Privacy Statement for Service Users - LA funded

Privacy Statement for Aspens’ Service Users – Local Authority Funded

Aspens Charities Ltd provides care and support services to individuals who are funded by Local
Authorities. The Local Authorities are the Data Controllers in regards to their Personal Data and
Aspens is the Data Processor.

Due to the nature of our services, we hold some personal information about you. This document
explains why we have that information, how we use it, how we manage it and how we protect it. It
also sets out your rights relating to that information. A copy of this Privacy Statement will be held
in your Support Plan.

What Personal Data do we hold?
Personal Data is any information relating to an identifiable person (you) who can be directly or
indirectly identified by using this information. We currently hold the following Personal Data about
you:
1. Name
2. Address
3. Date of Birth
4. Photo identification
5. Personal email address
6. Personal telephone number – mobile and landline if both provided
7. Bank Account details
8. Next of Kin
a. Name
b. Contact telephone numbers – mobile and landline if both provided
9. National Insurance number
10. Data concerning health, personal safety and wellbeing
11. Information regarding any criminal convictions
12. Behavioural support information

Aspens also holds Special Category Data, which is processed differently. This includes data
such as:
13. race;
14. ethnic origin;
15. politics;
16. religion;
17. trade union membership;
18. genetics;
19. biometrics (where used for ID purposes);
20. health;
21. sex life; or
22. sexual orientation

Where did we get your Personal Data from?
As the Data Processor, Aspens receives your data from the Local Authority via the referral process
into our services. Aspens will then liaise with you, your family/carer and other relevant
professionals to complete your Individual Support Plan.

Aspens liaises with you, your family/carer, the Local Authority and any other named healthcare
professional to ensure that your Personal Data is kept accurate and up to date.

What is the legal basis and purpose for Aspens to hold your Personal Data?
The Personal Data we hold and process is necessary for the delivery of the care and support
services we are contracted to provide to you within your Individual Support Plan. It is also required
within the overarching Contracts for Services that Aspens are party to with the Local Authority.

What do we do with your Personal Data?

We use your data to facilitate the following elements of your service;

Meet your needs in regards to health and social wellbeing as set out in your Support Plan.
Support you to maintain your independence with paying bills, managing your finances and
any other housing-related activity if relevant.
Provide information to the Local Authority as required in the overarching Contracts for
Services.
Contact protocols in the event of a personal emergency in which your next of kin must be
contacted and to meet our statutory obligations.

Special Category Data is only used to ensure the care and support you received is personalised
to your needs and preferences. It is never used for profiling purposes.

Aspens data is categorised within our Information Assets Register. There are three categories of
data; Shared, Restricted and Confidential.

Shared information is data that is available to everyone working for Aspens.

Restricted information is data that maybe commercially, technically or otherwise sensitive and
therefore constrained to certain groups or individuals within Aspens.

Confidential information includes any data that contains personally identifiable information (PII)
and any other information that the Board wish to remain private.

Your information is classified as Restricted and available only to the staff group that are providing
your care and support and financial support.

Who else do we give access to your information and why?

As part of your support planning process, we will identify the individuals/organisations who are
involved in your care and support and confirm that you are either happy for us to share your data
with them or if you would prefer us not to. We will document this within your Individual Support
Plan.

Local Authorities
As part of our Contract for Services with the Local Authority, we are required to share information
of those individuals who are referred into our care and support services.

Healthcare Professionals

Aspens is committed to ensuring that we support you to maintain a good level of health and
wellbeing. We will share the relevant data with the named individuals and organisations within
your Individual Support Plans.

What we don’t do with your Personal Data
Aspens do not use your information for profiling or automated decision making.
Aspens do not transfer your information outside of the European Union.

How do we protect your information?
Aspens has a robust Information Security Policy to ensure that your information is kept safe in
both electronic files as well as hard copies. We also have a clear and transparent Data
Protection Policy to ensure we adhere to all legislative and regulatory requirements. A copy of
these are available on request.

The review, understanding and implementation of these policies will also be part of the induction
process for all new members of staff, regardless of their position within the organisation.

The Personal Data we hold about you has been assessed using a Data Protection Impact Analysis
(DPIA) and is logged and maintained with our Information Assets Register (IAR). The DPIA is
used to measure the potential risk of the personal information we hold relating to your freedoms
and rights as individuals and any potential impact if the information was breached or lost. By
completing the DPIA and subsequently categorising the data we hold within Aspens’ IAR, Aspens
have implemented appropriate and proportionate measures to mitigate or lower those risks.

