GDPR and Safeguarding Policy

Last updated: 27 February 2025
Next review due: 1 October 2025

This is our policy relating to personal data and safeguarding

Overarching principles

Where, in the judgement of a practitioner, a child is thought to be at risk, the practitioner must not seek the consent of any person who, if they knew that their personal data was being shared, might put the child at further risk.

Advice to practitioners on the application of this policy is available from the Data Protection Officer. Email: dataprotection@hartlepool.gov.uk or telephone 01429 523087.

Practitioners who record or pass on personal data without seeking consent, as set out above, must electronically record their decision on the LCS Social Care IT system with their reasons for dispensing with consent (which is subsequently authorised by their team manager).

Policy requirements

1. This policy is made under the requirements of the GDPR 2018, the Data Protection Act 2018 Schedule 1 Part 4 Sections 38, 39 and 40, and ‘Working Together to Safeguard Children 2023’. The policy sets out how personal data relating to safeguarding cases are to be processed.
2. This policy's next review date is 1 October 2025.
3. Personal data relating to safeguarding will be retained securely for 30 years as this is required to ensure that safeguarding casework that does not lead to a prosecution will remain available in the event of further allegations.
4. Personal data related to safeguarding must include the name and address of suspected or safeguarding offenders, the details of the alleged offences, and any other information required to minimise risk to children.
5. Any errors in the recording of personal data related to safeguarding must be corrected as soon as they are identified.
6. Personal data related to safeguarding must be processed and stored securely. All safeguarding information relating to children is stored in the LCS Social Care IT system.