Consultant social worker privacy statement

For social workers managing and training Frontline programme participants.

This Privacy Statement is intended for individuals who apply to Frontline’s Consultant Social Worker (CSW) positions to support the Frontline Leadership Development Programme.

Frontline have signed ‘Local Authority Collaboration Agreements’ with each of its local authority partners. With respect to carrying out their obligations under the Agreement, both parties acknowledge that they are Controllers of Personal Data collected and processed relating to CSWs.

Frontline regards the lawful and correct treatment of personal data as critical to successful working and to maintaining the confidence of those with whom we deal. Frontline intends to ensure that personal information is treated lawfully and correctly. To this end, Frontline will adhere to the General Data Protection Regulations (GDPR) and the Data Protection Act (2018).

If you have any concerns about the privacy of your data then please contact Data Protection Officer, Frontline, Coram Campus, 41 Brunswick Square, London WC1N 1AZ or email dpo@thefrontline.org.uk

What information do we process and for what purposes?

For attracting and recruiting CSWs, to monitor the effectiveness of the management of our participants, and for improving, expanding and evaluating the programme, Frontline collects a range of information about you.

This includes:

your name, and contact details, including email address and telephone number
details of your qualifications, skills, experience and employment history
video recordings on our online interviewing platform (launchpadrecruits.com)
video recordings on portable camera equipment for role play sessions
interview notes and scores
responses to surveys we may send to you from time to time. We may ask for demographic and diversity related questions, such as ethnicity, sexual orientation or religion in connection with research and evaluation we carry out
feedback information on you provided by the Frontline participants you manage

Should you become a member of the Fellowship we process data such as professional interests, fellowship activity, and mentoring information.

Frontline may collect this information in a variety of ways. For example, data might be contained in application forms, CVs or collected through face-to-face or video interviews or other forms of assessment.

Research

The Frontline Organisation continually conducts research and evaluation in order to improve and expand its programmes and Fellowship and contribute towards wider research into social work. We will, therefore, use your data to conduct statistical research and, if shared, it will be anonymised so that personal identifiers are removed.

On what lawful basis do we collect and process your data?

For (non-sensitive) personal data we rely on our legitimate interests.
This decision is based on the following: we have identified a lawful business objective; processing is not likely to result in unwarranted harm or distress to you; the processing is in your interest; the processing would be expected by you. You can object to this processing at any time and we will no longer process your personal data unless we can demonstrate compelling legitimate or legal grounds. We also apply our legitimate interests to send you our programme related information newsletters (‘UpFront’) to which you can unsubscribe at any time.

For special categories of data (sensitive data) we rely on your consent.
This includes racial or ethnic origin, political opinions, religious or philosophical beliefs, sexual orientation, mental and physical health. You can withdraw consent at any time.

Photography or video used for marketing or publicity will also rely on your prior consent.

Who has access to your data?

Your information may be shared internally within Frontline and with your local authority for the purposes of the CSW recruitment process and ongoing monitoring of participant management, but only with staff who are directly involved.

International transfers of your data

Data processors are third parties who provide elements of our services for us. We have contracts in place with our data processors some of whom are international companies. If the companies store your data within the EEA then this is deemed to provide adequate safeguards under EU law. If they do not, and are a not listed in an EU-approved third country list, then we follow GDPR guidance to ensure the individual processors in question have adequate safeguards to protect your data and this is formally agreed with the contract with hold with them. Below is a list or processors we use that involve international transfers and information relating to the safeguards.

Salesforce/Form Assembly/Microsoft Office

Either directly, or indirectly via the software applications we use (Form Assembly and Microsoft Office), your personal data is stored in a Salesforce database or with Microsoft. Data includes application forms, survey responses, assessment results, academic and professional data and contact management including emails. Salesforce, Form Assembly and Microsoft are international companies but your personal data are only stored in data centres within the EU. These companies can, with our agreement, move data outside of EU data centres providing GDPR rules are followed. For example, Salesforce complies with the EU recognised US Privacy Shield and Binding Corporate Rules to legitimise international transfers. Microsoft provide inter-company Global Data Processing and Transfer Agreements, which incorporate the requirements of the GDPR and include the use of the EU Standard Contractual Clauses for transfers of data outside the EEA. These agreements facilitate the secure movement of personal data internationally whilst ensuring that all processing activities comply with the GDPR.

How do we protect your data?

The Frontline Organisation is certified to ISO27001 standard for managing its information security. The means we are externally audited to a recognised international standard to ensure we have in place appropriate technical and organisational measures to protect data from unauthorised access. In addition to a Data Protection Policy to which all staff must adhere to we have a number of policies to control how data is protected such as the use of encryption, security of data in transit, clear desk policy, mobile working policy, access control and password policy, information sensitivity policy, virus protection and network security. Where we use portable cameras for the recording of role plays we ensure that the video file is transferred to our secure server.

For how long do we keep your data?

Frontline will follow GDPR principles regarding data minimisation both in terms of the volume of data stored on you and how long it is retained for. Personal data shall be kept for no longer than is necessary for the purposes for which it is being processed for or longer periods for research purposes. The period for which the personal data is stored will be limited to a minimum and that time limits are established by Frontline for deletion of the records or for a periodic review.

We will therefore ensure personal data is securely disposed of when no longer needed in line with our data retention policy which is subject to periodic change.

Your rights

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

Right of access – you have the right to request a copy of the information that we hold about you providing it does not infringe the rights of others.
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
Right of portability – you have the right to have the data we hold about you transferred to another organisation.
Right to object – you have the right to object to certain types of processing such as direct marketing.
Right to object to automated processing, including profiling.
Right to judicial review: in the event that Frontline refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below.

If you would like to exercise any of these rights, please contact dpo@thefrontline.org.uk

If you believe that Frontline has not complied with your data protection rights, you can complain to the Information Commissioner.

What if you do not provide personal data?

You are under no statutory or contractual obligation to provide data to us. However, if you do not provide the information, we may not be able to process your application or maintain a CSW or fellowship relationship with you.

Ver 1.0
May 2018