This privacy notice and website policy explains the data we collect, where, why and how we collect it and how it is used. You should read this policy to understand the process of data collection and its use by Headway.
Interpretation and Definitions:
For the purposes of this Privacy Policy:
Company: referred to as either “Headway” “the Company”, “We”, Us “Our” in this Policy refers to Headway Education Services, 48 Park Street Brighouse HD6 1JL.
You/Service User: or equivalents including “Your”, means the individual accessing or using the service or website, or a company, or any legal entity on behalf of which such individual is accessing or using Our services or website, as applicable.
Website refers to Headway, accessible from www.tomakeprogress.co.uk.
1 What data do we collect?
We collect personal information data:
• Name(s)
• contact details including: phone number(s) email address (es) and postal address (es) for parents/carers of school-age service users
• Age/date of birth
• School year
• Current/future school or college attended/to be attended
• SEN status, including any diagnoses of SEN conditions (where applicable)
• Service user performance data (where completing any form of assessment)
• Safeguarding information (where a disclosure is made to Our staff)
• Data through cookies on visiting our website
2 How we collect data?
We collect data from:
• You/the service user (via our website contact page, initial meeting and work undertaken). • You/the parents/carers (via our website contact page and/or initial meetings).
• Schools (where a contract is in place).
We collect data through:
• Initial meetings/assessments with the service user and/or their parents/carers.
• The contact page on Our website.
• Our website cookies and the use of Google Analytics (see Our Cookies policy).
• Communication with schools where an agreed contract is in place for work to commence and relevant consents are received (where required). Please see section 4: how do We store your data for more information.
Where any service is provided to a school:
• It is the school’s responsibility to inform You (the parent/carer) of any work which We may undertake in a school setting or externally to the school site but in school time under the direction or at the request of the school, including the sharing of relevant data (where required).
• It is the responsibility of the school to seek necessary consent from You before work is undertaken (where required) and any data shared with Us.
• Schools may seek consent from you as parents/carers to provide any data to Headway where work may be undertaken as an external contactor through their organisation to ensure adequate support to the service user. This will be done in a way which satisfies GDPR legislation.
Where personal data is collected via Our Website:
• When visitors leave comments on the website We collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. • An anonymised string created from Your email address (also called a hash) may be provided to the Gravatar service to see if You are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, Your profile picture is visible to the public in the context of your comment.
3 How will we use your data?
We collect,record and store data to use for the following reasons:
• To help provide appropriate and relevant services to service users in the form of age and/or ability related intervention content.
• To support learning and provide appropriate ongoing support to service users.
• To report to the service user’s education setting (if applicable) assessment results/outcomes (where parental/carer consent is provided).
• To assess and improve the quality of Our services.
• To contact You in response to a query made, whether by telephone, email or other source or to inform You of other services We provide. We keep personally identifiable information associated with Your message, such as Your name and contact details so as to be able to track Our communications with You to provide a high-quality service.
We will share data where there is a legal obligation to do so, such as a court order or warrant, but will also do so where:
• The service user or those with parental responsibility in the case of school-age service users has requested Us to share data and provided written consent.
• It is necessary to protect/safeguard the service user, their family or others from harm (such as in an emergency).
More details regarding the above can be found in Our safeguarding policy.
4 How do we store your data?
We are committed to ensuring any data You provide and stored electronically is kept safe from loss, theft or misuse. For private service users:
• Your data is stored on secure systems, in accordance with GDPR legislation.
• Storage systems require twin authentication access.
• Electronically stored data is accessed from devices with up-to-data antivirus and firewall protection provided by McAfee.
For hard copies of data which cannot be stored on secure servers, for private service users:
• Data stored is secured by lock with the proprietor having sole access to this location.
• The location room of storage is kept locked when not otherwise being accessed by Headway staff.
Removal or deletion of data, for private service users:
• Electronically stored data is stored for the duration of any work undertaken with a service user before being safely removed unless the service user or parent/carer requests otherwise for a period of up to 6 months beyond the close of the work undertaken.
• Paper-based or hard copy data is stored for the duration of any work undertaken with a service user before being safely destroyed unless the service user or parent/carer requests otherwise for a period of up to 6 months beyond the close of the work undertaken.
• Data can be amended, changed, requested or removed, under certain conditions under Your data protection rights. Note: should You request the removal of data; this may reduce the effectiveness of Our ability to conduct work with You/the service user. Please see section 5: what are Your data protection rights for further information.
Where any service is provided to a school:
• Recording of the school’s information, such as contact details, contracts or emails will be securely stored on Headway systems. The school may also keep copies of any information and it is the school’s responsibility to store such information safely on the school’s preferred storage systems.
• Any data gathered on a service user, whether in relation to student or parents/carers, is stored securely via the school’s preferred storage systems and as such is the property of the school and remains the school’s responsibility.
• The school will make relevant provisions for Our staff to access data via an individual account or will share any relevant data in a way that acts in accordance with GDPR legislation. • At the conclusion of any contracted work with a school, any data garnered via work undertaken by Our staff will remain at the school. The school has responsibility for the storage and safe keeping of any data gathered in this way.
5 Analytics and Cookies:
Please see our Cookies Policy for further details on Our use of analytics and cookies.
6 What are your data protection rights?
We would like to make sure You are fully aware of all your data protection rights. Every service user, including children, is entitled to the following:
• The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
• The right to rectification – You have the right to request that Headway correct any information You believe is inaccurate. You also have the right to request us to complete the information You believe is incomplete.
• The right to erasure – You have the right to request that Headway erase your personal data, under certain conditions.
• The right to restrict processing – You have the right to request that Headway restrict the processing of your personal data, under certain conditions.
• The right to object to processing – You have the right to object to Headway’s processing of your personal data, under certain conditions.
• The right to data portability – You have the right to request that Headway transfer the data that we have collected to another organisation, or directly to You, under certain conditions.
It is Your responsibility to ensure that you update us on any personal information we may hold.
If You make a request, we have one month to respond to You. If you would like to exercise any of these rights, please contact Us:
Tel: 07305 893775
Email: hello@tomakeprogress.co.uk
7 Privacy policies of other websites
Our website contains links to other websites, included but not limited to, social media sites. Any external website is not governed by this privacy policy. Please read the relevant website’s privacy policy before clicking any links to external sites.
8 Updating our privacy policy
We will keep its privacy policy under regular review and can be accessed upon request. This policy was last updated in June 2020.
9 How to contact us
If You would like to discuss Our privacy policy, or exercise any of Your data rights, please don’t hesitate to contact Us:
Tel: 07305 893775
Email: hello@tomakeprogress.co.uk
10 How to contact the appropriate authority
Should You wish to make a complaint or if you feel We have not resolved your privacy concern in a satisfactory manner, You may contact the Information Commissioners Office.
Last updated: June 28th 2020