Confidential Declaration form
This notice explains how the information you supply in your Confidential Declaration is used and your rights with respect to that data as required by the General Data Protection Regulation 2016/679 (the “GDPR”) and the Data Protection Act 2018, (the “DPA 2018”).
1. Who we are
The Data Controller is the person in the organisation who manages and is responsible for the data you provide. If you are a member of clergy, or a Reader, this will be the Bishop; and the Diocesan Safeguarding Team on his behalf. If you are a Diocesan employee, the Diocesan Board of Finance will be the Data Controller. If you are a parish employee or volunteer, the Data Controller will be the Parochial Church Council (PCC), and the Parish Safeguarding Officer on their behalf. The Data Controller decides how your personal data is processed and for what purposes.
2. The data we collect about you
We collect your name and address as provided by you in the Confidential Declaration Form, and where applicable, relevant conduct data and/or criminal offence data (including allegations); barring data; court findings or orders.
We also collect the following information about other individuals living or employed in your household who are over 16 years old, where applicable (see section 3, headed “Purposes and lawful bases for using your personal data” paragraph 3):
- criminal offence data (including allegations); barring data; court findings or orders.
It is our expectation that you will inform these individuals that you have put their details on the Confidential Declaration form, and that you explain the reason for this.
3. Purposes and lawful bases for using your personal data
The overall purpose of the confidential declaration is to ensure that we take all reasonable steps to prevent those who might harm children or adults from taking up positions of respect, responsibility or authority where they are trusted by others in accordance with the Safer Recruitment: Practice Guidance (2016).
We use your data for the following purposes and lawful bases:
- Appointing individuals to positions of respect, responsibility or authority where they are trusted by others.
- For the Diocesan Safeguarding Adviser to conduct a risk assessment where applicant discloses information on the form.
- Collect information about members of your household for the purpose of undertaking a Disclosure and Barring Service check on them if you have applied for a role where you work from home with children.
It is the legitimate interest of The Bishop of Bath and Wells, the Diocesan Board of Finance, and the Parochial Church Councils within the Diocese to ensure that only appropriate individuals are appointed to certain positions, as established by the Promoting a Safer Church – House of Bishops Policy Statement (2017). We also need to be assured that no member of your household poses any risk where relevant if you work from home.
It is also necessary for reasons of substantial public interest in order to prevent or detect unlawful acts and protect members of the public from harm, including dishonesty, malpractice and other seriously improper conduct or for the purposes of safeguarding children and adults at risk. (Safer Recruitment Practice Guidance (2016)).
|We have a specific purpose with a defined benefit||The processing is an essential part of safer recruitment, to ensure that individuals appointed to positions of respect, responsibility or authority where they are trusted by others are properly vetted and pose no risk to children, vulnerable adults or the wider public.|
|The processing is necessary to achieve the defined benefit.||Without processing this data, there would be no assurance that suitable individuals are being appointed.|
|The purpose is balanced against, and does not override, the interests, rights and freedoms of data subjects.||The risk of significant harm to others if inappropriate appointments are made outweighs the low risk to individuals of disclosing the data to us.|
4. Sharing your data
Your personal data will be treated as strictly confidential and will only be shared with those involved in the recruitment/appointment process and, where appropriate, the Diocesan Safeguarding Adviser. As part of that process it may be shared where necessary with Bishops Senior Staff for those holding a Bishops Licence, Permission or Commission; other Diocesan Safeguarding Advisers if you take up a role in another Diocese, or outside of the Church, for the prevention or detection of an unlawful act, or to protect members of the public from harm or for safeguarding purposes; or as required by law, under Schedule 1, Part 1, Part 2 or Part 3 (as appropriate) of the Data Protection Act 2018, with the following:
- Children’s or Adults Social services in Local Authorities
- Statutory or regulatory agencies, (e.g. the DBS)
5. Data Retention
We keep your personal data, if your application is successful, for no longer than reasonably necessary for the periods and purposes as set out in the retention table below at the following link:
If your application isn’t successful, your data will be held for 6 months after the recruitment process ends, and then destroyed, unless information disclosed on the confidential declaration has led to safeguarding concerns being raised, in which case the information will be retained as outlined in the retention table above.
6. Your Legal Rights and Complaints
If you do not feel that a complaint has been dealt with appropriately, please contact: Assistant Diocesan Secretary, Diocese of Bath and Wells, Flourish House, 2 Cathedral Avenue, Wells, BA5 1FD.
You also have the right to lodge a complaint with the Information Commissioners Office. You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.