Privacy Policy

PRIVACY Policy

  • The Brick (a data controller) is committed to protecting the privacy and security of your personal information.

This privacy notice explains how we use and will use your personal information and tells you about your privacy rights and how the law protects you in accordance with the General Data Protection Regulations (GDPR).

The kind of information we hold about you.

Personal information can be anything that identifies and relates to a living person. This can include information that when linked with other information, allows a person to be uniquely identified. For example, this could be your name and contact details.

We collect personal information in general where;

  • You have entered into a contract with us.
  • You or a legal representative has given consent.
  • As required by law (e.g. mandated by statute or court order)
  • It is necessary for employment related purposes.
  • You have made your information publicly available.
  • It is necessary for archiving, research, or statistical purposes.
  • Dealing with legal disputes involving you, or other employees, workers and contractors including accidents at work.
  • Ascertaining your fitness to work.
  • Managing sickness absence.
  • Complying with health and safety obligations and public access legislation.
  • To prevent fraud
 

We collect Special Information;

The law treats some types of personal information as ‘special’ because the information requires more protection due to its sensitivity.

This information consists of;

  • Racial or ethnic origin
  • Religious or philosophical beliefs
  • Trade Union membership
  • Physical or mental health
  • Criminal convictions and offences
 

Purpose

Your personal information may be collected and used for one or more of The Brick Company’s services, regulatory functions and/or administrative activities depending on your relationship with The Brick and the nature of your contract with us. Generally, we collect and use personal information as follows:

  • In delivering services and support by ensuring other statutory or voluntary agencies with whom The Brick is working, are able to deliver `joined up’ services to you.
  • For managing and checking the quality of our services
  • If you apply for a job or become employed by us.
  • For ensuring the health and safety of our staff.
  • To help investigate any concerns or complaints you have about our services and for answering enquires under access legislation.
  • To improve the general experience of our customers and of visitors to our websites.
  • For managing any online transactions, you may elect to make and/or, marketing choices or preferences you may have expressed.
  • For archiving, research, or statistical purposes (including research and evaluation undertaken by The Brick Company or in combination with Wigan Council.
 

The legal bases we rely on for processing your personal information are:

You have entered a contract with us.

It is required by law (such as where this is mandated by statute or under a court order)

It is necessary to perform statutory functions (including law enforcement functions)

It is necessary for employment related purposes.

Where it is needed in relation to exercising or defending legal rights (e.g. in relation to legal proceedings and claims)

You or your legal representative, have given consent.

It is necessary to protect you or others from harm (e.g.in an emergency)

It is necessary to protect public health.

You have made your information publicly available.

It is necessary for archiving, research, or statistical purposes.

It is necessary for fraud prevention.

Our legitimate interests (or those of a third party) provided your interests and fundamental rights do not override those interests.

 

Data Sharing

We may be obligated in certain circumstances to share your data with third parties, including third-party service providers and other partner agencies. These parties will also be required to comply with the provisions of the General Data Protection Regulations (GDPR)

Why might you share my personal information with third parties?

 

We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.

 

Which third-party service providers process my personal information?

 

“Third parties” includes third-party service providers (including contractors and designated agents) and other partner agencies.

 

How secure is my information with other entities?

 

All our third-party service providers and other entities are required to take appropriate security measures to protect your personal information in the same way we are.

 

When might you share my personal information with other parties?

 

We will share your personal information with other entities as part of our regular reporting activities on The Brick performance, in the context of a business reorganisation or departmental restructuring exercise, for system maintenance support and hosting of data.

 

Data Security

We have put in place appropriate security measures to safeguard your personal information from accidental loss or alteration, inappropriate access, misuse or theft. Data Security policy:

 

As well as technical, physical and organisational controls, we recognise that a well-trained, informed and security alert workforce minimises privacy risks from human error and/or threats from malicious parties.

 

In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know.

 

We have put in place procedures to deal with any suspected data security breach and will notify you and the Information Commissioner of a suspected breach within 72 hours to comply with our legal obligations.

 

Data Retention

We will only keep your personal information for as long as the law specifies or as determined by business requirements. Details of retention periods for different aspects of your personal information are available in our corporate records policy.

 

Rights of Access, Correction, Erasure and Restriction

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes.

 

Your rights – Your Personal Information

Enhanced Access – You have the right to request information about the data we hold about you and what we do with it.

 

Rectification – You have the right to have personal data corrected if it is inaccurate and, considering the purposes of the processing, the right to have incomplete personal data completed.

 

Erasure – You have an enhanced right to request that we erase your personal data in certain circumstances.

 

Restrict processing – You will also have the right to request that we restrict the processing of your personal data in certain circumstances. When information is restricted it will be securely stored and only used with your consent to handle legal claims and protect others.

 

Data portability – You have the right to receive personal information that you have provided to us in a structured, machine readable form and to have us transmit the personal information to another organisation where technically feasible.

 

Object – You have the right to object to us processing your personal information.

 

Right to Withdraw Consent at Anytime

Where the legal reason for processing your personal information is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of our processing prior to the withdrawal of your consent.

 

If you do not provide consent, we may not be able to perform the contract we have entered into with you (such as paying you or providing a benefit) or we may be prevented form complying with our legal obligations (such as to ensure the health and safety of our workers)

If you wish to withdraw consent you should contact your manager in writing.

 

Data Protection Officer

If you wish to raise a concern or seek clarification about any aspect of this notice, please contact our Data Protection Officer. Please provide documents to prove your identity along with a description of your concern.

We will respond to all requests within one month.

If you are unhappy with the way that we handle your concern, you may complain to the Information Commissioners Office (ICO) at:

 

https://ico.org.uk/

 

The Brick
St Georges Church
Wigan
WN1 1DN

 

CHANGES TO THIS PRIVACY NOTICE

We may update or revise this privacy notice at any time so please refer to the version published on our website for the most up to date details.

Change a life, donate today