top of page


ACC Privacy Policy

Our Privacy Policy in compliance with GDPR explains:


What information we collect and how we collect it

Why and how we use your information

How long we keep your information

How we may share your information

Your rights on the information we hold about you

Security - how we keep your information safe

Changes to this Privacy Policy

How to contact us

The Data Controller is ACC’s Administrator Manager – Ben Franklin


Information We Collect


In order to provide our services and for the other purposes set out in Use of Information below, we collect and process Personal Data for the users of ACC accredited Contact Centre.   We may collect the following information

Personal information (for example, your name, email address, mailing address, phone numbers, date of birth and address)


Sensitive Personal Data

Attendance information (such a attended, number of absences and absence reasons)


Safeguarding incidents

From time to time and as permitted by applicable law(s), we may collect Personal Data about you and update any existing Personal Data that we currently hold from other third-party sources


We collect your information from:


Self-Referral Forms

Safe Referral process from the ACC and NACCC websites

Referrals from organisations e.g. Cafcass, Family Solicitors

Pre visit checklist

We may also collect information from telephone conversations, emails and written and verbal communications and from records of the Contact Centre sessions.


How we use of Information


Your Personal Data may be used in the following ways:

To provide our services to you,

To respond to your requests and inquiries,

To improve our services, for example questionnaires

To request your participation in surveys, or other initiatives which help us to gather information used to develop and enhance our services,

To comply with applicable law(s) (for example, to comply with a search warrant or court order) or to carry out professional ethics/conduct investigations,

To enable us to provide, to maintain our own accounts and records and to support and manage our employees.


Consent and Lawful Processing of Data.


Our legitimate interests, which include processing such Personal Data for the purposes of:

providing and enhancing the provision of our services.

administration and programme delivery

for dealing with medical needs-any information you provide we must have had explicit consent to use.

all other cases: that it is necessary for our legitimate interests which are to run the contact centre

How long will we keep your information? 

File Type

Retention Period

HR files


Employment references


Redundancy details

6 years after employment/volunteering ceases


Parental leave


5 years from birth/adoption or 18 if child receives a disability allowance

Disclosure and Barring Service Certificate (formerly Criminal Records Bureau disclosures certificates) obtained as part of the vetting process. 

The actual disclosure form must be destroyed after 6 months. However it is advisable that organisations keep a record of the date of the check, the reference number, the decision about vetting and the outcome. 


Finance records


Income tax, NI returns, income tax records and correspondence with IR, Parental leave,


Wages and salary records


HMRC advise you must keep records for 6 years from the end of the last company financial year they relate to, or longer if: they show a transaction that covers more than one of the company's accounting periods.

Supported contact only – Referrals, with court orders or CAFCASS involvement, pre- visit forms, attendance records

Securely disposed of after three years unless a safeguarding or child protection issue

Supported contact only - Self-referrals  with NO court order or CAFCASS involvement, pre- visit forms, attendance records

Securely disposed of after one year unless a safeguarding or child protection issue

Information relating to paid/unpaid staff not covered above that are not used for three years should be treated as confidential waste and disposed of as such.


Securely disposed of after three years.


Accident books and paperwork relating to safeguarding or child protection issues about

a specific child  

Should be kept indefinitely as children can request this information up to the age of 25 years from Local Authorities.




Sharing and Disclosure to Third Parties


We may disclose your Personal Data to third parties from time-to-time under the following circumstances:

You request or authorise the disclosure of your personal details to a third party.

The information is disclosed as permitted by applicable law(s) and/or in order to comply with applicable law(s) (for example, to comply with a search warrant or court order).

The information is provided to service providers who perform functions on our behalf.

Hosting providers for the secure storage and transmission of your data

Legal and compliance consultants, such as external counsel, external auditors

Technology providers who assist in the development and management of our web properties

Subject Access/User Rights


As a user, you are subject to the following rights:


The right to be informed of the use of your Personal Data

The right to access and/or to require the correction or erasure of your Personal Data

The right to block and/or object to the processing of your Personal Data

The right to not be subject to any decision based solely on automated processing of your Personal Data

In limited circumstances, you may have the right to receive Personal Data in a format which may be transmitted to another entity.

If you have a complaint in relation to the processing of your data carried out under this Privacy Policy, you have the right to lodge a complaint with the Information Commissioner Office .


You may seek to exercise any of these rights by updating your information online (where possible) or by sending a written request to:  Administration Manager, ACC, c/o The AoC Trust, 27 Holloway Chambers, Priory Street, Dudley, West Midlands, DY1 1HA.


Information security


We are working to protect your personal information that we hold, its confidentially, integrity and availability.

We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.

We restrict access to personal information to ACC staff, contact centre staff and volunteers subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

We have a Security Information Policy in place which defines the measures we take to protect your personal information. We use a combination of technology and procedures to ensure that our paper and computer systems are protected, monitored and are recoverable.

We only use third party service providers where we are satisfied that they provide adequate security for your personal data.


Compliance and cooperation with regulatory authorities


We regularly review our compliance with our Privacy Policy. If we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the ICO to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.



Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent.


How to Contact Us:

The ACC, c/o The AoC, St James House, Trinity Road, Dudley, West Midlands, DY1 1JB. 

Telephone:|01384 211168




Ref:  GDPR001 Version: 1 Reviewed:  July 2020

Privacy Policy: Text
bottom of page