This notice provides additional privacy information for Child Employment, Entertainment and Chaperone licences. It explains what personal data (information) we hold about you, and how we collect, use and may share information about you. We are required to give you this information under data protection law.
Our core data protection obligations and commitments are set out in the Councils Corporate Privacy Notice
This privacy notice applies to:
- Issuing child employment permits to allow children to take part in employment
- Issuing licences to allow children to take part in entertainment
- Approving chaperones for children in entertainment / issuing a chaperone licence
- Investigation of Child Employment/Entertainment enforcement files (prosecuted for failure to comply with their legal responsibilities)
- Inspections of places of employment and entertainment
- Notices served for breach of child employment and performance regulations
- Permits or licences revoked
Dudley MBC (DMBC) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the UK General Data Protection Regulation (UK GDPR), and we are responsible as 'controller' of that personal information for the purposes of those laws. The Child Employment Officer, who is based within The School Attendance and Education Support Service, operates the statutory processes that govern the approval and issuing of individual performance licences or Body of Persons Approvals (BOPAs) and exemptions for children in entertainment, child employment work permits, and chaperone licences to support, safeguard and oversee these performances and activities. The officer also provides training for chaperones, and conducts employment visits and performance inspections during events to ensure compliance.
Information on all these areas of work can be found on our website at Education Support Service
We collect and use your personal information to comply with our legal obligations. If we need to collect special category (sensitive) personal information, we rely upon reasons of substantial public interest (safeguarding of children and of individuals at risk, and equality of opportunity or treatment), and for the establishment, exercise or defence of legal claims whenever courts are acting in their judicial capacity.
Processing is necessary for compliance with legal obligations underpinned by acts of legislation that dictate what actions can and should be taken by local authorities, including:
- Children and Young Persons Act 1933/63
- The Employment of Women, Young Persons and children Act 1920
- Dudley MBC Byelaws
- Children and Young Persons Act 1933 – sections 23-30
- Children and Young Persons Act 1963 – sections 37-44
- Children (Performances and Activities) England Regulations 2014
- The Education Act, Section 559
- The Management of Health and Safety At Work 1992, and The Education Act 1996
Your personal information provided is collected, for the purpose of delivering the service to you, to issue exemptions, individual or body of person’s entertainment licences, or work permits. We collect:
• Business activities/Trading name and address
• Name of Owner/personal address/date of birth
• Name of Manager/Agent
• Exact nature of duties/hours worked
• Application form and signed declarations, completed by employer, organiser and child’s parent/guardian
• Personal information of child (such as name, address, contact details, date of birth and gender)
• Information on school attended/educational provision
• Reason why you require an entertainment or employment license, and when and where the entertainment or employment will be taking place
• Details of the organisations for whom you will be performing or working
• Visual image required for performance licences
• The child’s accommodation details during the performance (if living away from home)
• Sums to be earned by the child for the performance and who this is paid too
• Details of the proposed chaperone(s)
• Arrangements for transport
• Confirmation of the risk assessment you have undertaken
• Correspondence you send us
• Information you or your representative provides
• Information collected by our staff on the phone or in face to face or virtual meetings
• Information provided by other local authorities
• Third party agencies/other professional organisations such as: social care, schools, police, health, members of the public
From these, we would collect and process personal and special categories information such as: name, date of birth, gender home address, name and place of employment address, email , health, where necessary e.g. conditions which might impact on the ability of child to work or perform.
In the course of providing chaperone licences, we collect the following personal information when you provide it to us:
• Application form and signed declaration plus any additional information you provide and correspondence you send us
• Personal information (such as name, address (including previous addresses if less than 5 years), contact details, date of birth and gender)
• Names and contact details of personal/employee references
• Information collected from your nominated referees
• Information provided by other local authorities
• Information collected by our staff on the phone or in face to face or virtual meetings
• Information provided by child performance license applicants, their employees, agents, parents or anyone else connected with the application or performance
• Experience and qualifications
• The reason why you require a chaperone licence, and when and where you will be chaperoning
• Employment details (current/previous employment)
• Experience of working with or caring for children
• Visual image for ID badges
• Physical or mental health details (including health/social care records)
• Offences (including alleged offences), criminal proceedings, outcomes and services
We also obtain personal information from other sources as follows:
• Disclosure and Barring Service (DBS) checks for chaperone licences
• Checks with your Local Safeguarding Board
We use your personal information to:
• process licence applications and assess suitability to become licenced
• issue licences or work permits
• conduct inspections as part of our statutory duty to inspect
• monitor the compliance of organisations working with children for entertainment or employment purposes, to safeguard children
• provide training
• assess and evaluate our services
Children’s Services uses Power BI as a business intelligence analysis tool that can handle hundreds of thousands of lines of raw data and add value by categorising, calculating and visualising information to give insight.
