Customer Relations Privacy Notice

Why we collect your information

In order to investigate and administer your complaint it is necessary for us to collect and hold personal information about you, answering any enquiries you might wish to raise or recording your compliments.

Birmingham Children’s Trust (‘The Trust’) has a legal basis for collecting this data as we have a legal obligation to assist in any investigation conducted by the Local Government & Social Care Ombudsman and because is necessary for the performance of a public task by the Trust which is carried out in the public interest.

We may need to process special categories of personal data (for example, race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, sex life, or sexual orientation), where we have identified a special condition applies under data protection legislation and that the processing is necessary. The basis which we rely on is that processing is necessary for one or more of the following reasons: to carry out certain obligations and rights, to establish, exercise or defend a legal claim, processing is in the substantial public interest or necessary to protect the vital interests of the data subject

Your data may be shared with internal departments and external organisations for the purpose of resolving complaints and processing any enquiries you may have to make sure that it delivers its functions as efficiently as possible; the Trust may share your information with one of its local authority partners, namely Birmingham City Council.

What data we collect

The information we collect and sometimes hold about you would include, but is not limited to:

  • Name
  • Address
  • Contact details including email address and telephone numbers
  • The type of service your complaint is about

Sharing your Information

Your information may be shared with:

  • Internal service areas
  • External organisations who may deal with your complaint, such as, The Local Government Ombudsman
  • Other external organisations where we are required by law to share your information, such as safeguarding, if there is a risk of harm or emergency situations
  • For audit
  • For statistical analysis

Use of your data

  • We will only use your information within the terms of data protection laws
  • We will delete your information securely and only keep it for as long as necessary

The Trust will review dates for keeping personal data in the future and if necessary, update this privacy notice.

Additionally, the Trust may use your complaint to help train staff in how to investigate and respond appropriately to complaints. In these cases, we will remove any information that may identify you and amend various details to ensure that you will not be identified beyond the trainers.

How long we keep hold of data

Your information will be kept safe and confidential and handled with care in accordance with the law

  • Summary management of enquiries, compliments and complaints resulting in significant policy change: Permanent 
  • In other cases: Last action + 6 years 

Exceptions will be applied in case of complaints  relating to the social care cases for the following:

  • children in care – records will be kept either until 75 years after the child’s birth, or if the child dies before the age of 18, for 15 years from the date of death
  • approved foster carers (including relatives, friends or connected persons granted temporary approval under Regulation 24 of the Care Planning, Placement and Case Review (England) Regulations 2010) – records will be kept for at least 10 years from the date on which their approval is terminated
  • adoption records where an adoption order is made – records will be kept for at least 100 years from the date of the adoption order
  • adoption records where an adoption order is not made – in cases where the child is looked after by the council records will be retained until 75 years after the child’s birth
  • child protection assessments/ referrals/ children in need/ serious case reviews – records will be kept until 25 years after the child’s birth, or if the child dies before the age of 18, for 6 years from the date of death.

In these cases, a copy of the complaint and its conclusion may be kept with the social care record to ensure that we comply with the data retention period.

How do we get your information

We get information about you from the following sources:

  • directly from you
  • from third parties acting on your behalf such as family member(s), advocates, etc
  • from our commissioned partners or contractors who undertake work on our behalf
  • from external agencies and government departments such as other councils; the NHS; Department of Work and Pensions; Department of Health and Social Care (DHSC)

Security of your personal data

We use a system (iCasework/ respond) provided by a third-party supplier to capture, coordinate and manage your request for information, complaint, enquiry or comments

  • Your information will be stored electronically and on paper records.
  • We will only make them available to those who have a right to see them. Example of the security measures we use are:
    • Encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code. The hidden information is said to then be ‘encrypted’.
    • Pseudonymisation meaning that we’ll use a different name so we can hide parts of your personal information from view. This means that someone outside of the Trust could work on your information for us without ever knowing it was yours.
    • Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it.
    • Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong.
    • Regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches).
    • Our servers and databases are protected by industry standard security technology.

Will my data be transferred abroad?

No.

Your information rights

Under UK GDPR you have certain rights concerning your information, namely:     

  • The right to be informed - to be informed regarding why, where and how we use your information
  • The right of access– to request access to the information we hold about you.
  • The right to rectification– to have your information corrected if it is inaccurate or incomplete.
  • The right to erasure or the ‘right to be forgotten’– to ask for your information to be deleted or removed where there is no need for us to continue processing it, except when processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest.
  • The right to restriction of processing– to ask us to restrict the use of your information in certain circumstances.
  • Right to data portability, to ask us to copy or transfer your information from one data controller to another in a safe and secure way, without impacting the quality of the information.
  • The right to object to processing– to object to how your information is used in certain circumstances.   
  • The data subject right not to be subject to a decision based solely on automated processing

To exercise any of your rights, please click here.