Privacy notice for children and young people

We have a wide range of responsibilities in respect of children and young people. We work with third parties, including, but not limited to, central government, education providers, the NHS and the voluntary sector. We also hold information on children and their families to whom we provide a service, in order to help us support you in the best way possible.

The legal basis for holding and processing this information is that it relates to a statutory (legal) function or public task. Where that is not the case, we will seek consent before processing personal information about a young person and/or their family.

We collect information about children/young people and families, who receive a service from us to enable us to carry out specific functions for which we are responsible for, including:

  • providing appropriate support and care to children/young people and families
  • collating statistics which inform decisions such as funding/provision of services, admissions/exclusions to/from schools
  • assessing performance and setting targets to maintained schools
  • auditing how well our services are meeting the needs of children/young people and families
  • assessing level of financial support required, for example, free school meals and early years funding
  • promoting welfare, safeguarding, health and wellbeing for children/young people
  • assessing how well our children's services team is performing
  • assessing/improving finance and individual service planning
  • ethnicity and disability monitoring

Find out about the data collection requirements placed on us by the Department for Education (DfE)(link opens in new window)

To enable the children's services team to provide you with the relevant service, it is necessary for us to collect information about you and your family. The types of information we collect include:

  • name, date of birth, address and contact details
  • identifiers such as National insurance number and NHS number
  • ethnic group, home circumstances, language and health information
  • national curriculum assessment results
  • school attendance/exclusion information
  • details of any special educational needs for young people
  • relevant medical information for young people/parents/carers – only where appropriate for example special educational needs or disability
  • physical or mental health
  • any additional personal information that is necessary to enable us to provide you with the correct service. In some circumstances this may require us to hold information on adults within the family (we may, in some circumstances, also check what previous services have been offered to you and your family)

Basis for processing

We must have legal justification for using the information and, where we are required to share without consent of the individual, we rely on the following:

  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  • processing is necessary for compliance with a legal obligation to which the controller is subject

Keeping your information safe

We’ll do what we can to ensure we hold records about you (on paper and electronically) in a secure way, and we’ll only make them available to those who have a right to see them. Examples of our security include:

  • encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or what’s called a ‘cypher’. The hidden information is said to then be ‘encrypted’
  • pseudonymization, meaning that we’ll use a different name so we can hide parts of your personal information from view. This means that someone outside of the council could work on your information for us without ever knowing it was yours
  • controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
  • training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong
  • regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches)

You can find more details of our information security expectations by referring to our range of policies on the information governance pages of our website

Why we share

We share data that we (including children's services) have gathered in line with our duties to:

  • comply with a public task or legal obligation
  • use for the prevention or detection of a crime
  • allow a partner organisation to act on behalf of children's services
  • safeguard individuals

Who we share with

We routinely share information with:

  • the Department for Education (DfE) on a statutory basis under the Education Regulations 2013
  • public and government agencies including The Ministry of Housing, Communities and Local Government (MHCLG) and the Department of Works and Pensions (DWP)
  • commissioned services
  • education providers including maintained schools, academies and free schools
  • our other teams including Family Meeting, Advocacy and Mediation Services
  • health services including health visitors, GPs, consultants, hospitals and school nurses
  • police
  • Probation Service
  • youth offending services
  • children's centres
  • mental health services
  • drug and alcohol agencies
  • housing agencies

Data about children and young people who are, or have been, looked after by the Council is also shared as part of the East of England Region-Wide Sufficiency Analysis. Councils from across the region will share data with two companies, Social Finance and the Commissioning Alliance, who will produce analysis to better inform service planning and commissioning.

The data shared will be pseudonymised. This means that any information, such as name or postcode, which could be used to identify an individual will be removed from the data. Individuals will be identified by a unique code but only our staff will have access to the systems needed to re-identify individuals using this code.

The information shared will be a pseudonymised copy of the SSDA903 return that we are obliged to share with the DfE. Further details can be found at Children looked after return 2022 to 2023: guide – GOV.UK (

The project is being funded by the government’s Data Accelerator Fund, details of which can be found at Vulnerable children and families better supported through new data sharing projects – GOV.UK (

Please see our general Data Protection and Privacy Notice for details of:

  • transfers to a third country and safeguards in place
  • how we keep your information 

Your rights

You have several rights regarding your personal data:

  • right to be informed
  • right of access
  • right to rectification
  • right to erasure/to be forgotten
  • right to restrict processing
  • right to data portability
  • right to object
  • rights in relation to automated decision making and profiling

More information about your rights and how to contact the council to impose those rights can be found in our privacy statement

When you provide the above information to Central Bedfordshire Council, we will be a data controller of that information.

If you wish to contact us in relation to how your data is handled, please call or email us:

Telephone: 0300 300 5765