Part of Queens Hall Action on Poverty, The Food Community, 65 Water St, Wigan WN1 1XD Company Number 08503176. Charity Number 1153055 © 2023 The Brick. Website by ATTAIN
CREDIT: Centre for Homelessness Impact / Liam McBurney/PA
This privacy notice explains how we use and will use your personal information and tells you about your privacy rights and how the law protects you in accordance with the General Data Protection Regulations (GDPR).
The kind of information we hold about you.
Personal information can be anything that identifies and relates to a living person. This can include information that when linked with other information, allows a person to be uniquely identified. For example, this could be your name and contact details.
We collect personal information in general where;
We collect Special Information;
The law treats some types of personal information as ‘special’ because the information requires more protection due to its sensitivity.
This information consists of;
Your personal information may be collected and used for one or more of The Brick Company’s services, regulatory functions and/or administrative activities depending on your relationship with The Brick and the nature of your contract with us. Generally, we collect and use personal information as follows:
The legal bases we rely on for processing your personal information are:
You have entered a contract with us.
It is required by law (such as where this is mandated by statute or under a court order)
It is necessary to perform statutory functions (including law enforcement functions)
It is necessary for employment related purposes.
Where it is needed in relation to exercising or defending legal rights (e.g. in relation to legal proceedings and claims)
You or your legal representative, have given consent.
It is necessary to protect you or others from harm (e.g.in an emergency)
It is necessary to protect public health.
You have made your information publicly available.
It is necessary for archiving, research, or statistical purposes.
It is necessary for fraud prevention.
Our legitimate interests (or those of a third party) provided your interests and fundamental rights do not override those interests.
We may be obligated in certain circumstances to share your data with third parties, including third-party service providers and other partner agencies. These parties will also be required to comply with the provisions of the General Data Protection Regulations (GDPR)
Why might you share my personal information with third parties?
We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
Which third-party service providers process my personal information?
“Third parties” includes third-party service providers (including contractors and designated agents) and other partner agencies.
How secure is my information with other entities?
All our third-party service providers and other entities are required to take appropriate security measures to protect your personal information in the same way we are.
When might you share my personal information with other parties?
We will share your personal information with other entities as part of our regular reporting activities on The Brick performance, in the context of a business reorganisation or departmental restructuring exercise, for system maintenance support and hosting of data.
We have put in place appropriate security measures to safeguard your personal information from accidental loss or alteration, inappropriate access, misuse or theft. Data Security policy:
As well as technical, physical and organisational controls, we recognise that a well-trained, informed and security alert workforce minimises privacy risks from human error and/or threats from malicious parties.
In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know.
We have put in place procedures to deal with any suspected data security breach and will notify you and the Information Commissioner of a suspected breach within 72 hours to comply with our legal obligations.
We will only keep your personal information for as long as the law specifies or as determined by business requirements. Details of retention periods for different aspects of your personal information are available in our corporate records policy.
Rights of Access, Correction, Erasure and Restriction
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes.
Your rights – Your Personal Information
Enhanced Access – You have the right to request information about the data we hold about you and what we do with it.
Rectification – You have the right to have personal data corrected if it is inaccurate and, considering the purposes of the processing, the right to have incomplete personal data completed.
Erasure – You have an enhanced right to request that we erase your personal data in certain circumstances.
Restrict processing – You will also have the right to request that we restrict the processing of your personal data in certain circumstances. When information is restricted it will be securely stored and only used with your consent to handle legal claims and protect others.
Data portability – You have the right to receive personal information that you have provided to us in a structured, machine readable form and to have us transmit the personal information to another organisation where technically feasible.
Object – You have the right to object to us processing your personal information.
Right to Withdraw Consent at Anytime
Where the legal reason for processing your personal information is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of our processing prior to the withdrawal of your consent.
If you do not provide consent, we may not be able to perform the contract we have entered into with you (such as paying you or providing a benefit) or we may be prevented form complying with our legal obligations (such as to ensure the health and safety of our workers)
If you wish to withdraw consent you should contact your manager in writing.
Data Protection Officer
If you wish to raise a concern or seek clarification about any aspect of this notice, please contact our Data Protection Officer. Please provide documents to prove your identity along with a description of your concern.
We will respond to all requests within one month.
If you are unhappy with the way that we handle your concern, you may complain to the Information Commissioners Office (ICO) at:
St Georges Church
CHANGES TO THIS PRIVACY NOTICE
We may update or revise this privacy notice at any time so please refer to the version published on our website for the most up to date details.
Change a life, donate today