Raising Resilience Privacy Policy

Raising Resilience may change the privacy policy from time to time so please check this page periodically to ensure that you are happy with any changes. By using our website, you’re agreeing to be bound by this policy.

Any questions regarding Raising Resilience's Privacy Policy and Practices should be sent via the website contact form or you can telephone 0797 9591474.

Who we are?

Raising Resilience is a partnership of two clinical psychologists. We take seriously our responsibility to protect information provided to us by schools, staff, parents and children, and are registered with the ICO (Information Commissioner’s Office). This policy aims to be compliant with the General Data Protection Regulation (GDPR) May 2018.

Why we hold data?

We gather data that we require in order to provide your school community with appropriate and relevant psychological advice, support and interventions. The Raising Resilience team will not use personal information or contact details for any other reason than providing a Clinical Psychology support and intervention service.

What data we hold?

The information that we collect includes:

Names and email addresses of key members of staff or contacts within your school.
A school profile questionnaire, this will include information regarding your school community (such age and number of pupils, number of classes, average number of pupils in a class), some information regarding your current emotional well-being support and need in school.
Financial information will be logged in our bank account. This is securely stored and held for as long as tax purposes require.
Raising Resilience use social media accounts on Twitter and Facebook in order to share examples of good practice, developments in school mental health, and dates of future events or community parent master classes. If you decide to follow us on these social media platforms then your details will be visible on our accounts.
In the process of providing interventions such as teacher talks, children's workshops, parent master classes or drop in, we may also gain information about individual children, such as their names, family members, specific emotional issues, extra support provided, and safeguarding information.

When data is shared?

All information is treated confidentially and not shared with anyone else apart from the Raising Resilience team unless safeguarding issues are raised. When working in a school we adhere to the schools own safeguarding policy and procedures and liaise closely with your safeguarding officer should we become concerned.

How do we keep data safe?

Raising Resilience is not responsible for how information is shared with them. However they recommend that any sensitive information is either sent by encrypted email or a password protected document with the password sent by a separate means. The data regarding your school that Raising Resilience holds is stored securely within password protected computers within the offices of the Clinical Psychologists, as well within a secure cloud based storage systems.

When working within schools encrypted and password protected USB sticks are used in order to protect any sensitive information, although typically such information is not necessary to carry with us.

Your data will not be used for any purpose than to provide you with a professional Clinical Psychology service. Your data is not sold onto third parties for any reason, including marketing.

This website is hosted by GoDaddy. The Go Daddy Operating Company, LLC is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Go Daddy Operating Company, LLC complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions. The website has been issued with a valid GoDaddy Secure Certificate Authority - G2 which secures the identity of remote computers and proves the identity of the website to remote computers.

How long do we retain data and how do we delete data?

Information about individual schools and staff details is held for 3 years after the end of the contract. Information about individual pupils or families (from drop ins or safeguarding situations) is held until the child's 25th birthday in line with professional guidelines in order for the child to query the service provided to them. All data will not be held for longer than necessary or required, and will be securely destroyed at the appropriate time.

What about Information and data correction?

If at any time you are concerned that the data that we hold regarding your school is incorrect, please alert us as soon as possible and corrective processes can be put into place quickly.

The use of website cookies

This website uses cookies, which are a small file of letters and numbers that are put on your computer if you agree. These cookies allow us to distinguish you from other users of the website which helps us to provide you with a good experience when you browse our website and also allows us to improve our site. The cookies we use are ‘analytical’ cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the site when they’re using it. This helps us to improve the way our website works, for example by making sure users are finding what they need easily.

If you want to delete any cookies that are already on your computer, please refer to the instructions for your file management software to locate the file or directory that stores cookies. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.

YOUR RIGHTS:

Under the General Data Protection Regulation (GDPR), you have rights as an individual which you can exercise in relation to the information we hold about you.

The right to be informed

This encompasses our obligation to provide ‘fair processing information’, typically through a privacy notice that emphasises the transparency in our data processing methods and the reasons we may process your personal data with your consent.

The right of access

This allows individuals to be aware of and verify the lawfulness of the processing.

The right to rectification

This gives individuals the right to have personal data rectified if it is inaccurate or incomplete.

The right to erasure

Also known as ‘the right to be forgotten’ this enables an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.

The right to restrict processing

This provides individuals with the right to ‘block’ or suppress processing of personal data.

The right to data portability

This permits individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without limiting usability.

The right to object

Individuals have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling).

You can read more about these rights at https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/.

Objections or Complaints

If you have questions, concerns or complaints regarding the way in which Raising Resilience handles your data then please raise this with them as soon as possible. If you are still unhappy then you can send a complaint to the Information Commissioners Office (www.ico.gov.uk) via their website.