Social Impact Services Ltd which trades under the brand name Brightsparks Agency (the Company) operate this website on behalf of our client NHA Addictions Provider Alliance (NHS APA) which is hosted by Midlands Partnership NHS Foundation Trust (the Client). Social Impact Services Ltd is a data Processor on behalf of NHS APA for the purposes of marketing and communications activities.
The Company may share your data captured through this website and associated publishers with NHS APA. We may also share your data with third party organisations that have been approved and contracted by NHS APA to support the improvement of our services to you. The Company is committed to protecting your privacy when you use our services and will always strive to ensure that we handle personal data fairly and lawfully, and with justification. Our aim is not to be intrusive by invading your privacy or to undertake any task which is irrelevant. Instead our aim is to ensure we collect information that is of the highest quality in terms of accuracy, relevance, adequacy, non-excessive and which is "fit for purpose". The Privacy Notice below explains how we use information about you and how we protect your privacy.
Please see the service specific privacy notices for more information about who we may receive information from, share your information with and why we may need to share information. We have a Data Protection Lead who makes sure we respect your rights and follow the appropriate legislation. If you have any concerns about how we look after your personal information, please contact our Data Protection Officer, by completing the online enquiry form below or by writing to us at the following address:
Social Impact Services Ltd (Trading as Brightsparks Agency)
55 Manor Drive North
What you can do with your information
The law gives you a number of rights to control what personal information is used by us and how it is used by us. You can ask for access to the information we hold on you. We would normally expect to share what we record about you with you whenever we assess your needs or provide you with services. However, you also have the right to ask for the information we hold about you and the services you receive from us. When we receive a request from you in writing, we must give you access to the information we hold about you.
However, there may be information we hold that we can’t allow you to see, examples of this may include:
Confidential information about other people; or
Data a professional thinks will cause serious harm to your or someone else’s physical or mental wellbeing; or
If we think that giving you the information may stop us from preventing or detecting a crime
This applies to personal information that is in both paper and electronic records. If you ask us and give your permission, we’ll also let others see your record (except if one of the points above applies). If you wish to request access to personal information then please submit a request, via the link below, and tell us which service you’re using, or used, so we can deal with your request:
How you share your information with us
When you fill out forms on our website to download resources, make contact with us or to book appointments, you will be required to provide some information that allows the Company to deal with your request appropriately. By clicking the ‘submit’ or ‘book’ buttons at the end of these forms you are providing your express consent for the Company to process, share, store and use your data to facilitate your request/s and provide you with any other communications or information the Company believes to be relevant or appropriate with regards to fostering, across email, phone, SMS and postal channels.
You can ask to change information you think is inaccurate
You should let us know if you disagree with something written on your file. We may not always be able to change or remove that information, but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
You can ask to delete information (Right to Erasure)
In some circumstances you can ask for your personal information to be deleted, for example:
Where your personal information is no longer needed for the reason why it was collected in the first place
Where you have removed your consent for us to use your information (where there is no other legal reason for us to use it)
Where there is no legal reason for the use of your information
Where deleting the information is a legal requirement
Where your personal information has been legitimately shared with others, we’ll do what we can to make sure those using your personal information comply with your request for deletion.
Please note that we can’t delete your information where:
we’re required to have it by law
it is used for freedom of expression
it is for public health purposes
it is for scientific or historical research, or statistical purposes where it would make information unusable
it is necessary for legal claims
You can ask to limit what we use your personal data for
You have the right to ask us to restrict for what we use your personal information where:
you have identified inaccurate information, and have told us of it
we have no legal reason to use that information, but you want us to restrict what we use it for rather than erase/delete the information altogether
When information is restricted it can’t be used other than to securely store the data and with your consent to handle legal claims and protect others, or where it’s for important public interests of the UK.
Where restriction of use has been granted, we’ll inform you before we carry on using your personal information.
You have the right to ask us to stop using your personal information. However, if this request is approved this may cause delays or prevent us delivering that service.
