Programmes and Fellowship privacy statement
Who is this statement intended for?
This Privacy Statement applies to the following individuals:
- Frontline programme pre-registrants, registrants, applicants and participants
- Firstline programme registrants, applicants and participants
- Frontline fellows
- Innovation Programme pre-registrants, registrants, applicants and participants
- Headline Programme pre-registrants, registrants, applicants and participants
- Pathways Programme pre-registrants, registrants, applicants and participants
The Frontline Organisation regards the lawful and correct treatment of personal data as critical to successful working and to maintaining the confidence of those with whom we deal. To this end, we will adhere to the UK General Data Protection Regulations (UK GDPR) and any other current data protection or privacy legislation.
If you have any concerns about the privacy of your data or rights under UK GDPR then please contact Data Protection Lead, Frontline, Coram Campus, 41 Brunswick Square, London WC1N 1AZ or email@example.com
The Frontline Organisation is a data controller and delivers its training programmes by working alongside some key delivery partners. Although we may share your data with these partners (see below) they are also data controllers in their own right and may have new purposes for the data or wish to collect or process new personal data from you. They may, therefore, issue their own privacy statements at appropriate stages.
In relation to the Pathways Programme, personal data collected as a result of your application to or participation in the Pathways programme will fall under the joint control of Frontline and the Department for Education. Both Frontline and the Department for Education shall each be a Data Controller in respect of that personal data. Frontline will be your point of contact in relation to your rights as a Data Subject under the UK GDPR – see contact details above. Frontline is responsible for using all reasonable endeavours to comply with the UK GDPR regarding the exercise of your rights as a Data Subject under the UK GDPR. Frontline is responsible for obtaining your informed consent to process your data where appropriate.
What personal data are collected and processed and for what purposes?
We may collect and process personal data on you for the purposes of attracting and recruiting individuals, creating and delivering Frontline’s training programmes, engaging and supporting participants within its programmes, to manage the Fellowship, and for improving, expanding and evaluating those programmes and Fellowship.
Frontline, Firstline, Headline, Innovation and Pathways programme applications and participation
Data we collect from you will include, but not be limited to, your name, contact details, date of birth. We also collect and process information regarding your prior educational and employment history and your on-going performance during the selection process. This can include online tests and recorded online video interviews.
When you apply we may ask you (at your entire discretion and only with your consent) to disclose to us certain sensitive personal information regarding (a) any disability you may have so that we can make any adaptations; (b) your ethnic origin, sexual orientation, religious affiliations or personal history so that we can monitor diversity and mobility; (c) information regarding your health (such as a known medical condition, medication that you are taking, etc.), which could be used by first aiders and emergency responders in case of you being taken ill whilst participating in Frontline’s selection process or as an enrolled participant (e) any other information to help to administer your application on the programme.
If you are invited to attend interviews, assessment or other selection events, or participate in training and coaching sessions we may capture video footage and photographs of you. This will be used for selection, assessment, training, venue provision or quality assurance purposes and for no other purposes.
We may also, with your consent, take photographic images or video/audio of you (e.g. at work, in training) for use in marketing, promotional and other materials. Video/audio captured for selection, assessment or training purposes will not be used for any marketing purposes.
Upon application your personal data will be shared with the DfE who may contact you for the purpose of evaluating the effectiveness of the programmes Frontline offers. You are not obliged to respond, and any responses you do give will not affect your application.
The Department for Education processes your personal data as part of its public task in the public interest and further, where necessary, for archiving, scientific, research and statistical purposes. The retention of personal data will be minimised, anonymised where possible and only retained for as long as necessary. For more information about how the Department for Education processes personal data and how to contact them, please see their personal information charter
Frontline programme only
To prevent fraud or to carry out Disclosure & Barring Service checks we may also verify the authenticity of documents with a scanner and take copies of official certificates and proof of ID such as certificates, passport, visas, and/or your driving licence.
Any offer of a place on the Frontline programme is conditional on suitability checks and we are required by the Health and Care Professions Council, or any successor, to collect from you certain sensitive personal information, namely about your physical and/or mental health (including reports from your GP and/or occupational health organisations), criminal or disciplinary records, and any previous history with social service departments. This will exclusively be used to evaluate (a) your suitability for social work training (all offers are always conditional upon satisfactory health and Disclosure and Baring Service checks), and/or (b) in limited circumstances, your suitability to continue with Frontline’s programme.
We may also collect personal data about you from third parties, such as references supplied by former employers.
If you are accepted onto the Frontline programme we will continue to gather and collect information about you via direct contact with you, and by receiving information on your progress from Lancaster University and the local authority in which you are working.
We will collect your personal data in connection with your practical and academic experience for the purposes of assessing your progress and for teaching and research purposes. We may also maintain records and notes on Frontline programme participants to assess academic and professional conduct throughout the programme, as well as any pastoral or welfare needs.
