BCWA is committed to respecting and keeping safe any personal information we hold on you as a valued supporter of our work, and to being transparent in how we process it. Our approach to safety also extends to keeping your personal information secure by protecting your privacy.
Bromley & Croydon Women’s Aid is registered under the Data Protection Act 1998 as a Data Controller, number Z2075208. Bromley & Croydon Women’s Aid is a charity registered in England & Wales, charity number 1068007 and a company limited by guarantee, number 03320296.
Purpose of this Policy
How to Contact Us
The Data We Hold
We need to process your personal data in order to perform outreach and refuge services. This may include:
In addition, we may need to process your sensitive data as an essential part of the service we provide to you, such as:
This is in order to protect the rights of both you as data subject and us as data controller.
Our legal basis: BCWA processes the personal information of individuals accessing its services on the basis of consent, and in some cases on the basis of the vital interests of the individual. Use of your personal information may also be necessary in order for us to fulfil our legal obligations or if the performance of tasks carried out in the public interest requires it.
For the purposes of recording and processing donations, business administration and legal compliance, we hold your personal data if you:
Personal details include and are not limited to contact details, date of birth, and other personal information for identifying you as an individual and pursue administrative tasks related to donations. We may store additional information such as next of kin if you leave a legacy donation, or financial information to enable us to claim Gift Aid.
We will not contact you unless you have opted in to our communications.
Our legal basis: It is necessary for us to use your personal information in order fulfil our financial administration obligations, prevent fraud and protect our legitimate interests.
Obtaining Your Consent
The legal basis of consent is only used by us in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way. You may withdraw the specific consent you give to our processing your personal data at any time.
Please note even if you withdraw consent for us to use your personal data for a particular purpose we may continue to rely on other bases to process your personal data for other purposes, where we have a legal right to do so.
How We Collect Data
We obtain your personal information in the following ways:
Use of personal information:
Why We Hold Personal Data
We process your personal information in order to:
You are in control of the personal data BCWA hold and process, as detailed in the section on your rights below. BCWA is committed to ensuring we always have a legal basis to hold and process personal data, as required by General Data Protection Regulation.
Sharing & Transferring Data
The information you share with us is strictly confidential and we will not share it with other organisations or agencies, unless you have consented for us to do so.
There are exceptions to this, which include:
Please note that BCWA’s website contains links to external websites. However, BCWA are not responsible for the privacy policies of other organisations or any content you share on other sites (e.g. if you opt-in to a partner organisation’s communications).
If we consider a child is at risk, we have a duty to take appropriate action to minimise the risk of harm. This may include working with a client to contact Children’s Services or, where necessary, making a safeguarding referral ourselves.
How We Store Data
BCWA believes the security of your personal data is of the utmost importance and we take this duty very seriously.
We make every effort to keep your data secure, and have implemented appropriate physical, technical and organisational measures to protect the personal information that we have under our control from:
We store all the information we hold on bespoke, secure databases, all of which are UK-based.
For service users’ data including sensitive data we use an encrypted case management system to store securely, which is also password protected, and staff are appropriately restricted in terms of access.
If you have opted in to receive further updates from us, we may use Typeform, Mailchimp and other similar tools to communicate with you from time to time and to carry out surveys that may collect personal data relating to you. Data entered on some of these platforms may go outside the European Economic Area (EEA) when processed digitally. Data provided through third-party giving websites may also be processed outside of the EEA. No other personal data is transferred outside of the EEA.
Retaining Your Data
BCWA will retain your personal data for a reasonable amount of time appropriate to the relevant activity. This will vary depending on your interaction with us i.e. if you are a service user, volunteer or donor. For specific details of the different retention periods, please get in touch using the contact details provided above.
Your Data, Your Rights
You are in control of the personal data BCWA hold and process. See the section on your rights below.
BCWA is committed to ensure we always have a legal basis to hold and process personal data, as required by General Data Protection Regulation.
Under current EU data protection laws (General Data Protection Regulation 2016/17) you, as an individual, have certain rights with regard to the personal information organisations hold on you and how to access it.
Your right of access: If you ask us, we’ll confirm whether we are processing your personal information and, if so, provide you with a copy of that personal information.
Your right to rectification: If the personal information we hold about you is inaccurate or incomplete, you’re entitled to have it rectified.
Your right to erasure: You can ask us to delete or remove your personal information in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable).
Your right to restrict processing: You can ask us to ‘block’ or suppress the processing of your personal information in certain circumstances such as where you contest the accuracy of that personal information or you object to us processing it.
Your right to data portability: With effect from 25 May 2018, you have the right, in certain circumstances, to obtain personal information you’ve provided us with (in a structured, commonly used and machine readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.
Your right to object: You can ask us to stop processing your personal information, and we will do so, if we are relying on our own or someone else’s legitimate interests to process your personal information, except if we can demonstrate compelling legal grounds for the processing if necessary.
Your rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision when it’s based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you. BCWA does not apply ‘automated decisions’ to personal data in our operations.
Your right to withdraw consent: If we rely on your consent as our legal basis for processing your personal information, you have the right to withdraw that consent at any time.
You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office at www.ico.org.uk.
Download this policy here.