The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR replaces the 1995 Data Protection Directive.
The Multiple Intelligence Hub CIC comply with EU General Data Protection Regulation (GDPR). We will inform you about the way in which we use, share and store your personal information.
We have published this privacy notice so you can access this information, along with information about the increased rights you have in relation to the information we hold on you and the legal basis on which we are using it.
Information we may need
MIH will be the ‘Controller’ of any personal data you provide to us. We only collect basic personal data about you which does not include any special types of information or unreasonable requests.
This privacy notice tells you what to expect when we obtain personal information. It applies to information we collect about:
Visitors to our websites;
Complainants and other individuals in relation to a data protection or freedom of information complaint or enquiry;
People who use our services
People who notify under the Data Protection Act
Job applicants and our current and former employees.
Why we need this information:
We require basic personal data in order to provide you with a sufficient service in responding to your request. We will not collect any personal data from you that is not necessary in order to provide and oversee this service to you.
How we Collect, Handle and Share your Personal Data
We collect most of the personal data we process directly from the individual concerned (or in the case of youth service users, from their parents). In some cases, we collect data from third parties (for example; referees, education providers, the Disclosure and Barring Service, or other professionals and authorities who work with the individual) or from publicly available resources.
Personal data held by us is processed only for the purposes for which the data was given. We take appropriate steps to ensure the security of personal data about all individuals, including policies around use of technology and devices, and access to service data systems. We do not transfer personal data outside of the European Economic Area unless we are satisfied that the personal data will be afforded an equivalent level of protection.
As a provider to Children, Youths and vulnerable Adults, we may share personal data with third parties such as professional advisors and relevant authorities (eg the Local Children Safeguarding Board, DBS and Immigration, HM Revenue and Customs, Department for Education and Department for Work and Pensions).
Why We Process Personal Data
We process personal data to support our provision as follows;
The selection and booking of Youth Service Users
Compliance with legislation and regulation.
The carry out our services of care to the best of our ability, to include the administration of timetables; monitoring progress and support needs; reporting on the same internally and to parents; providing references where required (including after a they have left)
The recording for any activity or programme support and related services to service users (and parents) including the maintenance of discipline; off site trips; IT and communications system (and monitoring the same) all in accordance with our IT policies
The safeguarding of service users’ welfare and provision of pastoral care, welfare, health care services by the provision staff.
Operational management including the compilation of service user records; the administration of invoices, fees and accounts; the management of the provision’s property; the management of security and safety arrangements; research and statistics; the administration and implementation of the provisions rules and policies for service users and staff and the maintenance of historic archives
Staff administration such as recruitment of staff/ engagement of contractors (including compliance with DBS procedures); administration of payroll, pensions and sick leave; reviews and appraisals; grievance procedures, capability or disciplinary procedures; and the maintenance of HR records.
The promotion of the provision through our own websites, marketing literature and communication through our social media channels;
Maintaining relationships with the other educational providers and the wider school / Respite care community, former service users and/or their parents or guardians.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies we use and why.
Changing cookie settings
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit or .
Links to other websites
When linking to other websites through our website, we encourage you to read the privacy statements on the other websites you visit.
If you contact us via social media
If you send us a private or direct message via social media the message will remain on that platform. It will not be shared with any other organisations.
If you email us
Our business email provider are linked with Proofpoint to encrypt and protect email traffic. We also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
If you make a complaint to us
When we receive a complaint, our first steps are to make up a file to hold details of the complaint. This normally contains complainant’s identity and that of any other persons involved in the complaint.
Personal information is only collected to process the complaint and to check this against the level of service we provide. We may where required compile and publish statistics showing information regarding any complaints we receive, but this will not identify anyone.
It is common to have to disclose the complainant’s identity to whom the complaint is about. This is required where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying them to be disclosed, we will make every effort to respect that. However, it may not be possible to handle a complaint without disclosing this.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for two years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
If you use our services
We process personal data about prospective, current and past: youth service users and their parents; staff, suppliers and contractors; and other individuals connected to or visiting MIH.