We may also use your email address and/or phone number to identify other individuals on social media sites who might be interested in the Frontline programme and direct advertising to them. For example, we may create ‘lookalike’ audiences on Facebook. This involves providing your email address to Facebook so they can determine if you have a Facebook account. If you do, Facebook will then identify the common qualities and interests of those interested in or applying to the Frontline programme to find an audience of people who are similar to them.
Where you have consented to receiving electronic marketing communications we may also use your email address and/or phone number to match to your account on Facebook or other social media sites in order to show you Frontline content while using these services.
Deferral Requests under the Frontline programme
All deferral requests will be contingent on the Frontline programme being approved to recruit for the following year. The Department for Education is currently procuring for the fast-track social work training programme for 2024. If the Frontline charity is not approved to deliver the 2024 cohort, any pre-start deferrals from 2022-23 recruitment period will be offered the opportunity to transfer to the new supplier of the fast-track training programme for the 2024 cohort. Pre-start deferrals may be prioritized for inclusion in cohort 2024 and will undergo a light-touch matching and approval process for 2024 cohort (to be agreed with the new supplier). Relevant personal details for anyone deferred will be transferred from Frontline to the new supplier (including: contact details, information relating to 2022-23 recruitment process and individual recruitment outcomes). Should this change occur, information will be provided once the processes and timings have been agreed with a new supplier.
You can choose to prevent the use of your data for such marketing purposes by contacting firstname.lastname@example.org. Please note that updating your preferences with Frontline will not guarantee that you never see Frontline content on social media, as the social media site may select you based on other criteria. Objecting to processing for marketing purposes will not affect your application to or place on the Frontline programme.
Firstline, Headline and Pathways programmes only
We will collect feedback from your colleagues as part of the 360 diagnostic.
As part of the programme, you will be asked to collect feedback from your colleagues through the leadership diagnostics hosted on Lumus360. This is so we can provide you with tailored support across the programme to improve your leadership skills, to provide insight on leadership development across our programmes and to support programme evaluation. You can decide which colleagues you nominate and they can opt out of providing feedback.
When you complete one of our programmes you will automatically become part of the Fellowship. This means that we will retain some of your data after the completion of your programme in order to facilitate your transition to the Fellowship. You will receive more information when you become a fellow and existing fellows can opt out by contacting email@example.com. As a fellow we may collect some further information from you such as career destinations, professional interests, fellowship activity, mentoring notes and survey responses. We may use data collected from surveys to invite you to specific events. We sometimes film Fellowship events and will do so in line with Frontline policy ensuring consent is obtained if appropriate. We may also process data about you if it is already publicly available. Frontline also at times invites fellows to apply for certain opportunities and we will process data relating to this. To enable professional networking we may use social media sites such as Facebook Workplace and invite you to participate.
The Frontline Organisation continually conducts research and evaluation in order to improve and expand its programmes and Fellowship and contribute towards wider research into social work. We will, therefore, use your data to conduct statistical research and, if shared, it will be anonymised so that personal identifiers are removed. Frontline may have a need to collect new data from you via a survey for research purposes. If you are approached you can decline to take part and to request no further similar approaches are made to you.
On what lawful basis do we collect and process your data?
For (non-sensitive) personal data we rely on our legitimate interests.
This means that The Frontline Organisation has made a careful assessment on the most appropriate lawful means to collect and process the data. This decision is based on the following: we have identified a lawful business objective; processing is not likely to result in unwarranted harm or distress to you; the processing is in your interest; the processing would be expected by you. You can object to this processing at any time and we will no longer process your personal data unless we can demonstrate compelling legitimate or legal grounds. You should be aware that to stop processing may affect your ability to complete your application or participate in a programme or the Fellowship and if so we will explain our reasoning.
For special categories of data (sensitive data) we rely on your consent.
This includes racial or ethnic origin, political opinions, religious of philosophical beliefs, sexual orientation, mental and physical health. Your consent is also sought for processing criminal record checks we carry out. You can withdraw consent and we will inform you if this will have an impact on your application or continuing participation.
If we send you material that is explicitly for marketing purposes we shall rely on your prior consent which you can withdraw at any time. Photography or video used for marketing or publicity will also rely on your prior consent. If you register or participate in one of our programmes we apply our legitimate interest to send you our programme related information newsletters to which you can unsubscribe at any time.
Who will your information be shared with?
Whenever we share your information, we always require strict compliance with data protection legislation from the third party and we ensure appropriate controls are in place to protect it.
We share data with our programme partners to assess your eligibility and suitability, to support you whilst on the training programme, to facilitate your participation and to evaluate the programme. To help us illustrate and prove our impact we may use anonymised feedback data and include it on our website and in published or unpublished reports.
If you register for the Frontline programme we may share some of your information with attraction and/or recruitment organisations in order to follow up on the progress of your application.