Working with colleagues in Children’s Services, interactive business intelligence dashboards have been developed to provide analysis into things like, number of service users, number of children in need, different types of interventions applied etc.
These insights can be shared with those members of staff who need the analysis to help Children’s Services improve service operations. Access to personal identifiable level data is restricted to those who have a lawful basis to access it.
Personal data will not be retained for longer than necessary in relation to the purposes for which they were collected. There is usually a legal reason for keeping your personal information for a set period of time. This ranges from months for some records to decades for more sensitive records. If you require more information about our retention schedule please contact us at information.governance@dudley.gov.uk
Within Dudley Council information may be shared with other council departments where necessary to follow up a service request, complaint or to take other action requested by or agreed with you. Your data may be accessed by staff working for Dudley’s other council teams so they can carry out their statutory roles and support our service (e.g. housing, education, social care, complaints, and legal services). Staff in each area will only access the personal information that is essential to carry out their work and statutory functions but may share data between the respective teams where this is necessary to provide you with services. All organisations we pass your information to will have an information-sharing agreement with us to ensure they meet the standards of the UK GDPR and the Data Protection Act 2018 and will be covered by a legal basis allowing them to collect, use and share your personal information.
We also routinely share information with external partners and relevant external services:
- Chaperone information such as name, expiry date and local authority to which they are registered is shared with production companies and other local authorities. This is only used to confirm status and we do not provide any other details.
- Children’s performance licence information (including name, DOB, parents' names and name of school and photo of child) is sent to the applicant of the licence, agent (if applicable), parent, school and the local authority where the performance is taking place
- We only share children’s information (name, DOB, postcode, LA where the child resides and district) as part of BOPAs if the child resides out of Dudley and this is requested by their local authority
- Work permits are sent to the employer and parent. This includes name, DOB, home address, school and year group
- Inspection reports are shared with the local authority where the child/children reside and the applicant responsible for the production only. Under a performance licence, this will include name of child and DOB and local authority that issued the performance licence and details of chaperones (their name, issuing authority and expiry date). Under a BOPA, we do not share details of children just chaperones unless there are children who reside out of Dudley performing and their local authority request the information.
- We will share personal information with law enforcement or other authorities if required to do so by applicable law.
- Data Processors acting on behalf of the Council under contract such as APS Group who provide printing and mailing services
- We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
- We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
- Electronic information is stored securely on the council’s secure network
- Paper information is in locked storage
What are your rights?
You have the right to request Dudley Council to stop processing your personal data in relation to any council service. See our Corporate Privacy Notice for details.
Under UK GDPR and the Data Protection Act 2018, parents, carers and young people have the right to request access to information we hold about them. To make a request for your (or your child’s) personal information, contact the Council’s Corporate Information Governance Team:
Lewis Bourne, Data Protection Officer, at information.governance@dudley.gov.uk or by calling 0300 555 2345 and asking to speak to the Corporate Information Governance Team
Depending on the lawful basis, you may also have the right to:
- object to processing of personal data that is likely to cause, or is causing, damage or distress
- prevent processing for the purpose of direct marketing
- object to decisions being taken by automated means
- in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed: and a right to seek redress, either through the ICO, or through the courts
Where we are processing your personal data with your consent, you have the right to withdraw that consent. If you change your mind, or you are unhappy with our use of your personal data, please let us know by contacting Lewis Bourne, Data Protection Officer, at information.governance@dudley.gov.uk or by calling 0300 555 2345 and asking to speak to the Corporate Information Governance Team.
The UK GDPR and the Data Protection Act 2018 give you a number of rights to control what personal information is used by us and how it is used by us. Information about your data rights is listed in the Council’s Corporate Privacy Notice.
If you have any questions or concerns about the way we collect, store or use your personal information, please contact in the first instance information.governance@dudley.gov.uk.
For independent advice about data protection issues, you can contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.
We reserve the right to amend this Privacy Notice at any time and will keep it under review. If we do make any changes, we will post the current version to our website at this address.
Last reviewed 17/01/2024