You can object to the processing of your Personal Data
You have the right to object to the processing of your Personal Data if such processing is not reasonably required for a legitimate business purpose as described in this notice or our compliance with law.
You can ask to have your information moved to another provider (data portability)
You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. This is called ‘data portability.’
However this only applies if we’re using your personal information with consent (not if we’re required to by law) and if decisions were made by a computer and not a human being.
It’s likely that data portability won’t apply to most of the services you receive from the Company as the majority of information we process is required by law/legislation.
You can ask to have a decision reviewed if it has been made solely on automated processing
You can ask to have any computer made decisions explained to you, and details of how we may have ‘risk profiled’ you.
You have the right to question decisions made about you by a computer, unless it’s required for any contract you have entered into, required by law, or you’ve consented to it.
You also have the right to object if you are being ‘profiled’. Profiling is where decisions are made about you based on certain things in your personal information, e.g. your health conditions.
If and when the Company or the Client uses your personal information to profile you, in order to deliver the most appropriate service to you, you will be informed.
However, it is likely that automated processing/profiling won’t apply to most of the services you receive from the Company as the majority of our processes have some form of human intervention.
How do we protect your information?
We’ll do what we can to make sure we hold records about you (on paper and electronically) in a secure way. We’ll only make them available to those who have a right to see them. Examples of our security include:
‘Encryption,’ meaning that information is hidden so that it cannot be read without special knowledge (such as a password). This is done with a secret code or what’s called a ‘cypher’. The hidden information is said to then be ‘encrypted’
‘Pseudonymisation,’ meaning that we’ll use a different name so we can hide parts of your personal information from view. This means that someone outside of the Company could work on your information for us without ever knowing it was yours
Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong
Regular testing of our technology and ways of working including keeping up to date on the latest security updates (commonly called ‘patches’)
Where in the world is your information?
The majority of personal information is stored on systems in the European Union (EU) and as such is subject to EU GDPR. Although there are some occasions where your information may leave the EU in order to get to another organisation, or, if it’s stored in a system outside of the EU.
We have additional protections on your information if it leaves the UK ranging from secure ways of transferring data to ensuring we have a robust contract in place with that third party.
We’ll take all practical steps to make sure your personal information is not sent to a country that is not seen as ‘safe’ either by the UK or EU Governments.
In the unlikely event we would need to send your information to an ‘unsafe’ location we will always seek advice from the UK’s Information Commissioner first.
Where can I get advice?
If you have any concerns about how your personal information is handled please contact our Data Protection Officer via our online enquiry form or by writing to us at the address below:
Social Impact Services Ltd (Trading as Brightsparks)
55 Manor Drive North
Website Terms and disclaimer
The content of the pages of this website is for your general information and use only. It is subject to change without notice.
Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
This website contains material which is owned by or licensed to the Company and the Client. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:
you may print or download to a local hard disk extracts for your personal and non-commercial use only
you may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material
You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.
All trade marks reproduced in this website which are not the property of, or licensed to, the operator are acknowledged on the website.
Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
From time to time this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Northern Ireland, Scotland and Wales.
This site uses Google Analytics code to gather statistical and trend information so we can better understand how customers use the website. Google Analytics sets cookies to help us accurately estimate the number of visitors to the website and volumes of usage. This to ensure that the service is available when you want it and fast.
Learn more about Google Analytics
Learn more about cookies by visiting
Access to the service may sometimes be unavailable due to maintenance. It can also be affected by your Internet Service Provider, your dial-up connection and your PC. If you experience connection difficulties you are advised to retry accessing the service.
The Company collects data about your activities that does not personally or directly identify you when you visit our website, the website of entities for which we serve advertisements (our “Advertisers”), or the websites and online services where we display advertisements (“Publishers”). This information may include the content you view, the date and time that you view this content, the products you purchase, or your location information associated with your IP address. We use the information we collect to serve you more relevant advertisements (referred to as “Retargeting”). We collect information about where you saw the ads we serve you and what ads you clicked on.