Advice enquiries and complaints privacy notice
This privacy notice is designed to help you understand how we use personal information when delivering our complaints, compliance and requests for information services. We have set out below the services types, the information we may use to deliver the services, who we may share it with, and how long we will keep it.
The services covered within this privacy notice
Contact centre customers
Assess and respond to requests for services provided by us, when you call our Contact Centre we will always ask you for your consent to register your details in our Client Management System to enable us to process your request.
If you have signed up for an account on the online portal you will be able to request services and track their progress. It is possible to access online services without creating an account, we will use your email address to contact you about any updates to your cases.
We may monitor, record, store and use any telephone, email or other communication between you and the Customer Contact Centre in order to check any instructions given to us, for training purposes, for crime prevention and to improve the quality of our customer service.
Comment or compliments
Assess and respond to comments and compliments.
Assess and respond to Children’s Social Care, Adults Social Care and Corporate complaints.
Assess and respond to Data Protection Rights requests, data protection complaints, security incidents and data breaches.
Environment information regulation requests
Assess and respond to environment information regulation requests.
Freedom of Information requests
Assess and respond to Freedom of Information requests.
Provision of support to our officers and assessment of clients exhibiting unacceptable behaviour.
Reporting a fault or requesting a service
We collect and use your personal information in order to respond to your request.
Requests for information from elected representatives
Assess and respond to requests for information from elected representatives
Information we hold about you
We only collect and use the minimum amount of personal information required when delivering a service to you. Wherever possible we use non-identifiable personal information.
The service may use some or all of the personal information provided:
- your name, address, date of birth
- visual images, personal appearance and behaviour
- national identifiers such as NHS number, National insurance number etc.
- information about your family
- details about your lifestyle and social circumstances
- financial details
- employment and education details
- details about your housing needs
- the IP address that you accessed any of our online services from
- case file information
- criminal proceedings, outcomes and sentences
- physical or mental health details
- racial or ethnic origin
- offences (including alleged offences)
- religious or other beliefs of a similar nature
- social care support outcomes
- advocacy details
- any other information you have provided in correspondence with other areas of the Council where those areas need advice, guidance or support from the Compliance and Assurance service
We get most of this information from you, but we may also get some of this data from:
- members (Councillors)*
- the Chief Executive*
- Deputy Chief Executives*
- any other Council Officer*
- any other elected representative, for example your local Councillor or MP, who you may have asked to contact us on your behalf
- any other third party/advocate you have asked us to contact on your behalf, for example, if you have asked your son/daughter or other relative to raise your complaint - we will always request your written consent to register your details in our Customer Relationship Management System to enable us to process your correspondence, and before sharing your information with third parties
- Independent Officers (IOs) or Independent Persons (IPs) commissioned by usto undertake independent investigations at stages two or three of the statutory Children’s Social Care Complaint process - IOs and IPs are required to enter into a confidentiality agreement prior to starting their investigation
- any other third party we may commission to deal with your enquiry, for example, an independent reviewer to carry out an investigation or review of services - a confidentiality agreement must be signed by the third party prior to commencing any work for us
- independent Ombudsmen, for example, the local Government and Social Care Ombudsman, the Housing Ombudsman, the Parliamentary and health services Ombudsman etc
- the Information Commissioner’s Office
- central Government agencies
- other local authorities
- health and social care providers
- police and probation services
- members of the public (referrer)
- commissioned partners and providers
- council companies
- family members
*Where they think that correspondence you have addressed to them requires logging and coordinating by the Customer Relations and Information Governance teams.
If you have signed up for an account on our online portal you will be able to submit comments, compliments and complaints online and track their progress.
It is possible to submit correspondence without creating an account but you will not have the benefit of being able to track your cases. All information received from you, whether through online submission, by email or hard copy, will be entered onto our Customer Relationship Management System and/or stored in Sharepoint or team folders in order to process your enquiry.
