Trafford Domestic Abuse Services (TDAS) is the ‘controller’ of the information (‘personal data’) we collect and hold about you – our ‘data subjects’ – and we are responsible for how that data is processed. The word ‘process’ covers the things that can be done with personal data, including collection, storage, use and destruction of data.
This privacy notice explains why and how we process your personal data, and explains the rights you have, including amongst others, the right to request access to your data, and to object to the way it is processed.
We process your data so we can manage and support our relationship with you, comply with legal obligations, improve our services, and achieve our legitimate business aims.
If you have any queries about this notice or anything related to data protection, you can contact our Data Protection Officer at firstname.lastname@example.org
We are registered with the ICO with registration no. ZA795882
‘Personal data’ is any information that relates to a living, identifiable person. This will usually include your name, address, contact details, and other information we collect as part of our relationship with you, whether you use our services or come into contact with us in any other way through our work such as:
People linked to the people who use our services;
People who make donations to us;
People who provide us with services;
People who make enquiries or complaints;
Colleagues in other agencies who make referrals;
Some especially sensitive information is known as ‘special categories’ of data and includes information about a person’s race or ethnic origin, religious, political or other beliefs, physical or mental health, trade union membership, genetic or biometric data, sex life or sexual orientation. The use of this type of data, is subject to strict legal controls.
We also process data relating to criminal proceedings or offences or allegations, which is also subject to strict legal rules around processing.
We only process data if we need to for a specific purpose, as explained below. Most often, we collect your personal data directly from you, through our contact with you. We may collect your personal data from other 3rd parties such as referrals into our services. When we collect personal data via a third party, we will also inform the data subjects about:
the categories of personal data concerned; and
the source of the personal data.
YOUR DATA AND HOW AND WHY WE PROCESS IT
We may collect amongst other things your; name, address, email address, telephone number, date of birth, age, sex, family details including children, lifestyle and social circumstances, some protected characteristics and diversity data, and other information that we collect through our interactions with you, for the following reasons, to:
fulfil our contract with you in the delivery of training and support;
comply with a legal obligation such as safeguarding children and vulnerable adults;
protect someone’s life (known as ‘vital interests’);
monitor the quality of our services to ensure they are delivered in the most efficient and effective way, which is in our and your legitimate interests;
comply with legal requirements for us to provide personal information to other organisations, such as health organisations and courts;
pursue our own and other parties’ legitimate interests, while your own interests, rights and freedoms are respected. For example, investigating complaints about service delivery, and investigating issues.
If we send electronic messages (by email or SMS text) to you as an individual (rather than a business representative) regarding our services or for an awareness or fundraising campaign, we will do so only on the basis of your freely-given consent before sending these messages. You can opt-out at any time.
We also ensure any “marketing” phone calls comply with PECR and take into account the Telephone Preference Service (TPS) list.
If we send hard copy marketing/awareness/fundraising messages to you, we will do so for the purposes of our legitimate interests to increase awareness of, and funds for, our charity, and you can opt-out at any time.
We collect special categories of data relating to you – namely, race or ethnic origin, religious, or other beliefs, physical or mental health, biometric, sex life or sexual orientation , criminal proceedings, outcomes and sentences, offences including alleged offences, immigration data– for the purposes of:
safeguarding the vital interests of an individual and the data subject is incapable of giving consent (e.g. in emergency, life or death situations),
pursuing legal claims,
carrying out our obligations and exercising our specific rights or yours, in the field of employment law, social security law or social protection law;
reasons of substantial public interest, on the basis of the Data Protection Act 2018, which includes safeguarding, crime prevention, and regulatory work, amongst others;
the purposes of the provision of health or social care or treatment or the management of health or social care systems and services on the basis of UK law (where the processing is carried out by, or under the supervision of, a health professional);
promoting, equality of opportunity or treatment (regarding different: race or ethnic origins; religious or similar beliefs; health status; sexual orientation)
reasons of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of UK law.
