Skip to content

Research Project Privacy Notice Feasibility Study of Summer Jobs Programme


The Ending Youth Violence Lab is a team within the Behavioural Insights Team (BIT), an independent research company. We are conducting a feasibility study of the Summer Jobs programme. This research is being funded by the Youth Endowment Fund (YEF) and philanthropist Stuart Roden. This research is being co-designed and delivered with UK Youth and further assisted by 14 local delivery partners based in selected London boroughs, Greater Manchester, and West Midlands. The feasibility study aims to understand how the programme has been received and whether it could progress to large-scale impact evaluation. Positive results from this feasibility study will see the programme progress to a Randomised Control Trial.  

This privacy notice sets out how we collect and use the personal data of young people (‘participants’), youth workers, and employers for this evaluation. 

Contact details 

Behavioural Insights Ltd (the legal name of Behavioural Insights Team (BIT)), and UK Youth are joint data controllers and are responsible for your personal data collected in connection with this project. This notice applies to the personal data we collect directly from you and personal data provided to us by third parties. Where we collect personal data from you directly, please ensure that any personal details you provide are accurate and up to date, and let us know about any changes as soon as possible. 

Each organisation has appointed a contact who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights in relation to your personal data, please use the contact details below: 

Behavioural Insights Ltd

Post: Legal Team, Behavioural Insights Ltd, 58 Victoria Embankment, London, EC4Y 0DS


UK Youth

Post:  UK Youth, X& Why Fivefields, 8-10 Grosvenor Gardens, London SW1W 0DH 

You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues ( We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

What personal data will we collect?

Young people data:

  • Name
  • Date of birth
  • Region where young person lives
  • Whether the YP is currently being charged with an offence and what the offence is
  • Whether the YP is or has been in contact with a Youth Offending Team
  • Whether the YP has previously lived on a secure estate
  • Whether the YP is attending or has attended an alternative provision unit 
  • Has had at least one fixed-term exclusion
  • Has, or has been persistently absent from school 
  • Has, or has been in care
  • Has been a victim of violence 
  • Is engaged with the Supporting Families programme
  • Has, or has had, a social worker 
  • Has been identified at risk of criminal exploitation 
  • Has a sibling or parent who has been involved in serious violence
  • YP proficiency in English 
  • Whether the YP is at risk of self-harm or suicide 
  • Phone number
  • Email address
  • Whether they are still in school
  • Date of referral
  • Gender
  • First name
  • Last Name
  • City/Town
  • Short Postcode
  • Gender
  • Ethnicity
  • Emergency Contact Details 
  • Free School Meal Eligibility
  • Special Needs or Disability details 
  • Past work experience 
  • Allergies and Health Conditions 
  • Any reasonable adjustments the Young Person needs for this employment
  • Attendance at pre-placement week sessions
  • Attendance at job
  • Attendance at youth worker check-ins


Local Delivery Partners:

  • Name of organisation 
  • Email address 

Employer data

  • Name of org
  • Sector
  • Org size
  • ⁠Name of key contact
  • Address of placement
  • Placement job title
  • Brief description of the role
  • Shift patterns 
  • Supervisor name
  • Supervisor contact info
  • Uniform / dress code requirements


Youth Workers

  • Responses to the Youth Worker satisfaction survey


Referrer data (if applicable)

  • Name
  • Contact details

*Some of this data – ethnicity and data about health conditions – constitutes ‘special category data’ under data protection laws, and additional protections will apply to our collection and use of this data. This information is vital for our analysis, to assess the reach and possible differential effects of the programme. Reporting on these fields for the purpose of our research will be in an aggregated format only. 

What do we do with information we collect?

BIT is collecting your personal data to deliver and manage a feasibility study of the  Summer Jobs programme. Processing your personal data is necessary to assess whether it will be possible to conduct a pilot randomised controlled trial of the  Summer Jobs programme, through:

  • Assessing the feasibility, acceptance, and evaluability of the intervention and evaluation

We need to use contact details to schedule interviews to explore experiences with the programme and evaluation. The processing of special category data such as young people’s ethnicity, reasonable adjustments, and SEN status is necessary to establish whether there are differential rates of dropout from the programme for participants from different groups and to assess whether outcomes vary by these characteristics. 

What is our lawful basis for processing your personal data?

Data protection laws require us to meet certain conditions before we are allowed to use your data in the manner described in this notice, including having a lawful basis for the processing. 

For all information collected: 

BIT is relying on the lawful basis of: 

LEGITIMATE INTERESTS: Our lawful basis for processing the personal data listed above is legitimate interests (as per Article 6 (1) (f) of the GDPR) and we have considered that participants’ interests and fundamental rights do not override those legitimate interests). It is necessary and in BIT’s ‘legitimate interests’ to process the personal data identified above to conduct a feasibility assessment of the  Summer Youth Employment Schemes programme that has been commissioned by the YEF. The research project fulfils BIT’s core business aims including undertaking research, evaluation and information activities in sectors that will deliver social impact.

