and advice to schools, parents and young people with autism, speech, language and communication needs. The service provides advice and strategies to support school staff in meeting the individual needs of young people related to their autism / SLCN. The work involves working directly with the young person to demonstrate strategies to school staff.
Personal data we collect
To ensure we provide advice and support that meet the individual child’s needs we collect and process the following personal data:
- Personal identifiers and contacts (such as child’s name, parent and guardian names, telephone numbers, email addresses and home addresses)
- Behavioural information (such as exclusions and any relevant alternative provision requests or placements put in place)
- Special educational needs (including the needs and ranking, for example pastoral support plan (PSP), education, health and care plan (EHCP), SEND support plan, personal education plan (PEP), employment and education).
What decisions will be made with the personal data collected
We collect personal information from referrals, parents/carers, school staff and where possible young people. We use the information to:
- provide advice and strategies to support school staff in meeting the individual needs of young people related to their autism / SLCN.
- evaluate and quality assure the services we provide, and improve our policies
- to audit and improve our services to ensure they meet you and your child’s needs.
- assess performance and set targets for service improvement
- complete statistical returns to Government departments
- account for our decisions and investigate complaints
Lawful basis for processing your personal data
We rely on your consent to enable an Advisory teacher to work with your child, and to discuss and share information about your child.
Who we share your personal information with
We will only share information where it is appropriate and legal to do so. Where this is necessary, we are required to comply with all aspects of the Data Protection Act 2018.
Depending on the individual circumstances of each situation, we may have to share this information with other teams within Achieving for Children to fulfil other duties and powers to support our work. Partner agencies included are:
- schools/nurseries the child is/will attend
- colleagues in Speech & Language Therapy:
- Your Healthcare
- Hounslow and Richmond Community Healthcare NHS Trust
How long will we keep your information
We only keep your personal data for as long as is required by law and in accordance with our retention schedule.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
Achieving for Children’s email service has been configured to Government Digital Service and we encrypt and authenticate email in transit using Transport Layer Security (TLS) and Domain-based Message Authentication, Reporting and Conformance (DMARC). We will ensure that when we send emails containing your personal information they are sent using appropriate security measures to encrypt the data in transit. This may involve the use of a third party encryption tool where appropriate.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Your rights and access to information
Under data protection legislation you have the right to request access to the information that we hold about you. To request a copy of your data, please read the Individual Rights Request page and then submit your request using your preferred method of contact.
You also have the right to:
- object to processing of personal data that is likely to cause, or is causing, damage or distress
- in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed
- prevent processing for the purpose of direct marketing ¦ object to decisions being taken by automated means
- redress, either through the ICO, or through the courts
If you have any questions or concerns about the way we process personal data or would like to discuss anything in this privacy notice, please contact our Data Protection Officer: firstname.lastname@example.org
If you want to make a complaint about how we handle your personal data, we ask that you give our Data Protection Officer the opportunity to respond in the first instance but you are not obliged to do this. You can make a complaint directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/