How Norfolk Autism Partnership uses your personal information 

This page provides information on the Norfolk Autism Partnership (NAP) uses your personal information to accurately record meetings and ensure all partners are able to access this information in a way that supports them.

By ‘use’ we mean the various ways your personal information may be processed including storing and sharing the information. 

Further details

We also provide further details regarding:

  • Who we are
  • How long we use your information for
  • Your rights under the GDPR and
  • How to exercise them

The data controller for the Norfolk Autism Partnership is Norfolk County Council.  You can see their general privacy notice on the council web site or you can ask us for a copy of this information.

What we use your personal information for

We use your personal information primarily to manage the Norfolk Autism Partnership including:

  • Minuting board meetings
  • Minuting other associated sub groups
  • Providing attendees with reasonable adjustments to support their attendance and participation
  • Advising of NAPB meetings and events

We also use this information to assess the quality of our services and evaluate and improve our policies and procedures. 

We may also use information in other ways compatible with the above. 

The information we collect and use

The information we may collect and use may include your:

  • Personal details
  • Contact details
  • Comments, views and opinions

We may also collect health information including any disabilities and medical conditions you may have. Health information is classed as “special category data” under the GDPR. This is because some of our board members are people with autism spectrum disorders. 

Who provides this information

The information we hold includes information you have provided to us.

How the law protects you and the legal basis for processing your information

We have legal grounds to process this information because it is necessary to comply with a legal duty or fulfil a public task.  This includes the provision of an Autism Partnership Board under the:

  • The Autism Act 2009
  • Adult Autism Strategy 2010
  • Adult Autism Strategy 2014 (Think Autism)
  • Strategic guidance for Local Authorities/NHS to support the implementation of the adult autism strategy 2015

We have legal grounds to process special category data and criminal convictions data where it is in the exercise of a statutory function and it is in the necessary for reasons in the substantial public interest.  The statutory functions are as set out above.

The GDPR includes safeguards to protect the use of your special category data. Further details can be found on our website in the document named ‘Special category data and criminal offences data policy’ which sets out our procedures for compliance with the principles of the GDPR and the retention and erasure of this information. 

Who we share your information with

We may also share your personal information with other organisations and public bodies, in particular, where agreed minutes of the Norfolk Autism Partnership are requested by interested parties. Personal data of private individuals will be considered for redaction in line with Freedom of Information and Data Protection Legislation before it is released into the public domain.

We share this information without your specific consent as it is reasonable and necessary to do so to fulfil our public tasks or it is otherwise in the substantial public interest to do so.  The law imposes safeguards to protect your privacy in these circumstances. 

Finally, we may also share your information across different departments of the NCC, where it is necessary for our public tasks or functions to do so.

 Automated decision making

We do not make automated decisions about you and your family.

How we keep your information

The information is processed in line with our Voicemail, Voice and Video recording Procedure and is stored electronically, on the NCC’s records management system. The recorded data will be kept until written from it have been approved by the appropriate Board or group.  It will then be destroyed. Additionally, information is securely stored in other mediums, including email accounts and in paper files.  We do not process your information outside of the European Economic Area. 

This notice was updated in June 2020