Aptitude Organisation CIC Privacy Notice
Who we are
We are a not-for-profit Community Interest Company that aims to empower young people and their families to improve their lifestyle and wellbeing.
We believe in the practice and values of Youth Work to engage young people in positive life changing projects which can add value to their life experiences and give them a clear focus and direction for a brighter future.
We are based in the West Midlands region, where we want to build delivery partnerships and support multi-agency work for the benefit of young people and the community.
What information we process and why
We process personal data relating to the young people we work with and their parents/carers, our staff, and our supporters and funders. Our service users include children and young people under the age of 18. We process your personal data so that we can offer services to you, and are able to work with you. Personal data about service users is processed on the basis of informed consent. Personal data about staff and funders is processed on the basis of the contract we have with you.
All data we process is in accordance with the rules as laid down in statute, including the General Data Protection Regulations, and the Data Protection Act 2018. We also follow statutory guidance as laid down in Keeping Children Safe in Education, in order to ensure that safeguarding is a primary concern for all our staff.
Personal data we process about our service users and staff will include some basic details such as names, addresses, contact details and dates of birth. It may also include special categories of data including health information, ethnicity, and religion. We will always ask you if it’s okay to record special categories of information, and you can say no without it affecting the services we provide for you, or the role you carry out for us.
We use personal data about service users to ensure that our workers fully understand who you are, the situations you are facing, and can plan effectively to provide the help and support you need.
We use personal data about our staff to ensure that we can support them in offering services to our services users, and to allow them to perform their professional roles in a secure and safe environment.
Where we rely on consent to process personal data about individuals we work with and provide services for, we ensure that we obtain that consent freely and in a positive manner. Anyone whose personal data is processed on the basis of consent can withdraw that consent easily and quickly.
Who will see your personal data?
We will only share your information with people who have a legal or operational reason to see it. For service users this could include colleagues and managers who are directly involved in planning, providing or supporting your sessions with us. If you are a young person, we may share some information with your school or place of learning, if that is appropriate and will help the school plan for your continued attendance and progress within the learning environment. If you are a young person who has been referred into one of our projects we may also share some information with the professional who referred you to our services, this may include people like social workers, family support workers…
All staff personnel files are held securely at Jubilee Crescent Community Centre, in a locked cabinet and in password protected cloud storage, which are only available to the senior management.
In certain circumstances, we may need to share information with partners including the Local Authority, Social Services or the Police. This will only be done where strictly necessary, and the information shared will be limited to what is appropriate to the specific circumstances. This could include any safeguarding concerns we have, or information we believe may indicate that a child or young person could be at risk of harm.
We share some information with our funders, in order to demonstrate to them that we are fulfilling the terms of our contract and using funds appropriately. Any data we share in this way will be fully anonymised, and it will not be possible to identify an individual client from the dataset. We may sometimes share case studies with our funders, these will be anonymised.
What data will be kept?
We are required to keep some personal data for a short period of time after we have stopped working with you, either as a service user or a colleague. Normally we will keep service user data for a maximum of two years after our last contact. After this time they will be securely destroyed.
Any personal data that we keep about our service users is securely stored on a password protected database and/or in a locked cabinet, with limited access for staff. It will not be accessed except in response to a question about what we did in that particular case. No decisions will be made about you based on this data and you will not suffer any detriment or harm by having it stored.
All staff are given a copy of the policy outlining retention periods for information on their personnel files. This includes how data is stored, who might access it, and when it will be securely destroyed. We will normally keep staff personnel files for a maximum of two years after the end of employment.
We keep an overall summary of our work and the people we have reached through our services. This information might include numbers of people we’ve worked with, how many sessions we held with them, the outcomes we achieved, and could include some additional categorisation such as gender, age and other special characteristics. This data is anonymised and does not allow us to identify individual clients.
If we share information with the other agencies around safeguarding concerns, they will keep a record of that information. We will keep our copies of that information while you are our service user and for two years after the final contact, after which point it will be securely destroyed.
The collection of this information will benefit our services by:
- Helping us to design our services to address need
- Ensuring we focus on continual improvement in the services we provide
- Ensuring we train and support our staff in the areas that matter
- Tailoring our resources to the issues that matter most to our community
How we will contact you
We will need to contact our service users, our funders and referrers and our supporters for a range of reasons. We will only contact you on relevant Aptitude business. We will use the contact details that you provide to us as our main source of communication.
Our preferred means of communicating with clients is by telephone and email. We take all due care when sending information out, to ensure that it is only seen by the intended recipients.
Seeing the information we hold about you
You can ask to see a copy of all the information we hold about you. To do this, you can write to us or email us at
Since the work we do with service users is based on consent, you can withdraw that consent at any time. If you do, then we will delete the majority of the data we hold about you, retaining only the minimum information we need for our records and for our internal administration.
If you aren’t happy with the way we use your data, or if you think that you have suffered detriment as a result of how we have used or stored your data, you can make a complaint to the Information Commissioners Office.