What information do we collect?
As part of our volunteer recruitment process, we process information about you that includes, your name, address, date of birth, email address, telephone number, details of your qualifications, skills, experience and employment history and whether or not you have a disability for which the organisation needs to make reasonable adjustments during the volunteer recruitment process.
We may collect this information in a variety of ways, for example, application forms, CV’s, your identity documents or data collected through interview or training
We will also collect personal data about you from third parties, such as references and information from criminal records checks when applicable to the role. We will seek information from third parties only following a successful interview and we will inform you that we are doing so. We will only ever seek references where we have your consent to do so.
Why do we collect this information?
The organisation has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from volunteer applicants allows the organisation to manage the recruitment process and assess and confirm suitability for volunteering. The volunteer mentor service is obliged to seek information about criminal convictions and offences. We do this because it is necessary for us to carry out our safeguarding obligations and exercise specific rights in relation to your volunteer role. This processing is necessary for Flintshire County Council to take specific steps before accepting your offer to volunteer.
Who has access to your information?
Your information may be shared internally for the purposes of the recruitment exercise. This includes members of children’s services and HR and IT staff, if access to the data is necessary for the performance of their roles. Externally, we share your information with a disclosure and barring service check provider to obtain necessary criminal records checks that are applicable to the role and with any third party agencies in relation to any safeguarding concerns.
How do we store this information and protect your data?
The information we collect will be stored in email and IT systems and paper records. Restricted access to folders, password protection, and server security protects data kept in digital format; paper records are secured in locked filing cabinets in locked buildings to which access is limited to FCC employees.
How long do we keep your data?
If your application is unsuccessful or you decide not to progress the organisation will hold your data on file for six months after date of interview or your withdrawal from the service. At the end of that period, or if you withdraw your consent for the organisation to hold your data during this time, your data will be deleted or destroyed. Once you commence your volunteering, the periods for which your data will be held will be provided to you in a new privacy notice.
Who do we share your information with?
We use a range of organisations to help us deliver our services, where we have these arrangements there is always an agreement in place to make sure that those organisations comply with data protection law.
We sometimes have a legal duty to share personal data with other organisations.
This is often at the request of the courts when:
- We take a child into care
- We are ordered by the courts to provide the information
- Someone is taken into care under mental health law
We may need to share your personal data when we feel there’s a reason that’s more important than protecting your privacy:
- In order to detect and prevent crime
- If there are serious risks to members of the public, our staff or to other professionals
- To protect a child or adult who are thought to be at risk
For all the reasons above, the risk must be serious before we can override your right to privacy.
Transferring data outside the European Economic Area (EEA)
The Council will only transfer personal data outside of the EEA in compliance with Chapter V of the General Data Protection Regulation. Transfers may be made where the Commission has decided that a third country (a country outside the EEA), a territory or one or more specific sectors in the third country, or an international organisation ensures and can demonstrate that individual’s rights are protected by adequate safeguards.
We may store your personal information using European Union based cloud providers, but only where a data processing agreement is in place that complies with obligations equivalent to those of the General Data Protection Regulation.
We have a Data Protection Officer who makes sure we respect your rights and comply with the law. If you have any concerns about how we look after your personal data please contact the Data Protection Officer at dataprotectionofficer@flintshire.gov.uk
This information should be read in conjunction with the Council’s corporate privacy notice published at:
http://www.flintshire.gov.uk/en/Resident/Contact-Us/Privacy-Notice.aspx