Why we need your information and how we use it
We use your information to:
- deliver the service, or handle your query
- plan and improve the services we offer
- detect and prevent crime or fraud
- research, however this would be in anonymised form unless we ask for your consent to use your personal information for this purpose
- evidence positive outcomes to central government funding agencies
- respond to your (or your referrer’s) enquiries
- manage unreasonable or persistent contact
Who your information may be shared with
Sometimes we may need to share your information, but we will only do so where it is necessary or required by law. We will only share the minimum information for each circumstance.
We may sometimes need to share some of your information with those listed above who we have said we may also receive your information from, including:
- health service providers including NHS agencies (GPs, hospitals, ambulance, health visitor, mental health services)
- education providers
- care providers, e.g. day care, domiciliary, residential
- Government agencies (e.g. Department of Health, Department of Work and Pensions)
- support groups for people with disabilities
- local Government
- substance misuse agencies
- advocacy services
- fire and rescue services
- prepaid card providers
- direct payment support services
- housing associations
- rechnology assistance providers
- Council companies and/or commissioned providers who may be the subject of a complaint
- other data processors acting on our behalf (in our role as data controller) to support activities, for example by providing the systems we need or delivering services on our behalf
- our case management system Firmstep and Qwest Services who maintain this system for us
- other providers
The Data Controller
We are the Data Controller for this processing.
The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment.
The lawful basis for the processing
Most of the personal information we process is provided to us directly by you, under the Data Protection Act 2018, the lawful bases we rely on for using your personal information are:
- we have a legal obligation (UK GDPR Article 6 (c)
- we need it to perform a public task (UK GDPR Article 6 (e)
When we collect data about your race, health (including biometric or genetic data), sex life, sexual orientation, ethnic origin, politics or trade union membership, we also rely on the following lawful basis:
- we need to collect it for Substantial Public Interest in order to comply with UK legislation (UK GDPR Article 9 (2) (g)
The legislation we rely on when using your personal information to meet our legal obligations or public tasks includes but is not limited to:
- The Local Government Act 1974
- The Care Act
- The Freedom of Information Act
- The Environmental Information Regulations
- The Children Act 1989 Representation Procedure (England) Regulations 2006
- The Local Authority Social Services and National Health Service Complaints (England) Regulations 2009.
Protecting your information
Your information will be securely stored on our network including relevant complaint management systems.
How long will we keep your personal information?
We will only use your personal information whilst delivering the service to you and to deal with any questions or complaints that we may receive about this, unless the law requires us to keep it for a longer period.
- Complaints - Children’s social care complaints (children in care) - 75 years
- Complaints - Children’s general complaints - 25 years
- Complaints - Routine Stage 1 and Stage 2 complaints - two years
- Complaints - Complex Stage 2 complaints and investigations - six years
- Advice and enquiries - one year
- Contact Centre Portal Registrations - three years
- Customer Satisfaction – three years
- Data Protection Rights Requests – three years
- Data Breach Complaints – three years
- FOI and EIR Requests – two years
- Routine Requests for Information – one year
- Managed Contact – one year (minimum, from date of notification – this may be extended if unreasonable/persistent contact continues)
If we need to use your information for research or reports, your information will be anonymised and any information taken from notes (hand written or typed) during any consultation sessions will be securely destroyed. The information will continue to be used in a summarised and anonymised form in any research reports or papers that are published. The anonymised information in the papers may be of historic interest and may be held in public archives indefinitely
Under data protection law, you have rights including:
- your right of access - you have the right to ask us for copies of your personal information
- your right to rectification - you have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- your right to restriction of processing - you have the right to ask us to restrict the processing of your information in certain circumstances
- your right to object to processing - you have the right to object to the processing of your personal data in certain circumstances
- your right to data portability - you have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
To make a request follow the instructions on our Data protection for you page.
How to complain if you are unhappy about how your data is used
You can complain directly to our Data Protection team online or by post.
- Online: Contact the DPO
- By post: Data Protection Officer, 4 Civic Way, Ellesmere Port, CH65 0BE
You also have the right to complain to the Information Commissioner’s Office using the following details:
Will my personal information be accessible outside the UK?
Your information is stored within the UK.