For special category data: 

SCIENTIFIC RESEARCH PURPOSES: Our processing is necessary for scientific research purposes in the public interest, subject to suitable and specific measures to safeguard the fundamental rights and the interests of the data subject, as required by applicable laws.

For Criminal offence data:

RESEARCH PURPOSES: Our processing is necessary for scientific research purposes in the public interest, subject to suitable and specific measures to safeguard the fundamental rights and the interests of the data subject, as required by applicable laws.

Who has access to your information?

Your information will be accessed by a limited number of researchers and advisors in BIT’s project team working on this project. 

BIT may disclose your information to third parties in connection with the purposes of processing your personal data set out in this notice.  These third parties may include:

  • regulators, law enforcement bodies and the courts, in order to comply with applicable laws and regulations, assist with regulatory enquiries, and cooperate with court mandated processes, including the conduct of litigation; 
  • suppliers, research assistants and sub-contractors who may process information on behalf of BIT [e.g. cloud services to store data, survey providers to deliver surveys, and transcription services to provide transcripts of interview data]. These third parties are known as data processors and when we use them we have contractual terms and policies and procedures in place to ensure that your personal data is protected. This does not always mean that they will have access to information that will directly identify you as we will share anonymised or pseudonymised data only wherever possible. We remain responsible for your personal information as the controller; and
  • any third party to whom we are proposing to sell or transfer some or all of our business or assets.

We may also disclose your personal information if required by law, or to protect or defend ourselves or others against illegal or harmful activities, or as part of a reorganisation or restructuring of our organisations.

International Transfers 

Your personal information will not be transferred outside of the European Economic Area (“EEA”).  References in this notice to the EEA include the UK, even where the UK is no longer a member of the European Union / European Economic Area.


We take reasonable steps to protect your personal information and follow procedures designed to minimise unauthorised access, alteration, loss or disclosure of your information. 

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing.

We ensure that those who have permanent or regular access to personal data, or that are involved in the processing of personal data, are trained and informed of their rights and responsibilities when processing personal data.  We provide such access on a need-to-know basis, and have measures in place which are designed to remove that access once it is no longer required. 

Physical personal devices used by BIT are encrypted to protect your data, and confidential hard copy data (including special category data) is kept in locked rooms or cabinets.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Data Retention 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. When it is no longer necessary to retain your personal data, it will be securely deleted. 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Taking the above factors into consideration, our anticipated date of deletion for your personal data is June 2025 (6 months after project completion, defined as the date that the final report is signed off by the YEF). 

In some circumstances, we will retain an anonymised dataset (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you

Withdrawing participation

At any point until 31st July 2024, you can withdraw your participation from the study. If you withdraw before the start of the study no data will be collected about you, and you will not participate in the Summer Jobs programme.  

Should we be informed that you would like to withdraw from the study after some personal data has been collected but before analysis is begun (August 2024), we will not collect any additional personal data for you and will delete all of your survey data collected by BIT up to that point. Any data collected by UK Youth will be deleted in accordance with their privacy notice.

Once we begin analysis in August 2024, interview and survey responses will have already been analysed and anonymised (handled in accordance with the remainder of this privacy notice) and can no longer be deleted.

Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data, including rights to: 

  • Request access to your personal data: this enables you to receive a copy of the personal data we hold about you and to check we are lawfully processing it. 
  • Request correction of your personal data: this enables you to have any incomplete or inaccurate data we hold about you corrected. 
  • Request erasure of your personal data: this enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. 
  • Object to processing of your personal data: for example, you can object where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. 
  • Request restriction of processing your personal data: This enables you to ask us to suspend the processing of your personal data. 
  • Data portability: Where the processing takes place on the basis of your consent or contract, and is carried out by automated means, you have the right to request that we provide your personal data to you in a machine-readable format, or transmit it to a third party data controller, where technically feasible.
  • Right to withdraw consent to the processing of your personal data: This applies where we have relied on consent to process personal data. Please note that withdrawal of consent will not affect the lawfulness of any processing carried out before withdrawing your consent. 
  • Right not to be subject to decisions based purely on automated processing where it produces a legal or similarly significant effect on you. Please note that BIT does not engage in automated decision making without manual intervention in its research projects.  

If you wish to exercise any of the rights set out above, please contact the Data Protection Officer with your specific request by email to:

It is important to understand that the extent to which these rights apply to research will vary and that in some circumstances your rights may be restricted.

Ordinarily, you will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Please also note that we can only comply with a request to exercise your rights during the period for which we hold personal information that directly identifies you. If we have only collected pseudonymised information (e.g. where we have not collected any names or contact details) or personal data has been irreversibly anonymised and has become part of the research data set, it will not be possible for us to comply. 

Changes to this Notice 

We may change this Privacy Notice from time to time.  If we make any significant changes in the way we treat your personal information we will make this clear by contacting you directly.