Service level privacy notices
Adult learning service privacy notice
Who is the Data Controller for the information I provide?
- Liverpool City Council.
- Education and Skills Funding Agency.
- Department for Education.
Why we are collecting your data
We are funded by Education and Skills Funding Agency (ESFA) in order to deliver our services to you.
We need to collect and use data about you in order to provide courses, information, advice and guidance to progress on to higher learning opportunities or to assist you closer to, or into the labour market. Read the ESFA privacy statement in full.
Generally we collect and use personal information in instances where:
- You (or your legal representative) have given consent.
- It is necessary to perform our statutory or contractual duties.
- It is required by law.
- It is necessary for employment purposes.
We may also need to use information about you to:
- Deliver services and support to you.
- Manage those services we provide to you.
- Share the results of our services to the public bodies that fund us.
- Train and manage the employment of our workers who deliver those services.
- Help investigate any worries or complaints you have about your services.
- Keep track of spending on services.
- Check the quality of services and help with research and planning of new services.
What is the legal basis for collecting and processing this data?
We will collect and process your information where there is a contractual obligation or a legal basis for doing so.
We are able to gather, use and share your data as a public task in the public interest under relevant laws, including the General Data Protection Regulation (article 6(1)(e)).
The legal basis for us collecting and storing your personal information on our ESF programme is as follows. The Education and Skills Funding Agency, will be processing personal data relating to your course programme according to the following lawful basis:
- Article 6 (1) (e) GDPR: ‘Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller’.
- Article 9(2) (b) GDPR: This article of the GDPR provides ESFA with the lawful basis for processing 'special category’ (sensitive) data where, 'processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of education and social security and social protection law in so far as it is authorised by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards for the fundamental rights and the
The information we may collect
Where we can, we’ll only collect and use personal information if we need it to deliver a service or meet a requirement.
This can include:
- Date of Birth.
- NI number.
- Benefits information.
- Employment status.
- Information about your participation on our courses.
- Eligibility to work.
- Asylum status.
- Disability and health information.
- Information on your prior attainment levels.
Do you have to provide this information and what will happen if you don’t?
You do not have to provide this information but we may not then be in a position to provide specific services to you as a result.
Who will your information be shared with?
When you agree to Liverpool Adult Learning Service providing our services to you, we will only share information that is relevant to the contracts and services we are delivering.
For example, we are funded by the Education and Skills funding Agency (ESFA) for a specific contract, we are obliged to share relevant data we collect with the data controller for that contract - Education and Skills Funding Agency (ESFA).
We will only ever share what is required as part of that contract - this will be explained to you before you agree to us providing you with services and only when you provide consent beforehand.
How long will you keep this information for and why?
There’s often a legal and/or contractual reason for keeping your personal information for a set period of time, we try to include all of these in our retention policy.
For each council service a retention schedule lists how long your information may be kept. For contracts that we deliver, retention periods form part of that specific contract.
Please see What we do with your data for the council's full retention schedule.
You can request more information on contractual retention periods relevant to you at any time.
How will my information be stored?
Your information will be stored electronically and on paper records.
We’ll do what we can to make sure we hold records about you (on paper and electronically) in a secure way, and we’ll only make them available to those who have a right to see them. Examples of our security include:
- Encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or what’s called a ‘cypher’. The hidden information is said to then be ‘encrypted’.
- Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it.
- Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong.
- Regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called patches)
Will this information be used to take automated decisions about me?
Will my data be transferred abroad?
What rights do I have when it comes to my data?
Â You have a number of rights that are set out on the How to access your data page of this section.
Where can I get advice?
View our Help and advice page for more information.