Menu
Home Finance, performance and legal Privacy Notice – Special Educational Needs and Disabilities (SEND)

Privacy Notice – Special Educational Needs and Disabilities (SEND)

What we do with your personal data

Introduction

Data Controller – Somerset Council – ICO Registration Z5957592

Data Protection Officer Contact – informationgovernance@somerset.gov.uk

The Special Educational Needs and Disabilities (SEND) service is responsible for carrying out duties under the Children and Families Act 2014 in relation to all aspects of SEND . This includes early identification and assessment, statutory assessment processes, and the ongoing monitoring of children and young people who have Education, Health and Care (EHC) Plans. We work in a co-ordinated way with other children and young people’s services in Somerset Council and with partner organisations to ensure we deliver the best possible outcomes for children and young people with SEND in Somerset. In order to do this, it is necessary for the Council to process personal data relating to children and young people with special educational needs and disabilities and their parents. The information we collect will usually include:

  • Personal information (such as name, address, contact details, date of birth, parent or carer names and contact details, gender, unique identification number, for example NHS Number)
  • Details of Special Educational Needs or Disabilities
  • Ethnicity
  • Information about physical or mental health
  • Information about family circumstances

Purpose for processing

We use your personal information to:

  • Identify and clarify your child’s SEND needs
  • Identify the support your child needs to help them to achieve their outcomes
  • Make decisions about whether to conduct a statutory needs assessment or issue an Education, Health and Care (EHC) Plan
  • Make decisions about the content of an Education, Health and Care Plan including outcomes, provision and placement
  • Support the ongoing monitoring of the provision specified in an Education, Health and Care Plan where one is issued
  • Inform Education, Health and Care Plan annual review and monitor your child’s progress
  • Support disagreement resolution or mediation processes and processes relating to appeals to the Special Educational Need and Disability Tribunal (SENDT)
  • Enable co-ordinated partnership working with other teams and organisations who can support your child
  • Evaluate and quality assure the services we provide and analyse provision and outcomes to support future service improvement and commissioning

Legal basis for processing

We rely on the following provisions of the General Data Protection Regulation (GDPR) as the lawful bases for processing your personal data:

  • Article 6 1(c) – Legal obligation
    Somerset Council has a legal obligation to provide a number of functions and services and it is necessary to process your personal data in order to comply with these obligations.
  • Article 6 1(e) – Public task
    Somerset Council carries out a number of tasks in the public interest or in the exercise of official authority vested in us and it is necessary to process your personal data in order to undertake such tasks.

We rely on the following provision of the General Data Protection Regulation (GDPR) as the lawful basis for processing your special category data:

  • Article 9 2(g) – substantial public interest
    In order to deliver some services it may be necessary to process data which is classed as a special category. This is information about you which, due to its nature, is afforded additional protections under data protection law. This information may include details regarding health and disability.

Legislation to which our legal obligations and public tasks are related include:

  • Data Sharing Code of Practice (Information Commissioner’s Office 2012)
  • Children and Families Act 2014 (Part3)
  • Children’s Act 2004 (Part 2, Section 10)
  • Health and Social Care Act 2014 (Part 1, Section 3)
  • Care Act 2014 (Part 1, Section 7)
  • SEND Code of Practice (2014)

Data sharing

In order to meet the needs of children and young people with Special Educational Needs and Disabilities, Somerset Council works with a number of internal teams and external partners. In order to ensure that needs can be met, and positive outcomes achieved, it is sometimes necessary to share your personal data with our partners. Organisations we may share data with include:

  • Other council teams involved in improving outcomes for children and young people
  • Commissioned providers delivering services on our behalf
  • Schools, colleges and early years providers as well as wider education or training providers
  • Partner organisations signed up to the Somerset Overarching Information Sharing Protocol (and related Tier 2 agreements), which include NHS organisations, Somerset Clinical Commissioning Group, district councils, and the police
  • Other local authorities and social care or health providers outside of the Local Authority area
  • Department of Education
  • Providers of independent advice, guidance, mediation and advocacy

When working to identify the setting to be named in a child or young person’s Education, Health and Care Plan, we will share information that we have collected as part of a statutory needs assessment with providers who we feel might meet the identified needs. Or for who parents or carers have expressed a preference for.

Safeguarding – in cases where you or another member of the public may be at risk, your personal information will be shared as necessary in order to protect individuals from harm.

Other statutory obligations – the council will share your personal information where we are legally obliged to do so – for example, for the prevention or detection of crime or fraud.

Data security

We have appropriate security measures in place to prevent personal information from being accidentally lost or misused. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are required to do so.

Your data will not be transferred abroad unless you are specifically informed at the point your data is collected.

Data retention

Somerset Council will retain SEND pupil data for 34 years after the date of birth of the data subject. However, where information pertains to Children’s Social Care data, the retention may vary depending on the classification of the specific information (in some cases, date of birth plus 100 years).

Your rights

Under the General Data Protection Regulation (GDPR) you have a number of rights in relation to the data we hold about you. These include the right to ask for a copy of your data, the right to rectify or erase your personal data, and the right to object to processing. However, these rights are only applicable if the council has no other legal obligation concerning that data. Further information about your rights and how to exercise them can be found on our website – Your rights on the information we hold about you.

You also have the right to complain to the regulator (The Information Commissioner). Details of this can be found on the Information Commissioner’s Office website.

In some cases if you do not supply your information to us, we will not be able to provide you with the services we are obliged to provide by law or any supplementary service you have asked for.

Last updated: February 21, 2025

Next review due: August 21, 2025

Back to top