Child Protection and Independent Review Officer (IRO)

This notice explains what personal data (information) we hold about you, how we collect it, how we use it and how we may share information that we hold about you in order to deliver our services. We are required to give you this information under data protection law. Northamptonshire Children's Trust is committed to protecting your privacy when you use our services. The Privacy Notice below explains how we use information about you and how we protect your privacy.

Northamptonshire Children's Trust complies with data protection legislation (the Data Protection Act 2018 and the General Data Protection Regulation (GDPR) and is registered as a 'Data Controller' (Reg. No ZA781861).

Who we are

Northamptonshire Children's Trust provides services on behalf of Northamptonshire County Council in the following areas:

  • Adoption and Fostering
  • Help and Protection for Children
  • Early Help and Targeted Prevention
  • Special Educational Needs and Disability
  • Youth Offending Service in a partnership arrangement.

The Independent Review Officer (IRO) service is a statutory service that ensures that all children in the care of Northamptonshire County Council have their care plans independently reviewed and their progress monitored by independent reviewing officers. This is a statutory function.

A Child Protection Conference is held when concerns of significant harm are substantiated and the child is judged to be suffering, or likely to suffer, significant harm.

What personal information do we collect to deliver this service?

We will collect the following personal information (these lists are not exhaustive):

  • personal information such as your name, address, contact details, date of birth
  • special category information such as ethnicity, religion, mental health information, offences & allegations
  • family details, relationships, history
  • social care history and case records
  • education and school information
  • other assigned practitioners or services
  • EHC Plan
  • SEND details
  • Pupil Premium details
  • visual images, behaviours

We will also seek personal information from other sources including:

  • Northamptonshire County Council Departments
  • NHS
  • your GP in regard to your health
  • Agencies that you have received a service from (if applicable)
  • police
  • other Local Authorities
  • school

How we collect this information

We collect personal information in the following ways:

  • face to face
  • secure records databases managed by NCC
  • referral from professional
  • telephone
  • email

How your personal information is stored

We hold data securely for the set amount of time detailed in our records Retention Schedule. For more information in regards to this and how we keep your information safe please check our Records retention schedule.

Purposes of collecting this personal information

  • Assessments
  • Case closure
  • Prevention and detection of crime or fraud
  • Service delivery
  • Service improvement
  • Service planning and research

How we use this personal information

  • to independently review the care plans of children and young people
  • to monitor the progress of children and young people
  • to compile information for consideration at Child Protection

How long your personal information is held for

Information which you have provided will be stored securely in line with the retention periods shown below after which time it is archived or securely destroyed, unless we are required by law to retain records for longer than the stated retention period. The information will only be used for the purposes stated when it was collected. Information will not be sold, rented or provided to anyone else, or used for any other purpose than that for which it was originally collected unless required to by law.

Category of informationRetention period
All records relating to fostered children75 years
All records relating to adopted children100 years
All records relating to the application for a Child Safety Order and all actions following on from the approval of the OrderRetain from date of application for 3 years
All records relating to the creation and management of Child Protection OrdersRetain from date of birth of child for 75 years
Allegation of a child protection nature against a member of staff working at a school, including where the allegation is unfoundedRetain from date of the allegation for 10 years
Child Protection case filesRetain from date of birth of child for 40 years
Child Protection registerPermanent
Register of offenders who pose a risk to childrenRetain from date of sentence for 10 years
All records relating to child death reviewsRetain from date of report for 15 years
All records relating to serious case reviews including the final reportRetain from date of report for 15 years

What is the legal basis for the collection and use of your personal information?

We collect and use your personal information in order to:

  • perform a Statutory Duty
  • perform a Regulatory Duty
  • to enable service delivery
  • to enable official reporting

The legal bases that govern and direct our service delivery are as follows:

  • Children Act 1989 and 2004
  • Children and Families Act 2014
  • Children and Social Work Act 2017
  • Safeguarding Vulnerable Groups Act 2006
  • Education Act 2002
  • Adoption and children Act 2002
  • Children and Adoption Act 2006
  • Children and Young Persons Act 2008
  • Female Genital Mutilation Act 2003
  • Borders, Citizens and Immigration Act 2009
  • Crime and Disorder Act 1988    
  • Corporate Manslaughter and Corporate Homicide Act 2007
  • Apprenticeships, Skills, Children and Learning Act 2009
  • Education Act 2011
  • Working Together to Safeguard Children (2018)

Who we may share your information with

If required we will share your information with Northamptonshire County Council (NCC) that commissions the Northamptonshire Children's Trust. 

We may also share your information with the following organisations (this list is not exhaustive):

  • Advocates
  • NHS
  • Border Control
  • Childcare Providers
  • Schools
  • District and Borough Councils
  • Housing Agencies
  • Local Authorities
  • Other health providers
  • Judicial Agencies
  • Ofsted
  • Police
  • Probation
  • Partner Organisations
  • Residential Care Providers
  • Substance Services
  • Voluntary and third sector providers
  • Youth Offending Service

Why do we share this information?

In order for the Safeguarding and Child Protection service to fully carry out its legal duties and to deliver its service it is a necessary requirement to share this information.

We will share personal information with law enforcement or other authorities if required by applicable law.

Your rights

Under GDPR you have rights which you can exercise free of charge which allow you to:

  • know what we are doing with your information and why we are doing it
  • ask to see what information we hold about you (subject access request)
  • ask us to correct any mistakes in the information we hold about you
  • object to direct marketing
  • make a complaint to the Information Commissioners Office
  • withdraw consent at any time (if applicable as this will not be possible in certain circumstances)

Depending on our reason for using your information you may also be entitled to:

  • ask us to delete information we hold about you (if applicable) have your information transferred electronically to yourself or to another organisation
  • object to decisions being made that significantly affect you
  • object to how we are using your information
  • stop us using your information in certain ways

We will always seek to comply with your request however we may be required to hold or use your information to comply with legal duties which will override the requirements of the GDPR. Please note, your request may delay or prevent us delivering a service to you.

For further information about your rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioners Office (ICO) on individuals' rights under GDPR.

We are required under Section 6 of the Audit Commission Act 1998 to participate in the National Fraud Initiative data matching exercise. The data held will be used for cross-system and cross authority comparison for the prevention and detection of fraud. For further information see the National Fraud Initiative webpage.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Requesting access to your personal information

Under data protection legislation, parents, carers and children have the right to request access to information that we hold on them. To make a request for your personal information please contact:

FOI/Data Protection Team
Northamptonshire County Council
One Angel Square


Phone: 01604 368 360

If you have a concern about the way we are collecting or using your personal information, you should raise your concern with us in the first instance. GDPR also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted on 03031 231 113. Or see the ICO Website for further details.

Contact us

If you would like to discuss anything in this Privacy Notice please contact:

Data Protection Officer
Northamptonshire Children's Trust
One Angel Square