Privacy Policy


This page informs you of our policy regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data. 


This data protection policy ensures SENDS Support CIC:

  • Complies with data protection law and follows good practice
  • Protects the rights of clients and staff
  • Is open about how it stores and processes individuals’ data
  • Protects itself from the risks of a data breach

SENDS Support CIC is committed to the protection of all personal and special category data, for which it holds responsibility as the Data Controller, and for the secure processing of such data in line with the principles set out in the General Data Protection Regulations.  Further changes to data protection legislation shall be monitored and implemented in order to remain compliant with all requirements. 


As a Data Controller, SENDS Support is registered with the Information Commissioner’s Office (ICO).  Employees of SENDS Support are required to abide by the principles and procedures set out in the policy.  The Data Protection Officers are Eloise Barnett and Nicola Warner who will oversee this policy and ensure employees are fully aware of their responsibilities. 

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. 

Information Collection And Use

We collect several different types of information for various purposes to provide and improve our Service to you.


Types of Data Collected:

Personal Data

The personal information will include:

  • name, address and date of birth
  • information from teachers and TA's about your child's attainment in different subjects, their ability, skills, attitude to learning, social, emotional and mental well-being
  • reports from other professionals who have worked with your child 
  • Education Health and Care Plan where one is in place
  • information about your family where Early Help is in place


Usage Data

We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device ("Usage Data").

This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Service by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.



Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.


Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
  • Security Cookies. We use Security Cookies for security purposes.


We may use third-party Service Providers to monitor and analyse the use of our Service.

  • Google Analytics
    Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and      personalize the ads of its own advertising network.
    For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page:


SENDS Support CIC will ensure that personal information is:

  1. Processed fairly and lawfully
  2. Obtained only for specified, lawful purposes
  3. Adequate, relevant and not excessive
  4. Accurate and kept up to date
  5. Not to be held for any longer than necessary
  6. Processed in accordance with the rights of data subjects
  7. Protected in appropriate ways
  8. Not to be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection.

SENDS Support CIC recognises the rights given to individuals in the GDPR: 

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling.

In line with the above principles, SENDS Support will provide a privacy notice to all individuals before collecting personal data about them.  In the case of children, the privacy notice will be provided to the parent although it will be considered on a case by case basis for older children, as to whether they have an understanding of the information and processes.  If this is apparent, a privacy notice will be provided for them.

The privacy notice sets out why we are collecting personal data, how long it will be held for and who we intend to share it with.  It also states the lawful bases for collecting the data. Our privacy notices will be clear, with easy to understand language, and will be regularly reviewed and updated as necessary.  If we intend to use an individual’s personal data in a new way, we will inform them prior to this happening.



Everyone who works for or with SENDS Support CIC has some responsibility for ensuring that data is processed appropriately and in line with this policy.

SENDS Support CIC directors are ultimately responsible for ensuring that SENDS Support CIC meets its legal obligations and for:

  • Ensuring all systems, services and equipment used for storing data meet acceptable security standards.

The SENDS Support CIC data protection officers are responsible for:

  • Keeping employees updated about data protection responsibilities, risks and issues.
  • Reviewing all data protection procedures and related policies, in line with an agreed schedule.
  • Arranging data protection training and advice for the people covered by this policy.
  • Handling data protection questions from staff and anyone else covered by this policy.
  • Dealing with requests from individuals to see the data SENDS Support CIC holds about them (also called subject access requests)
  • Checking and approving any contracts or agreements with third parties that may handle SENDS Support CIC’s sensitive data


  • The only people able to access data covered by this policy should be those who need it for their work
  • Data should not be shared informally
  • SENDS Support CIC will provide ongoing training to all employees to help them understand their responsibilities when handling data
  • Employees should keep all data secure, by taking sensible precautions and following the guidelines below
  • In particular, strong passwords must be used and they should never be shared
  • Personal data should not be disclosed to unauthorised people, either within the company or externally.
  • Data should be regularly reviewed and updated if it is found to be out of date. If no longer required, it should be deleted and disposed of
  • Employees should request help from their line manager or the data protection officer if they are unsure about any aspect of data protection


Data stored on paper:

  • Should not be left where unauthorised people could see it, for example like on a printer.
  • Will be kept in a secure place where unauthorised people cannot see it i.e. in a locked drawer or filing cabinet.
  • Must be securely shredded and disposed of when no longer required or otherwise passed back to schools.

Data stored electronically must be protected from unauthorised access, accidental deletion and malicious hacking attempts:

  • All SENDS Support laptops are encrypted and password protected by strong passwords that are changed regularly and never shared between employees.
  • Data will be stored on laptops for the shortest time possible.
  • No data is stored on removable media such as a USB.
  • Data is regularly uploaded to SENDS Support CIC’s Office 365 cloud service which is password protected and only accessed from encrypted laptops.
  • Data is backed up frequently.
  • All laptops containing data should be protected by approved security software and a firewall.


  • When working with personal data employees should ensure the screens of their computers are always locked when left unattended.
  • Data will be encrypted before being transferred electronically.


  • Data will be held in as few places as possible.
  • Staff will endeavour to keep data accurate and up to date.
  • Individuals can contact SENDS Support Ltd’s data protection officers to have their personal information updated.


  • You have the right to request your personal data from SENDS Support.
  • You have the right to request that we erase personal information we hold on your child.
  • You have the right to ask us for copies of your personal information in a commonly used format and you can ask us to send the data to other organisations.
  • You have the right to ask us to restrict the use of your personal information.

For all of the above, please contact SEND Support’s Data Protection Officers (Eloise Barnett and Nicola Warner at