Trust Fostering is the fostering service run by Doncaster Children's Services Trust. At Doncaster Children’s Services Trust, the protection of your personal data is very important to us.
We’re committed to respecting and protecting your privacy by complying with UK Data Protection Law and the General Data Protection Regulation (GDPR), which came in to force on the 25 May 2018.
- What is GDPR?
In 2016, the European Union (EU) approved a new privacy regulation called the General Data Protection Regulation, commonly known as GDPR. It’s a mandatory ruling that applies to all companies that collect the data and information of EU individuals and meet certain territorial requirements. The GDPR is designed to strengthen the security and protection of personal data in the EU, as well as provide businesses with a structured framework on how to collect, process, use, and share personal data. Under the GDPR, the concept of “personal data” is very broad, and covers almost any information relating to a specific individual
- What does the Trust do with my data?
This page explains how we look after and protect your personal information. This includes what you tell us about yourself, also about what information we use, share and keep. It applies to anything that written on paper, by telephone or electronically – such as emails – by Trust staff or any of our partners or contractors.
- About us:
Doncaster Children’s Services Trust is focused on keeping children and young people safe and well, and helping them to achieve their potential.
Our areas of work include child protection, services for children in need and children in care, services to children who have left care, family support to families, fostering and adoption services, family group conferencing, family time contact services, advocacy and children's home.
At any one time, we work with around three and half thousand children, young people and their families.
Our work is guided by a number of specific laws, including the Children Act 1989 and 2004, Children and Social Work Act 2017, Children and Families Act 2014 and wider laws that apply to rights of all individuals.
The Trust is registered as a data controller under Data Protection Law (registration number ZA076349) because we collect and process personal information about you and use this to provide and manage our services.
We have a Data Protection Officer who makes sure we respect your rights and follow the law at all times. If you have any concerns or questions about how we look after your personal information, please visit our website or contact the Data Protection
Officer by calling 01302 735 954 or emailing DCSTDPO@dcstrust.co.uk
- What is personal information?
Personal information can be anything that identifies or relates to a living person. This can include information that when put together with other information can then identify a person. For example, this could be your name and contact details.
We use many different kinds of personal information, and group them together like this.
Type of personal information Description Contact details Where you live and how to contact you Transactional Details about payments to you Contractual Details about the services we provide for you Behavioural Details about how you use our services Communications What we learn about you from letter, emails and conversations between us Documentary Data Details about you that is stored in documents in different formats, or copies of them. This could include things like your passport, driver’s license, or birth certificate. Special types of data (Some information is ‘special’ and needs more protection due to its sensitivity. It’s often information you would not want widely known and is very personal to you)
We will only collect and use these types of data if the law allows us to do so, these include:
- sexuality and sexual health
- religious or philosophical beliefs
- physical or mental health
- trade union membership
- political opinion
- genetic/biometric data
Specific details Any permissions, consents, or preferences that you give us. National Identifier A number or code given to you by a government to identify who you are, such as your National Insurance Number
- Where do we collect your personal information from?
Our work is focused on making sure every child and young person is kept safe and well, in an environment that supports them to grow up healthy and thrive.
To help us to provide the best support, we often collect data from families we are working with. There are also times when we need to ask other services that work you for information – such as health, GPs, police, schools, local authorities.
The data you give to us:
- When you talk to us on the phone, in one of our offices or when we visit you
- When you use our websites or mobile device apps
- In emails and letters
- In customer surveys
- Through payment and transaction information
Data may also be given to us from other organisations we work with:
- Doncaster Council and associated trusts
- South Yorkshire Emergency services
- Government and law enforcement agencies
- Medical practitioners – such as GPs, Dentist etc.
- So…why do we need your personal information?
This is your information, so why do we need it?
We may need to use some information about you to:
- Deliver a range of services and support to you such as:
- Investigating any worries or complaints you have
- Train and manage our teams who deliver those services
- Contact you in your preferred format e.g. by post, email, telephone etc.
- Understand your needs better to provide the services that you request
- Keep your records up to date
- Ask for your feedback about our services
- Help build up a record of how we deliver our services across the organisation and plan / improve future services
- Comply with legal obligations to our funding bodies and to local and national government
- Keep track of our spending on services.
