Privacy Policy & Cookie Policy

ENQUIRY TO FOSTER DATA PRIVACY NOTICE
Data controller: Young People at Heart Head Office, Thames Enterprise Centre, Princess Margaret Road, East Tilbury, RM18 8RH.
This notice explains what personal data (also referred to as “information” in this notice) we hold about you, how we collect it, and how we use and may share information about you during the initial stages of your enquiry to foster. Please ensure that you read this notice and any other similar notice we may provide to you should we invite you to begin an assessment. We are committed to being transparent about how we collect and use your data and to meeting our data protection obligations.
In this notice, references to “we”, “us”, or “our” are references to Young People at Heart Foster Care.

What information do we collect?

We collect and process a range of information about you when you send an online enquiry form. We collect further information during our ‘Initial Screening Call;’ the telephone conversation you will have with our Recruitment Team following your online enquiry (or the first point of contact if you have called us to enquire rather than using our website). During this we collect further information which may include:

• Personal details: name, contact information and how you heard about us.
• Personal details including name, age or date of birth, gender and contact information, including address.
• Marital status, your spouse or partner, dependents, other family members and your support network, and details of previous significant relationships.
• An employment overview including current and previous employment, voluntary work and relevant experience for the fostering task.
• A general overview of your health and fitness, including mental health, whether you smoke or have any pre-existing medical conditions that could have an impact on your suitability to foster.
• General information on your home and whether you have a spare room for fostering, including whether you mortgage or rent a property, or own a property outright.
• A general overview of your financial situation.
• Whether you have any criminal convictions.
• Any other information that you opt to provide in support of your enquiry and explanation of your desire to become a foster carer.
• Special categories of personal data, including data relating to
• racial or ethnic origin;
• religious or philosophical beliefs
• genetics, biometrics or health
• sex life or sexual orientation and
• the commission or alleged commission of an offence by them.

If we believe that it’s appropriate to further your enquiry and find out more about you, our standard procedure is to arrange a home visit, where a Recruitment Social Worker will visit you in your home at a time and date arranged with you. During this visit the Social Worker will have a more detailed conversation with you about fostering and about your background and lifestyle, before considering whether it is appropriate to invite you to begin our assessment. Information gathered at this visit will be taken to the Agency Recruitment Manager in order to make a formal decision on inviting you to apply.

During the home visit our Recruitment Social Worker may collect details including:

• Further information on your home and the spare room/s you have available for fostering, including the Recruitment Social Worker’s own thoughts on the suitability of the room for a child or young person and whether your home would provide a suitable fostering home.
• Previous employment details, details on your background and lifestyle and whether you have lived abroad.
• Further information on any medical conditions or whether you smoke, if applicable.
• Further details of any financial concerns, CCJs or any criminal convictions.
• Any other information that you provide to them during the visit that supports your suitability to foster including any information you present about your personal and professional life to date. Our Recruitment Social Worker may also note any other information that you provide to them or that they notice during the visit that raises concern regarding your suitability to foster.
• Further information on special categories of personal data, including data relating to:
  • racial or ethnic origin
  • religious or philosophical beliefs
  • genetics, biometrics or health
  • sex life or sexual orientation and
  • the commission or alleged commission of an offence by them.

Why do we process your personal data?

We will typically collect the above information for the following purposes. We will need to process your data in order to consider your suitability to
foster, and to subsequently enter into and perform the assessment process with you. For example, we need to process your data to ensure that we comply with child safeguarding and fostering regulations, and to contribute to your Form F should we reach this stage. In some cases, we need to process your data to comply with our legal obligations, including:

• to record our professional reasons for inviting you to apply;
• to give your allocated Form F Assessor an initial understanding of your suitability to foster in order for them to begin your Form F;
  our obligations under statutory codes of practice;

In other cases, the collection and use of your information is for the purposes of our legitimate interests but only if these are not overridden by your interests, rights or freedoms. Processing your data allows us to:

• maintain good agency practice and comply with legal, regulatory
  and corporate governance obligations;
• comply with obligations under foster carer legislation;
• protect our networks and personal data against unauthorised
  access or data leakage;
• ensure effective recruitment and business administration;
• respond to and defend against legal claims.

