PRIVACY POLICY

Who we are?

DBE Services School Improvement

Our ethos at DBE is one of partnership. We are here to ‘serve our schools and young people’ and have been doing so in supporting buildings development and capital projects for over 15 years.

For the first time in April 2020 we extended that to include a School Improvement SLA for primary schools (community, church aided and voluntary controlled schools).

Our services are open to ALL schools. We have a very strong link with the Diocese of Blackburn and other CE Dioceses in the North of England but we also work with faith schools in local Catholic Dioceses and community schools in seven different Local Authority areas.

If you have any questions or would like to find out more visit our Contact Us page.

Our website address is: https://dbeservices.co.uk/school-improvement/

This privacy policy sets out how DBE Services School Improvement uses and protects any information that you give DBE when you use this website or engage with us in any way.

DBE Services is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement.

DBE Services may change this policy from time to time by updating this page. You should check this page periodically to ensure that you are happy with any changes. This policy if effective from April 2020.

What personal data we collect and why we collect it

Below is a list of the different ways we collect personal data and why we collect it.

Media

Occasionally we may ask you to submit images to DBE Services School Improvement, specifically for resources or courses. These images are retained in a secure location and are not shared with anybody. You have the right to withdraw permission for us to hold these images at any time. We will always inform you of how and why specific images are being requested at the time of upload, as well as its intended use and storage information. Visitors to the website can download and extract any location data from images on the website.

Forms (Booking/Inquiries)

To book on to any of the courses or services provided by DBE Services, plus other activities that require us to collect contact information about you, you will need to complete a  booking form or e-mail. The information collected from these forms is not shared with any third parties, they are stored in secure locations using SharePoint and each individual form will declare how and why we will use the information you provide.

Cookies

This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers

Purchases

If you purchase a service from DBE Services, the information gathered will only be used to process payment via invoice and to deliver the service to you. All payments are processed between ourselves and our sister company, Blackburn Diocese Board of Finance.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

DBE Services uses Google Analytics to monitor user activity on https://dbeservices.co.uk/school-improvement/  The information collected is used to enhance your website experience, by monitoring which pages are being visited we can make sure we continue to provide quality resources and content along with making sure they are in locations you can find them. DBE Services does not store personal information from Google Analytics. You can opt out at any time from analytic tracking from this, and any other website, by using the Google Browser Plug-In which you can download here. 

How long we retain your data

Data is retrained in accordance with the DBE Services retention policy which may be altered from time to time.

Data will be retained for 24 months after the service ends.

What rights you have over your data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

  • You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us.
  • You can request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
  • The right to withdraw your consent to the processing at any time.
  • The right, where there is a dispute in relation to the accuracy or processing of your persona data, to request a restriction is place on further processing.
  • The right to lodge a complaint with the Information Commissioner’s Office.

Further Processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

Your contact information

Data Protection Officer for DBE Services Ltd is the CEO – Rev Peter Ballard

Contact Details:

Rev Peter Ballard
e-mail: peter@dbeservices.co.uk
DBE Services Limited
Diocesan Offices
Clayton House
Walker Office Park
Blackburn,
BB1 2QE

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.

You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee will be payable. If you would like a copy of the information held on you please write to email address above.

If you believe that any information we are holding on you is incorrect or incomplete, email us as soon as possible at the above address. We will promptly correct any information found to be incorrect. Alternatively, you can contact the Information Commissioners Office on 0303 123 1113
or via email http://ico.org.uk/global/contact-us/email/
or at the Information Comissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Additional information

Data security

DBE Services takes the security of HR-related personal data seriously. DBE Services has internal policies and controls in place to protect personal data against loss, accidental destruction, misuse or disclosure, and to ensure that data is not accessed, except by employees in the proper performance of their duties. Where DBE Services engages third parties to process personal data on its behalf, such parties do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and DBE SERVICES measures to ensure the security of data.

Impact assessments

Some of the processing that DBE Services carries out may result in risks to privacy. Where processing would result in a high risk to individual’s rights and freedoms, DBE Services will carry out a data protection impact assessment to determine the necessity and proportionality of processing. This will include considering the purposes for which the activity is carried out, the risks for individuals and the measures that can be put in place to mitigate those risks.

Data breaches

If DBE Services discovers that there has been a breach of HR-related personal data that poses a risk to the rights and freedoms of individuals, it will report it to the Information Commissioner within 72 hours of discovery. DBE Services will record all data breaches regardless of their effect.

If the breach is likely to result in a high risk to the rights and freedoms of individuals, it will tell affected individuals that there has been a breach and provide them with information about its likely consequences and the mitigation measures it has taken. If an individual is informed of a breach the Information Commission must also be informed.

International data transfers

DBE Services will not transfer HR-related personal data to countries outside the EEA.

Individual responsibilities

Individuals are responsible for helping DBE Services keep their personal data up to date. Individuals should change their record with their new personal data.

Individuals may have access to the personal data of other individuals in the course of their employment, contract, volunteer period or apprenticeship. Where this is the case, DBE Services relies on individuals to help meet its data protection obligations to staff and others.

Individuals who have access to personal data are required:

  • to access only data that they have authority to access and only for authorised purposes;
  • not to disclose data except to individuals (whether inside or outside DBE Services) who have appropriate authorisation;
  • to keep data secure (for example by complying with rules on access to premises, computer access, including password protection, and secure file storage and destruction);
  • not to remove personal data, or devices containing or that can be used to access personal data, from the DBE Services premises without adopting appropriate security measures. Only encrypted devices may be removed from the premises
  • not to store personal data on local drives or on personal devices that are used for work purposes; and
  • immediately to report data breaches of which they become aware to Peter Ballard the data privacy officer.

Failure to observe these requirements may be a disciplinary offence, which will be dealt with under the DBE Services’ disciplinary procedure. Significant or deliberate breaches of this policy, such as accessing employee or service user data without authorisation or a legitimate reason to do so, may constitute gross misconduct and could lead to dismissal without notice.

On the termination of the employee’s employment, the employee will return to the organisation all items of company property of which he/she is in possession, including:

  • documents (hard-copy and electronic);
  • books;
  • hardware;
  • office equipment;
  • keys;
  • security passes; and
  • any other property belonging to the organisation.

The employee must return all company property no later than the last working day of employment.  The employee also undertakes to return to the organisation any company property that may come into his/her possession or control after the termination of his/her employment.

Training

Individuals whose roles require regular access to personal data, or who are responsible for implementing this policy or responding to subject access requests under this policy, will receive additional training to help them understand their duties and how to comply with them.