- What happens if you don’t want to give us your information?
We will always have a legal reason to collect, use and process your information and you can talk to us about any concerns you have about this at any time.
- How the law allows us to use your personal information?
There are a number of legal reasons why we need to collect and use your personal information. Generally, we collect and use personal information where:
- You, or your legal representative, have given consent
- You have entered into a contract with us
- It is necessary to perform our statutory duties
- It is necessary to protect someone in an emergency
- It is required by law
- You have made your information publicly available
- It is to the benefit of the public or society as a whole
- It is necessary to protect public health
- We will only ask you for the information we need and will always use it appropriately.
Where we can, we will only collect and use personal information if we need it to deliver a service or meet a requirement. We will always make sure the information we ask for is relevant and collected at the right time, for the right purpose.
If we don’t need your personal information we’ll either keep your information anonymous or we won’t ask you for it. For example, in a survey we may not need your contact details, we may only be collecting your survey responses to help shape or improve our services.
If we use your personal information for research and analysis, we’ll always keep you anonymous.
We DO NOT sell your personal information to anyone else.
- What YOU can ask US to do with YOUR information
The law gives you a number of rights to control what personal information is given to us and how it is used by us.
All of your rights are listed over the next few pages and if you have any queries about access to your information, or if you would like to see any of your personal information, please contact:
Data Protection Officer
Doncaster Children’s Services Trust
Floor 2, The Blue Building,
38 High Street,
Or you can contact them by telephone on 01302 735 954 or by emailing
If you make a request to us about the personal information we hold about you this must be made in writing and we have 1 month to complete your request.
- You can ask us for access to the information we hold on you
We would normally expect to share what we record about you with you whenever we assess your needs or provide you with services. However, you also have the right to ask for all the information we have about you and the services you receive from us all at once. This is called a Subject Access Request.
When we receive a request from you in writing, we must give you access to everything we’ve recorded about you. However, we can’t let you see any parts of your record which may contain:
- Confidential information or images of other people; or
- We have received legal advice that to give out this information it will cause serious harm to you or someone else’s physical or mental wellbeing; or
- If we think that giving you the information may stop us from preventing or detecting a crime.
This applies to personal information that is in both paper and electronic records. If you ask us, we can also let another named individual see your record (except if one of the points above applies).
If you can’t ask in writing for your records, we’ll make sure there are other ways that we can help you access this information.
- You can ask us to change information you think is inaccurate
You should let us know if you disagree with the information we hold for you. (For example, we might have the wrong email address for you or our records said that you live at ‘62 Smith Street’, when in fact you live at ‘622 Smith Street’).
We may not always be able to change or remove information as you request, but we’ll always correct factual inaccuracies and may include your comments in the record to show that you disagree with others that we can’t change.
- You can ask us to delete information (this is called your right to be forgotten or right to erasure)
In some circumstances you can ask for your personal information to be deleted, for example:
- Where your personal information is no longer needed for the reason it was collected in the first place
- Where you have removed your consent for us to use your information and where there is no other legal reason for us to use it
- Where there is no legal reason for the use of your information.
Where your personal information has been shared with others (such as a contractor), we’ll take every step to make sure those using your personal information comply with your request for erasure.
Please note that we can’t delete your information where:
- We are required to have it by law
- It is used for freedom of expression
- It is for public health purposes
- It is for, scientific or historical research, or statistical purposes where it would make information unusable
- It is necessary for legal claims.
- You can ask us to limit what we use your personal data for
You have the right to ask us to limit or restrict what we use your personal information for where:
- You have identified inaccurate information, and have informed us of this and are waiting for us to change it
- Where we have no legal reason to use that information but you want to restrict what we use it for rather than erase the information altogether.
Where restriction of use has been granted, we’ll inform you before we intend to use your personal information for any reason.
You have the right to ask us to stop using your personal information to deliver any of our services. However, if this request is approved this may cause delays or prevent us delivering that service in the future if you need us.
Where possible we’ll seek to comply with your request, but we may need to hold your information and use it because we are required to by law.
