Parentline
GDPR and Data Protection Policy.
The purpose of the policy is to enable Parentline to follow all provisions of the Data Protection Acts 1988, 2003 and the GDPR Act 2018. The purpose of the Acts is to protect employees, volunteers, and clients whose personal data may be held on computer or in manual files.
Parentline provides a national, confidential, non-judgemental helpline for all parents and those involved in the care of children. It offers support, information, and guidance on all parenting matters. It is the national helpline for those suffering from post-natal depression and is a facilitator of the Non-Violent Resistance (NVR) Programme for responding to child to parent violence. It also provides a Supportive Parenting for Anxious Childhood Emotions (SPACE) informed Programme for parents.
Data Protection Agreement
Parentline is compliant with all GDPR obligations. Therefore Parentline (the Data Controller) has a signed Data Processing Agreement in place between Parentline CLG and Enclude (the Data Processor).
This agreement sets out the subject-matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the Data Controller.
Principles of Parentline GDPR Policy:
It is Parentline’s policy to adhere to all data protection principles under the provisions of the Data Protection Acts (listed above) and the GDPR Act and to avoid any and all repercussions, such as complaints to the Commissioner.
The Data Controller (Parentline) and Data Processor (Enclude) are familiar with the provisions of the Acts.
Employees and volunteers who process personal data are informed of their duties and obligations under the Acts. Parentline will only allow authorised persons access to files containing personal information.
Client information:
- Volunteers do not record the phone numbers of our callers unless they are making a referral for the NVR Programme or SPACE informed Programme and with the permission of the parent or caller; our phone system does not display numbers. If a caller chooses to leave contact details on our system, they are erased as soon as contact is made.
- Generic data is kept for research purposes, such as, gender, age range, problem, gender of child, age range of children, county of residence, relationship to child.
- If a parent emails Parentline, the only people with access to those communications are the CEO and Office Administrator, who deal with the content of the e-mail in an entirely confidential manner and subsequently delete any identifying information. If a parent wants a face-to-face meeting or Zoom meeting it is organized through the office, and telephone contact is held on file until after the session or sessions are finished.
- Parentline facilitates the Non-Violent Resistance (NVR) Programme – this is a one-to-one service, undertaken over the phone, on a weekly basis for approximately 8 to 10 weeks. The CEO or Office Administrator (who is also the NVR Programme Administrator) liaises with the family and places the parent with a volunteer to work through the program. In order to investigate if the program is suitable for a parent, there is a requirement for some strictly relevant information such as personal details, the nature of the issue, the age and gender of the child, the family circumstances, email, and telephone number. This information is held on a secure database and is accessible only to the CEO or the person acting in that capacity. In each individual case, the first name of the parent or parents and the telephone number are given to the NVR facilitator for the duration of the program. All identifying information is deleted when the program has been completed.
- Parentline also facilitates a number of NVR Programmes by Zoom. These are group programs, and once again only the CEO or NVR Programme Administrator has personal details in relation to the parents and families on the program, including phone numbers and other contact details. These are kept on a secure database and only accessible to the CEO and NVR Programme Administrator. The NVR facilitator is given a first name of the parent or parents and limited details required for Zoom establishment, and this is only for the duration of the program. All identifying information is deleted when the program is completed.
- Parentline facilitates a Supportive Parenting for Anxious Childhood Emotions (SPACE) informed Programme, which is facilitated through two group Zoom sessions. The CEO or Office Administrator (who is also the SPACE informed program administrator) liaises with the family and places the parent (with the parent’s understanding and consent) with a SPACE trained volunteer to work through the program. There is a requirement for those wishing to do the program to provide some personal details and relevant information on the nature of the issue, the age and gender of the child, the family circumstances, email, and telephone number. This information is held on a secure database and is accessible only to the CEO or the person acting in that capacity. In each individual case, the first name of the parent or parents and contact details are given to the SPACE facilitator (with the permission of the parent or parents) for the duration of the program. All identifying information is deleted when the program has been completed.
Staff, Directors and Volunteer information:
Parentline holds basic personal information on staff, directors and volunteers including name, address, contact number, contact email, and next of kin details.
Staff members and Board Directors have their PPS numbers held on file as required by the Companies Registration Office (CRO).
All staff, director and volunteer details are held on a secure database and in a locked filing cabinet. The CEO and administrative staff have the only access. Access to Parentline office computers and to the database is with a valid password only.
Where hard copy details are stored, they are in a secure filing cabinet. The CEO and administrative staff have the only access.
Member information:
Parentline holds basic details on its members, who have all consented in writing to being members. Name, address, telephone, email and next of kin details only. All members of Parentline are volunteers, ex volunteers or Board members. The membership list is refreshed every three years or if there is an explicit request from a member to be removed from it. It was most recently refreshed in November 2023.
Procedure:
Parentline retains basic personal information only. It is not envisaged that it will be necessary to register with the Data Protection Commissioner. This will be reviewed regularly.
Should an employee, volunteer, member or client request details, in writing, of the information Parentline holds about them, they will be supplied with a description of such personal data and the purpose for which it is being kept. This will be done free of charge and as soon as possible (within 21 days).
If they require, by written request, a copy of all information stored pertaining them will be provided with a copy of such data as it appears in the computer files and manual files on the date of the request. This will be done as soon as possible (within 40 days). Right of access can only be refused in specific circumstances. A small fee may be charged for the data.
Employees/volunteers/clients have the right to have inaccurate personal data rectified or erased within 40 days of making a request. It is Parentline’s policy to rectify such errors immediately.
Updating the data:
Data will be checked periodically, to ensure that it is up-to-date, relevant, accurate, retained no longer than necessary and not excessive in relation to its purpose. If the data is not adequate and accurate, additional information or amendments will be obtained from data subjects. The data will be held securely.
Disposal of Information:
Disposing of documents which are no longer relevant must receive as much attention as their storage. If disciplinary documents are removed from files, they should be shredded, then incinerated or otherwise disposed of in a safe and secure manner. Similarly, financial information which is no longer relevant should be disposed of carefully. Accidental disclosure of personal information can occur as a result of improper disposal of personal files.
Updated and ratified by the Parentline Board and Management.
March 2024