Toggle Contrast

Privacy Notice

Brighton and Hove Safeguarding Adults Board

Privacy Notice
This privacy notice explains how the Brighton and Hove Safeguarding Adults Board (BHSAB) uses and shares personal information in order to carry out its statutory duties and responsibilities.

Who we are and what we do
Brighton and Hove City Council is the data controller for purposes of the Data Protection Act (2018) and the General Data Protection Regulation (“GDPR”) and is registered as a data controller with the Information Commissioner’s Office (ICO).

Safeguarding Adults Boards (SAB’s) are statutory multi-agency partnerships that lead and oversee local adult safeguarding arrangements and ensure all members and agencies work together to keep vulnerable adults safe from harm and to protect their rights.

Local authority statutory adult safeguarding duties apply equally to those adults with care and support needs, regardless of whether those needs are being met, whether the adult lacks mental capacity or not, and irrespective of the setting.

SAB’s also have responsibilities for carrying out Safeguarding Adults Reviews (SARs), maintaining the Sussex Safeguarding Adults Policy and Procedures in line with legislation and government guidance, as well as the publication of an annual report and strategic plan.

The Brighton and Hove SAB is made up of the following three statutory organisations:

  • Brighton and Hove City Council (which includes Health and Adult Social Care)
  • Sussex Police
  • Sussex Clinical Commissioning Groups

Non-statutory partners of the Brighton and Hove SAB are:

  • Brighton and Hove Safeguarding Children Partnership
  • Change, Grow, Live (CGL)
  • East Sussex Fire & Rescue Service
  • Healthwatch
  • Kent, Surrey, Sussex Community Rehabilitation Company
  • National Probation Service
  • NHS England
  • South East Ambulance Service NHS Foundation Trust
  • Sussex Community NHS Foundation Trust
  • Sussex Partnership Foundation NHS Trust
  • University Hospital Sussex NHS Trust
  • Voluntary and community sector representation.

In order to carry out these tasks and duties we must hold records about you and your personal circumstances, and about the support you receive, have received, or may need in the future. We guarantee to use your personal data only in ways that respect your rights and promote your health and wellbeing. For example, we use information about you to:

  • make sure your support is safe and effective
  • work with others who are or have been involved with your support
  • investigate any concerns or complaints.


What information is being used?
The information we hold about you will depend on the type or review or case audit the BHSAB is undertaking. In all cases we will hold your name, address and date of birth. In relation to specific service provision, we may also hold information relating to contact details, assessments, reviews, care plans and other service provision information.

We may also hold information received from other organisations including reports from doctors and other healthcare professionals which help to carry out a SAR or case audit, to assess effectiveness of service interventions and how best to provide your care and support.

We may also hold information about you and your circumstances (including family, friends, associates, lifestyle, finances, employment, education or housing), relevant health and safety concerns, and information about your needs and wishes.

Information we hold may include special categories of personal data, such as:

  • information about your racial or ethnic origin, religious or philosophical belief and your sex life or sexual orientation
  • information about health conditions or disabilities that may apply to you.


What is the legal basis for processing your information?
When we collect your personal data, we rely on the following legal bases:

  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. GDPR Art. 6 1 (e)
  • Processing is necessary for compliance with a legal obligation to which the controller is subject. GDPR Art. 6 1 (c)

When we collect your ‘special categories of personal data’, we rely on the following legal bases:

  • Processing is necessary for reasons of substantial public interest. GDPR Art. 9 2 (g) Data Protection Act (2018) Schedule 1 Part 2 Para 18 and Para 6
  • Processing is necessary for the provision of health or social care or treatment or the management of health or social care systems and services. GDPR Art. 9 2 (h)

As we have a statutory basis for collecting your personal data under the Care Act (2014), we do not need to ask for your permission to collect and share it. However, we will only ever share your data on a basis of need, in line with legislation and will work transparently with you at all times.


How will your information be used?
We hold your information so that the BHSAB can assure itself that local safeguarding arrangements and partners help to protect you when you need it, and to carry out our legal duty to undertake SAR’s. We also use it to plan and improve services and to look into any concerns about the services you receive. We need to do this either because we have statutory duties to fulfil, or because we are required to undertake certain tasks for reasons of public interest. SAR reports may be published in line with legislation guidelines to share learning, and prevent future cases of abuse and neglect. Information in SAR reports will always be anonymised.

We aim to maintain high standards, adopt best practice for our record keeping and regularly check and report on how we are doing. Your information is never sold for direct marketing purposes.

We have strict controls on who can see your paper or electronic records. Nobody is allowed to see your information unless they have a valid reason and appropriate authorisation.

Our staff are trained to handle your information correctly and protect your confidentiality and privacy.

All information is held securely in accordance with our Data Protection & Information Security Policy.


How long will your information be kept for?
If the BHSAB no longer needs to keep your records for its statutory purposes the information will be retained on our systems in accordance with the Council’s retention schedule. Click here for further details on managing records and information.