- You can ask to have your information moved to another provider (this is called ‘data portability’)
You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. This is called ‘data portability’.
However this only applies if we are using your personal information with consent and if decisions were made by a computer and not a human being.
Data portability won’t apply to most of the services you receive from us as we don’t use computers to make automated decisions about you.
You also have the right to object if you are being ‘profiled’. Profiling is where decisions are made about you based on certain things in your personal information, e.g. your health conditions.
If you have concerns regarding automated decision making, or profiling, please contact our Data Protection Officer who’ll be able to advise you about how we use your information.
- Who do we share your information with?
We use a range of organisations to supply us with systems to either store personal information or other organisations such as contractors help deliver our services to you.
Wherever we share information with someone else there is always an agreement in place to make sure that the organisation complies with data protection law. We will complete a privacy impact assessment before we share personal information to make sure we protect your privacy and comply with the law.
Sometimes we have a legal duty to provide personal information to other organisations some of which include:
- If a court orders that we provide the information; and
- If someone is taken into care under mental health law.
We may also share your personal information when we feel there’s a good reason that’s more important than protecting your privacy. This doesn’t happen often, but we may share your information:
- In order to find and stop crime and fraud; or
- If there are serious risks to the public, our staff or to other professionals; or
- To protect a child; or
- To protect adults who are thought to be at risk, for example if they are frail, confused or cannot understand what is happening to them.
For all of these reasons the risk must be serious before we can override your right to privacy.
If we are worried about your physical safety or feel we need to take action to protect you from being harmed in other ways, we’ll discuss this with you and, if possible, get your permission to tell others about your situation before doing so. However, we may still share your information if we believe the risk to others is serious enough to do so.
- How do we protect your information?
We have rigorous measures, policies and procedures in place to ensure the information you give us will not be seen or shared with anyone who does not need to see it in order to provide our services to you.
We will always do what we can to make sure we hold records about you (on paper and electronically) in a secure way, and we’ll only make them available to those who have a right to see them.
Examples of our security include:
- Encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as passwords. This is done with a secret code or what’s called a ‘cypher’. The hidden information is said to then be ‘encrypted’
- Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
- Training for our staff on a yearly basis allows us to make them aware of how to handle information and how and when to report when something goes wrong
- Regular testing of our technology and ways of working including keeping up to date on the latest security updates to minimise the risks from a ‘cyber-attack’
- How long do we keep your personal information?
There’s often a legal reason for keeping your personal information for a set period of time, we try to include all of these in our retention schedule.
For each service the schedule lists how long your information may be kept for. This ranges from months to decades depending on the nature of the information.
There are specific rules regarding record keeping for fostering information. You can read more about these here.
- Where can I get advice?
If you have any worries or questions about how your personal information is handled please visit our website or contact our Data Protection Officer, Nina Lindsay, at DCSTDPO@dcstrust.co.uk or by calling 01302 735954.
For independent advice about data protection, you can also contact the Information Commissioner’s Office (ICO) at:
Information Commissioner's Office
Tel: 0303 123 1113 (local rate)
How we use your information when you visit us on our website
To make this website easier to use, we sometimes place small text files on your device (for example your iPad or laptop) called cookies. Most big websites do this too.
They improve things by:
- Remembering the things you’ve chosen while on our website, so you don’t have to keep re-entering them whenever you visit a new page
- Remembering data you’ve given (for example, your address) so you don’t need to keep entering it
- Measuring how you use the website so we can make sure it meets your needs.
Our cookies aren’t used to identify you personally. They’re just here to make the site work better for you. You can manage and/or delete these files as you wish. The cookies and personal data we collect can be found here.
To learn more about cookies and how to manage them, visit www.AboutCookies.org
- Turning off cookies
You can stop cookies being downloaded on to your computer or other device by selecting the appropriate settings on your browser. If you do this you may not be able to use the full functionality of our website.
- Search Engine
Our website search and decision notice is search is powered by Drupal. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by the Trust or any third party.
- People who contact us via social media
We use a third party provider, Tweet Deck to manage our Twitter interactions.
If you send us a private or direct message via social media the message will be stored by Tweet Deck for three months. It will not be shared with any other organisation.
- People who email us
We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.