Privacy

1. Introduction

We want everyone who comes to us for support, donors, our suppliers, our staff and our volunteers to feel confident about how any personal details they share will be looked after and used.

This policy provides information about what information is collected, how it is used and how we take care of it.

We will collect, store and use any information you provide in accordance with the Data Protection Act 1998 and General Data Protection Guidelines 2018 (GDPR). We will try to keep the data as accurate and up to date as possible and will not keep it longer than necessary. In some instances the law sets the length of time information has to be kept, but in most cases Bromley, Lewisham & Greenwich Mind will use its discretion to make sure we do not keep records for longer than necessary.

2. Information We Collect About You

The information we will collect will be personal data, some of this may be classed as special category data.

Personal Data

Changed Under the Data Protection Act 1998, Personal Data is defined as data that identifies a living person and/or includes any expression of opinion about that person. Personal data we might collect from you may include basic details such as your name, date of birth, email address, postal address and telephone number. It might also include any information about you in our files relating to any of our services you may have been referred to or accessed.

Special Category Data

Certain data is classified as Special Category Data. For example, racial or ethnic origin, religious or other beliefs of a similar nature, physical or mental health conditions and sexuality.  It is classed as special because of its sensitive nature.

3. How We Use Your Information

We will use the information you provide us with to carry out our work, which will include, amongst others, the following purposes:

  • to plan and deliver services
  • to create an appropriate person centred support plan in line with your needs
  • to liaise effectively with other services for your benefit
  • to help protect you or others from abuse or harm
  • to help you arrange and receive services when needed
  • so that external regulators, inspectors and funders can check and audit our services and ensure they meet the required standards
  • so that we may review, audit and improve the quality of our services and increase their benefit to you and others
  • so that we can ensure our services are accessible to all parts of society
  • carrying out our responsibilities to staff and volunteers
  • contacting professionals at other agencies regarding referrals and services that we offer
  • facilitate promotion of our services and fundraising.

4. Sharing of Information

We will share information with other organisations only where we have informed you we will do so (for example with partner organisation), where we are legally obliged to do so (such as HMRC), or where we have gained your consent to do so (such as your GP).

In certain circumstances, there may be occasions where it is necessary to share information without your consent with other organisations in accordance with BLG Mind policies, common law and the Data Protection Act 1998 as appropriate. For example, in circumstances where disclosure is felt to be justified in the public interest e.g. to protect you or someone else from harm. In these circumstances, the information shared will always be kept to the minimum necessary. If we do this you will be informed about who we have shared information with and why.

5. Compliance with General Data Protection Regulations (GDPR)

GDPR requires us to have a legal basis for holding your data which we need to communicate to you. For special category data we also have to meet one of a number of special conditions. There is a separate privacy notice for each of our services and each area of activity that sets out which apply to your data. These can be found on the relevant section of our website.

6. Security

Keeping your personal information safe is very important to us. We have implemented appropriate physical, technical and organisational measures to protect the information we hold from improper access, use, alteration, destruction and loss.

7. Right to Access

You have a right, under the Data Protection Act, to request a copy of the information that is held about you. This is known as a subject access request.

Subject Access Requests must be made in writing (email requests are acceptable) and there may be a fee involved. We are required to provide the information within one month, unless it is particularly complicated or we receive a number of requests from you, in which case we can extend the time by a further two months.

Third party requests, i.e. from insurers or solicitors, must be accompanied by a consent form signed within the last 6 months.

8. Right to request rectification and erasure (ask to be forgotten)

You have a right to ask us to correct any information we hold about you, which you believe is incorrect.

You have the right to be asked to be forgotten, which means any data we hold on you must be anonymised so that it can no longer be identified as yours. However doing this will mean that we are unable to provide a service to you and if you would like a service from us in the future we will not be able to access your historic records.

9. Our Website

This section of the policy explains how we secure and use data relating to the website, what information www.blgmind.org.uk (referred to as ‘this website’) collects and how the organisation, Bromley, Lewisham & Greenwich Mind (referred to as ‘we’, ‘us’ and ‘our’) uses that information.

9a. Securing Your Connection to our Website

This website uses a SSL (Secure Sockets Layer) security certificate to encrypt and protect connections to and traffic on the website. When you are on this website, in the address bar of your web browser, you should see at least one of the following to confirm the secure connection to this website:

  • A padlock symbol
  • The text ‘https://; before the website address
  • The words ‘Secure’ or ‘Secure Connection’

9b. Cookies

This website uses cookies to:

  • help us monitor and understand how people use the website
  • identify returning or repeat visitors
  • manage the security of this website
  • manage people logging in or out of the website.

You can block these cookies using the appropriate desktop and mobile apps for your software and system.

9c. How Visitors use this Website

We use Google Analytics and page tagging techniques to understand how this website is used by visitors.

Find out more what information Google collects, how it uses and protects this information here. The link also provides information as to how you can opt-out of Google Analytics.

Google Analytics and this website can collect information such as:

  • visitor IP address, web browser, device(s) used
  • how people came to our website, time spent on web pages
  • whether a visitor is logged into a restricted part of the website
  • if a visitor has come to the website recently.

This information helps us:

  • make sure our website meets visitor and technological needs
  • know if we are providing information you need or find useful
  • make best use of our charity resources to promote what we do and support people who need our services.

9d. Contacting us via the Website

We can personally identify you if leave a comment, submit a form or click an email link when you use the website. This includes information such as your name, IP address, email address, telephone number and any other information you provide to us. We do try to keep the information we collect to the minimum needed to allow us to respond to your feedback, messages, comments or queries.

9e. Subscribing to Email Notifications, Newsletters and Updates

We offer email subscription to our newsletter, marketing, fundraising and updates about our services.

We only ask for your first name and email address and you can unsubscribe at any time using the link at the bottom of the emails you receive. The information you provide to us will only be used for the above purposes and not sold or rented to any third party individuals, organisations or companies.

We do use a third party email providers for this service. The company provide a secure service compliant with relevant data protection legislation. In addition to sending the emails, they provide analysis for us such as click rates, open rates, sharing and forwarding of emails received from us. This helps make sure we are providing information that is relevant to people subscribing and measure the effectiveness of our marketing and communications. 

10. Contact Us

If you would like to know more, or have any concerns about how your information is being processed, or would like to make a subject access request, please contact:

Data Controller
Bromley, Lewisham & Greenwich Mind
Anchor House, 5 Station Road, Orpington, Kent, BR6 0RZ
Tel: 01689 811222
Email: Data.Controller@blgmind.org.uk 

11. Right to lodge a complaint

If at any time you think there is a problem with the way that we are handling your data you have a right to complain to us through our normal complaints procedure, details of which can be found on our website blgmind.org.uk, or by email to Data.Controller@blgmind.org.uk

You may also contact the Information Commissions Office directly at www.ico.org.uk

Updated November 2020