How we use your sensitive personal data

“Special categories” of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We have in place appropriate safeguards which we are required by law to maintain when processing such data. We may process special categories of personal information in the following circumstances:

1. In limited circumstances, with your explicit written consent.
2. Where we need to carry out our legal obligations or exercise rights in connection with the fostering and foster carer assessment task.
   Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

Our obligations as a Fostering Agency

We will use your particularly sensitive personal information in the following ways:

1. We will use information to comply with laws and fostering regulations.
2. We will use information about your physical or mental health, or disability status in order to assess your fitness to foster.
3. We will use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual

Do we need your consent?

We do not need your consent if we use special categories of your personal information in accordance with our written policy to carry out our legal obligations. In limited circumstances, we may approach you for your written consent to allow us to process certain particularly sensitive data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.

Who has access to data?

Your information will be accessible internally with Young People at Heart’s staff. Unless you are invited to submit an Application Form, we will not share your data with any third party unless legally required to do so or with your written consent. We will not transfer your data to countries outside the European Economic Area.

Where your information may be held

Information may be held at our offices and those of our affiliates.

How do we protect your data?

We take the security of your data seriously. We have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed. We limit access to your personal data to those who have a genuine business need to know or use it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. Physical personal data is stored securely in locked filing cabinets or drawers. Electronic data stored on our IT systems is password protected, encrypted and information is held on drives with restricted access.

Where we engage third parties to process personal data on our behalf, the third parties do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of your data. We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

For how long do we keep your data?

We shall not retain your data for any longer than is necessary for the purpose we obtained it. Fostering regulations state that we should keep your data for 3 years.

Your rights

As a data subject, you have a number of rights.
You can:

• access and obtain a copy of your data on request;
• require us to change incorrect or incomplete data;
• require us to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
• object to the processing of your data where we are relying on our legitimate interests as the legal ground for processing; and
• request the transfer of your data to another party.

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law or to comply with fostering regulations.

If you would like to exercise any of these rights, please contact our Data Protection Officer via our Head Office address
Thames Enterprise Centre, Princess Margaret Road, East Tilbury, RM18 8RH.

If you believe that we have not complied with your data protection rights, we hope that we can resolve any query or concern you have. If not, you can complain to the Information Commissioner. You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

What if you do not provide personal data?

You have obligations in submitting an enquiry to provide us with data. If you fail to provide certain information when requested, we may not be able to conduct your assessment which would in turn prevent you from becoming a foster carer with the agency. Certain information (such as contact details, payment details, health information) have to be provided to enable us to enter into a contract with you. If you do not provide requested information, this will hinder our ability to fulfil our obligations under the Fostering Regulations and other contracts efficiently.

Automated decision-making

Decisions are not based solely on automated decision-making.

YOUNG PEOPLE AT HEART FOSTERING WEBSITE/COOKIE POLICY

Website Usage & Cookie Policy

1.1 We may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.

1.2 We may process information contained in any enquiry you submit to us regarding goods and/or services (“enquiry data”). The enquiry data may be processed for the purposes of offering, marketing and selling relevant goods and/or services to you. The legal basis for this processing is consent based on the processing of an enquiry.

1.3 We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent given when the information is offered.

1.4 We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.

Cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

2.1 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

2.2 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

2.3 We use cookies for the following purposes:

(a) authentication – we use cookies to identify you when you visit our website and as you navigate our website (cookies used for this purpose are: identify cookies);
(b) status – we use cookies to help us to determine if you are logged into our website (cookies used for this purpose are: identify cookies);
(c) personalisation – we use cookies to store information about your preferences and to personalise our website for you (cookies used for this purpose are: identify cookies);
(d) advertising – we use cookies to help us to display advertisements that will be relevant to you (cookies used for this purpose are: (identify cookies);
(e) analysis – we use cookies to help us to analyse the use and performance of our website and services (cookies used for this purpose are: identify cookies); and
(f) cookie consent – we use cookies to store your preferences in relation to the use of cookies more generally (cookies used for this purpose are: identify cookies).

3. Cookies used by our service providers

3.1 Our service providers use cookies and those cookies may be stored on your computer when you visit our website.
3.2 We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://www.google.com/policies/privacy/. The relevant cookies are: identify cookies.

4. Managing cookies

4.1 Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
(c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
(f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).

4.2 Blocking all cookies will have a negative impact upon the usability of many websites.

These policies were last updated on 19th October 2018. If you require more information please email us at: hello@youngpeopleatheart.org