If you receive a conditional offer or enrol onto the Frontline programme these are the organisations that we may share your information with:
- Local authorities
- Statutory or funding bodies e.g. the Department for Education
- Lancaster University
- Occupational Health Providers e.g. Maitland Medical
- Conference, accommodation and teaching venues, as relevant
- Frontline’s external and internal auditors.
- Trusted third parties that Frontline works with to deliver or evaluate its programmes
If you register or apply for the Frontline programme, we may share your data in an encrypted format with social media companies for the purpose of identifying other individuals who might be interested in the Frontline programme (see above). We may also share your data with our partner media agencies who may also share your data with social media companies on our behalf.
Firstline, Headline, Innovation and Pathways programmes
We share necessary data with our programme partners to facilitate your participation and to evaluate the programme.
If you obtain a place on these programmes, these are the types of organisations that we may share your information with:
- Venue providers
- External evaluators
- Statutory or funding bodies
- Local authorities
- Frontline’s external and internal auditors.
- Trusted third parties
To help us illustrate and prove our impact we may use anonymised feedback data and statistics and include it on our website and in published or unpublished reports. These reports may be shared with local authorities, statutory or funding bodies.
We may share your personal data with external parties where the data is needed for Fellowship activity but we will request your permission before doing so. To help us improve, expand and evaluate our programmes and Fellowship we may share your pseudonymised personal data with management consultancies and/or research organisations. To help us illustrate and prove our impact we may use anonymised feedback data and statistics and include it on our website and in published or unpublished reports.
Our information security policies and how we protect your data
The Frontline Organisation is certified to ISO27001 standard for managing its information security. The means we are externally audited to a recognised international standard to ensure we have in place appropriate technical and organisational measures to protect data from unauthorised access. In addition to a Data Protection Policy to which all staff must adhere to we have a number of policies to control how data is protected such as the use of encryption, security of data in transit, clear desk policy, mobile working policy, access control and password policy, information sensitivity policy, virus protection and network security.
International transfers of data
Data processors are third parties who provide elements of our services for us. We have contracts in place with our data processors some of whom are international companies. If the companies store your data within the EEA then this is deemed to provide adequate safeguards under EU law. If they do not and are not listed in an EU-approved third country list, then we follow GDPR guidance to ensure the individual processors in question have adequate safeguards to protect your data and this is formally agreed within the contract with hold with them. Below is a list or processors we use that involve international transfers and information relating to the safeguards.
Salesforce/Ambertrack/Form Assembly/Survey Monkey/Microsoft Office/Top Score
Either directly, or indirectly via the software applications we use (Form Assembly and Microsoft Office), your personal data is stored in a Salesforce database or with Microsoft. Data includes application forms, survey responses, assessment results, academic and professional data and contact management including emails. Salesforce, Form Assembly and Microsoft are international companies, but your personal data are only stored in data centres within the EU. These companies can, with our agreement, move data outside of EU data centres providing GDPR rules are followed. For example, Salesforce complies with the EU recognised US Privacy Shield and Binding Corporate Rules to legitimise international transfers. Microsoft provide inter-company Global Data Processing and Transfer Agreements, which incorporate the requirements of the GDPR and include the use of the EU Standard Contractual Clauses for transfers of data outside the EEA. These agreements facilitate the secure movement of personal data internationally whilst ensuring that all processing activities comply with the GDPR. Ambertrack and Survey Monkey are international companies and have data centres in the US (Survey Monkey also has data centres in Ireland and Canada). They are certified under and comply with the EU-US Privacy Shield.
Top score is used for the Frontline Programme assessment centres. Applicants are given log in credentials and information about them is stored in that system pertaining to applicant assessments.
If we have made a payment to you, some of your data will also be stored in Xero. Xero ensures that this data remains protected by appropriate safeguards in line with EU law.
For further safeguards information please use the following links:
We may invite participants and fellows to participate on social media sites such as Facebook Workplace or contact you through WhatsApp.
In selecting further third-party international processors in the future we will ensure that we follow the same GDPR safeguards as above and amend the online versions of this privacy statement to reflect any changes.
Frontline will follow GDPR principles regarding data minimisation both in terms of the volume of data stored on you and how long it is retained for. Personal data shall be kept for no longer than is necessary for the purposes for which it is being processed. There are some circumstances where personal data may be stored for longer periods (e.g. legal, regulatory, archiving or research purposes). The period for which the personal data is stored will be limited to a strict minimum and that time limits are established by Frontline for deletion of the records or for a periodic review.
We will therefore ensure personal data is securely disposed of when no longer needed in line with our data retention policy which is subject to periodic change.
Your rights as a data subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you providing it does not infringe the rights of others.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling.
- Right to judicial review: in the event that Frontline refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below.
In the event that you wish to make a complaint about how your personal data is being processed please contact:
Data Protection Lead
41 Brunswick Square
If you are not satisfied how your compliant is handled by Frontline you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
0303 123 1113
Make a complaint to the ICO