The personal data we process may be factual information, expressed opinions, images or other recorded information. For example:
Name and addresses, telephone numbers, e-mail addresses and other contact details
Family relation details
Images, audio and video recordings
Booking, disciplinary and other special educational or support need related records and references
Education and employment data
As a Care and well-being programme provider, we need to process special category personal data (eg concerning health, ethnicity, religion or biometric data) and criminal records about some individuals (particularly service users and staff). We do so in accordance with applicable law, including with respect to safeguarding or employment.
Job applicants, current and former employees
If you have any queries about the process or how we handle your information please contact us at firstname.lastname@example.org
What we do with the information you provide
All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
What information we ask for, and why
We do not collect more information than we need and will not retain it for any longer than is necessary.
The information is used only to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you choose not to.
We ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Only staff involved in the recruitment process will have access to this information.
You will also be asked to provide information for equal opportunities. This however is not mandatory information – if you don’t provide it, it will not affect your application. This information will not be made available to any other staff than those dealing with the recruitment process. Any information you do provide may be used only to produce and monitor equal opportunities statistics.
We might ask you to participate in assessment days; complete tests or occupational personality profile questionnaires; and/or to attend an interview (or a combination of all). Any information generated by you or by us during this process is held by the company only.
If you are unsuccessful for the position you have applied for, we may ask if you would like your details to be retained on our database for a period of six months. If you say yes, we would use this to contact you regarding future suitable vacancies.
If we make a conditional offer of employment we will ask you for further information so that we can carry out pre-employment checks. We are obligated to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability.
Further information that would be required;
Identification – we will take copies of original documents.
Qualifications – we will take copies of original certificates.
A criminal records declaration should be signed to declare any unspent convictions.
Your email address will be provided to the Government Recruitment Service who will contact you to complete an application for an advanced Criminal Record check via the Disclosure and Barring Service, or Access NI. This will verify your declaration of unspent convictions.
Referees – we will contact these directly, using the details you provide in your application, to obtain references
A Health Questionnaire should be completed to establish your fitness to work.
Upon making a final offer, the following is required:
Bank details for salary payments
Emergency contact details – in case you have an emergency at work.
Data processors are third parties who are involved in elements of our recruitment service. Due to contracts being in place with our Data Processors, this means that they cannot do anything with your personal information unless instructed by us. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
If you qualify your details will be provided to NOW Pensions who are the administrators of the Pension Scheme. You will be auto-enrolled into the pension scheme and details provided will be your name, date of birth, National Insurance number and salary. Your bank details will not be passed on at this time.
How long we hold your information
If you are successful, the information provided during the application process will be retained in your employee file for the duration of your employment plus 6 years following the end of your employment.
If you are unsuccessful, the information you have provided until that point will be retained for 6 months from closure. Information generated throughout the assessment process, for example interview notes, is retained by us for 6 months following the closure. Equal opportunities information is retained for 6 months whether you are successful or not.
If at any point you believe the information we process on you is incorrect, you can request to see this information and even have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
You can contact our data protection officer; Donna McLean - email@example.com
Complaints or queries
MIH tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints very seriously. We encourage people to bring to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.
This privacy notice does not provide exhaustive detail of all aspects of the company’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
If you would like to make a complaint about the way we have processed your personal information, you can contact us – Donna McLean; firstname.lastname@example.org.
Access to personal information
We try to be as open as we can be when giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 1998. If we do hold information about you we will:
Provide you a description of it
Why we are holding it
Who it could be disclosed to; and
let you have a copy of the information in an intelligible form.
To make such request for any personal information this must be in writing addressing it to our DPO or writing to the address provided below.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated January 2019.
How to contact us
If you would like to request information about our privacy notice you can email us or write to:
The Multiple Intelligence Hub, Plot 2, Black Horse Farm, Crouch Lane, Borough Green, TN15 8QL
Telephone – 01732 667961