How long do we keep your personal data?
We will retain your information for as long as we provide you with care and support services,
regularly checking to ensure that it is accurate and up to date. Due to our legal obligations as a
Care Quality Commission registered Charity and the Records Management Code of Practice for
Health and Social Care, we will retain your Personal Data for a further 6 years from when you
leave our services. Bank account and next of kin information will be deleted immediately when you
have left as this information is no longer required.

What are your Personal Data rights?
If, at any point, you believe the Personal Data we hold on you is incorrect, you want us to correct
or delete that information, or you no longer want us to hold that information or contact you, you can
exercise your rights under the current Data Protection Laws. These rights include;

The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling.

Please note, these rights are not absolute and we may not be able to delete information that is
required to maintain our business purpose, to comply with relevant legislation or that is required to
facilitate your care and support.

You also have the right to access any information we hold about you. As the Local Authority funds
your care and support, they will be the main point of contact to facilitate a Subject Access Request.
Please contact our Data Protection Officer who will provide you with the contact details of the
relevant responsible individual within the Local Authority. Aspens is committed to supporting the
Local Authority to ensure all our information is provided as you have requested.

For more information regarding your Personal Data Rights, please visit the Information
Commissioner’s Office website: https://ico.org.uk/for-organisations/guide-to-the-general-dataprotection-regulation-gdpr/individual-rights/

Who do you contact if you have an issue with the Personal Data that we hold?
Our Data Protection Officer can be contacted via email at [email protected] or by ringing 01892 822168.

How do you make a complaint about how your Personal Data is being held or processed?
Please contact our Data Protection Officer in the first instance. They will investigate ensuring that
due process is followed as set out in our Complaints Policy and Procedures.

If you are not satisfied with the response or believe we are processing your data not in accordance
with the law, you can complain directly to the Information Commissioner’s Office on 0303 1231113
or follow the instructions on their website; https://ico.org.uk/concerns/

Latest

Aspens Fest Delights Attendees with a Day of Activities and Workshops

Get a glimpse of the vibrant atmosphere at Aspens Fest, our recent Open Day in West Sussex, on this video capturing the highlights of the day. The event was a huge success, with over 200 people joining us to find out more about the services we offer and take part in lots of engaging activities and workshops.
Children's Support Worker - Welling
Aspens' Director of People Highlights Importance of Unlocking Global Talent

Jo Gouldthorpe, Director of People at Aspens, spoke to KiCA (Kent Integrated Care Alliance), on unlocking global talent in social care and why accessing two international recruitment grants has been an important step for our charity.
Rylan is running for Aspens!

Rylan, whose cousin Sarah is supported by Aspens, is putting on his running shoes and raising funds for Aspens in the London Marathon this month! Rylan tells us why running for Aspens is so important to him, how his training is going and how he was inspired to take up running to boost his fitness and health during lockdown.

Bluebell Cafe, Pembury

Come and visit Aspens' Bluebell Cafe near Pembury Village, just outside Tunbridge Wells in Kent. Our Cafe is open Monday-Friday 10am-4pm and serves hot drinks, meals and snacks. Our site also has a woodland walk, an animal farm and a children's playground.
West Sussex children and young people's service

Aspens offers children and young people with autism and related conditions access to a range of support and activities for young people aged 8-18 years living in West Sussex.
About us

A summary of Aspens, including the people the charity supports, the services provided and the areas covered. Aspens' services include those for Children and Young People, Adults and Family and Specialist Support and the charity operates in Kent, Bexley, Surrey East Sussex and West Sussex, with additional online support services available in Hampshire/Isle of Wight, Berkshire, Buckinghamshire and Oxfordshire.
Family support

Learn about the Family Support services Aspens offers to family members of people with autism, learning disabilities or associated needs. Aspens welcomes all family members: parents, siblings, grandparents or friends.
Contact us

How to contact Aspens and the locations of our central offices in Pembury, Tunbridge Wells; Battle and Littlehampton.
Roebuck enterprises

Aspens' Roebuck Enterprises Centre in Hastings, East Sussex, offers a variety of creative workshops for development and enjoyment, such as drama, baking and crafts, for adults with autism, associated needs and learning disabilities.
Pembury residences

Read about our residences at Pembury, near Tunbridge Wells in Kent.
Specialist support

Information on Aspens' specialist support service, which uses a positive behaviour support approach, how to access the services and information on the specialist support team.
About our adult services

Aspens offers a wide range of services for adults, including residential care, supported living, day opportunities and community outreach.
About our children's services

An overview of the services Aspens offers for children and young people on the autism spectrum and with learning disabilities and associated needs, and their families.

Children and Young People’s Senior Support Worker (Group Lead)

Work with young people and children aged 8-18 years with Special Education Needs and Disabilities to help develop individual skills and confidence in all aspects of daily life, including building positive relationships, activities, leisure and social skills. Read more