Sharing your information.
The partner agencies of the Brighton and Hove SAB have signed up to the pan-Sussex Information Sharing Guide and Protocol. The protocol aims to facilitate effective data sharing in line with legislation, standards and principles about sharing sensitive and confidential information.

Any sharing of personal data is always made:

  •  on case-by-case basis
  •  using the minimum personal data necessary
  • with the appropriate security controls in place
  •  in line with legislation.

Information is only shared with those agencies and bodies who have a ‘need to know’. We may use the information we hold about you to assist in the detection and prevention of crime or fraud. We may also share this information with other bodies that inspect and manage public funds.

We will keep a record of those involved in the specific SAB activity and what information has been shared with them. Anyone who receives information from us is under a legal duty to only use the information for the purposes agreed and keep the information secure and confidential.

We may share anonymised information with partners such as the NHS and other local authorities to help to improve services provided to everyone.

Where your data is used for ‘secondary purposes’ – for example, to help plan future service provision or to allow other organisations to offer services to you which may be of interest, such as home fire safety visits – we will ask for your consent.


Your rights
In line with the Brighton and Hove City Council’s policies depending on the legal basis for processing your information you may have the following rights:

  • A right to a copy of data held about you, an explanation for its processing and who it has been shared with – this right applies to data processed under any lawful basis
  • A right to rectification (correction) of data which is demonstrably wrong – this right applies to data processed under any legal basis
  • A right to restrict processing – this right applies if it has been shown that there is no legal basis for processing your data, but you wish it to be retained for your own purposes
  • A right to object to processing – this right does not apply where the Council is under a legal duty to process your data but can be used where you dispute that there is a legal basis to process your data. In this circumstance, the Council is required to weigh its lawful basis for processing your data against your objection and provide you with a response.
  • A right to erasure – this applies where there is no longer a legal basis to retain your data.
  • A right to portability of your data (having it moved to another organisation) – this right applies only where the legal basis was either consent or performance of a contract, but data will usually be transferred to another local authority if a data subject moves to a new location.


NHS Confidential Patient Information- National Data Opt Out
Health and care staff may use your confidential patient information to help with your treatment and care, this data can also be used to help with research and planning. There are strict rules about how NHS can use your data and it’s only shared securely and safely. However, you can opt out of NHS confidential patient information being used for purposes beyond your individual care and treatment. You can change your national data opt-out choice at any time by visiting the NHS website.


How to get advice or make a complaint
If you wish to discuss any of your data protection rights, you can contact the Data Protection Team on 01273 295959 or by email at

The council has also appointed a Data Protection Officer. Contact the Data Protection Officer online.

Whilst we would prefer that you contact us first with any concerns that you might have, you can also contact the Information Commissioner’s Office.  The ICO is the national regulator with responsibility for ensuring compliance with data protection.


Information Commissioner’s Office
You also have the right to lodge a complaint with a supervisory authority.

The ICO can be contacted through their website.

Alternatively you can call: 0303 123 1113

You can also write to them at: Information Commissioner’s Office, Wycliffe House, Water Ln, Wilmslow SK9 5AF

This Privacy Notice will be subject to review when there is a change


Our Cookie Policy
At the BHSAB we make use of cookies to help manage our website, make our website easier to use and support the provision of relevant information and functionality. This is done to improve your visitor experience, as well as provide us with information about how our website is used so that we can make sure it is as relevant and as error free as we can make the site By using our website you agree to the use of cookies as described in this Cookie Policy.

Cookies set across our website, can be in the form of session cookies (lasting only as long as your visit to our website) or persistent cookies, and may use different technologies, such as JavaScript or Flash. You can choose to manage the cookies we use on our website through your internet browser settings at any time. Certain cookies may be set as soon as you visit our website, but you can remove them using your internet browser settings.

If you have any further questions, require further clarification around our use of cookies or wish to discuss how we are embracing online privacy please contact us.


The Cookies We Use

Name of cookie    Type of cookie    Reason for cookie    Description   
_UTMZ 1st /Persistent Analytics Extracts the following information- where the visitor came from,
what search engine they used, what link they clicked on, what
keyword they used and where in the world they accessed a website.
_UTMA 1st /Persistent Analytics Keeps track of the number of times a visitor has been to the site,
when their first visit and last visits were
_UTMC 1st /Persistent Analytics Works with UTMB_ to determine how long the visitor spends on the site
_UTMB 1st /Persistent Analytics Works with UTMC_ to determine how long the visitor spends on the site


Managing Cookies: – Disabling
Internet Explorer
Google Chrome

Mobiles: – Disabling
Windows Phone


What happens if you disable cookies from our site?
Preventing cookies is likely to impact the functionality or performance of our website and could stop you from using certain services provided through it. If you choose to disable cookies, we cannot guarantee how the operation of our website will perform during your visit. It will also affect our ability to improve our website, making changes to user preferences.


What are Cookies?
Cookies are small text files that are sent to and stored on your computer, smartphone or other device used to access the internet, whenever you visit a website. Cookies are useful because they allow a website to recognise the device you are using. We use cookies for a variety of reasons, such as to determine preferences, let users navigate between pages efficiently, verify the user and other functions More information about cookies can be found on