Data Protection for Students

Upward Mobility (Upmo) is committed to protect the rights and freedoms of individuals with respect to the processing and retention of their personal data. Please refer to the organisation’s Data Protection Policy for more information on this. Privacy Policy.

What information will be collected?
Upmo will collect and process the following types of data from prospective students:

  • Personal data including names, addresses, dates of birth, telephone numbers, email addresses, banking details (where needed for invoicing purposes)

  • Sensitive data which will be contained in an Upmo support plan including educational information, support requirements/needs, likes, dislikes, communication needs, additional information, information for use in risk assessments, and photos, etc.

Who will the information be collected from?
Information is collected through the completion of Upmo self-assessment forms, and the collection of school transition documents, social work reports, support documentation from outside organisations, and reports from medical professionals.

Information collected can be in electronic form, or paper copy form. Upmo will store all electronic forms of data securely on its internal server and encrypted network. Paper copies of all data will be kept securely in lockable filing cabinets in line with organisational and legislative procedures. More information on how Upmo stores information, can be found in its Privacy Policy, as well as the Standard Operating Procedure for Confidentiality and Open Access.

Who will information be shared with?
Personal and sensitive data will be shared internally within Upmo’s various departments for the following purposes:

  • Generating support plans

  • Invoicing

  • Scheduling

As part of fulfilling the abovementioned purposes, Upmo also makes use of external companies such as Academia (the information technology company managing the Upmo server), Xero (the business and accounting software used for invoicing) and Peopleplanner (the care management software used for scheduling). These companies are bound by strict confidentiality agreements with Upmo and will not share personal and sensitive information.

Upmo uses the services of external auditors (Chiene & Tate) for managing financial obligations. The external auditors have access to all of the information collected by the Finance Department.

Under certain circumstances, Upmo will share information with the police or social work as bound by law. However, Upmo will not share information with any other organisations without asking for permission first.

Why does Upmo collect personal and sensitive data?
Upmo collects personal and sensitive data from students in order to ensure that the highest quality of care can be provided, to ensure that legal and contractual obligations are fulfilled, and to ensure that support documentation is kept up-to-date and current.

How does Upmo ensure and maintain confidentiality of records?
Upmo adheres to the Data Protection Act 1998 and the General Data Protection Regulation 2018 with regards to ensuring and maintaining confidentiality of all records. Upmo also has a robust Data Protection Policy and Privacy Policy, as well as well as the Standard Operating Procedure for Confidentiality and Open Access.

All information kept by Upmo is accessed only by those who are required to manage the information, and awareness of data protection is raised through various means such as training, visual aids, etc. Upmo will not keep information for longer than needed, and all information is kept in line with its Data Retention Schedule.

Rights regarding how data is used
Under the General Data Protection Regulation 2018, all individuals have certain rights with regards to how their data is used.

  • Right to erasure

  • Right to object

Detailed information on these rights can be found in Upmo’s Data Protection Policy, and in Upmo’s Privacy Policy.