Providing confidential advice, support or another similar service provided confidentially;
Safeguarding of children and of adults at risk, including safeguarding of economic well-being;
Responding to requests made by Elected Representatives on behalf of individuals
5. when you the data subject has given, your clear, specific, freely given consent.
WHO WE SHARE WITH AND WHY WE SHARE YOUR DATA
We do not buy or request information about you from other sources such as credit reference agencies.
We share the data we process with other organisations, only when we have a lawful basis to do so, or when we are engaging a supplier who will act as a ‘Data Processor’ on our behalf. ‘Processors’ are businesses who handle, or could potentially handle, personal data as part of providing a service to us, and include our IT system providers, our email providers, our website hosts, survey providers, contractors, consultants and any other appropriate service providers from time to time.
Other organisations we share data with include healthcare providers, education providers, accommodation providers, Ministers of Parliament (e.g via complaints), insurance companies, and Local Authorities, only when we have a legal basis to do so. We will co-operate with Police and other authorities if we are asked to, in order to investigate or prevent crime, including fraud.
HOW WE STORE YOUR DATA
Your personal data is held in both hard copy and electronic formats on our secure networks. We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you if appropriate (e.g. to provide advice about how to protect yourself in case there has been a breach) and we will notify the regulator if we are legally required to do so.
Where we store or transfer your data outside of the UK we do so only where we have judged there to be appropriate safeguards in place to control the protection of your data. These safeguards include the data being in a country that has been assessed as ‘adequate’ or we have entered into Standard Contractual Clauses or an International Data Transfer Agreement or IDTA, where appropriate, or when a legal exemption applies.
HOW LONG WE KEEP YOUR DATA
Your data is only kept for as long as there is a lawful reason to retain it. Some of our retention periods are based on legal requirements, and others are based on the practical reasons we need to keep the data for a certain period of time.
Once we reach the retention period, we will securely delete the relevant data, unless we are legally required to keep it longer, or there are legal reasons why we should keep it longer.
Your rights as a data subject
As a data subject, you have the following rights in relation to your personal data:
To be informed about how and why your data is handled, which we do in a large part through this Privacy Notice;
To gain access to copies of your personal data (sometimes known as making a Subject Access Request or SAR);
To have errors or inaccuracies in your data changed;
To have your personal data erased, in limited circumstances (sometimes known as the ‘right to be forgotten’);
To object to the processing of your personal data for marketing purposes or when the processing is based on the public interest or other legitimate interests;
To restrict the processing of your personal data, in limited circumstances;
To obtain a copy of some of your data in a commonly used electronic form, in limited circumstances (known as the right to data portability);
Rights that ensure you are not unfairly affected by any profiling or automated decisions.
If you wish to make a Subject Access Request or exercise any of the other rights, please contact us. We will respond to you as soon as possible, and within one month for a request to access, rectify, erase, restrict or object to processing of, your data, or a request for data portability.
For more information about these rights, please see the ICO’s website https://ico.org.uk/ or contact us.
If we are relying on your consent to process your data, you may withdraw your consent at any time by contacting us.
COMPLAINTS TO THE INFORMATION COMMISSIONER
You have a right to complain to the Information Commissioner's Office (ICO) about the way in which we process your personal data, although please allow us the opportunity to sort out the issue first. You can make a complaint on the ICO’s website https://ico.org.uk/.
Our Cookies settings area on the website allows you to choose whether to accept the non-essential cookies.
If you prefer to turn off essential cookies as well as non-essential cookies, you can turn them off in your browser, but please be aware that the website will not operate as intended.
ONLINE PRIVACY NOTICE
This website is operated by Trafford Domestic Abuse Services (TDAS).
TDAS respects your privacy and recognises how important it is that your personal data remains secure. We ask that you read this privacy notice carefully as it contains important information on:
the personal data we collect about you
what we do with your personal data, and
who your personal data might be shared with.
WHO WE ARE
Trafford Domestic Abuse Services is registered as a 'data controller' with the Information Commissioners Office (ICO), (i.e. we are responsible for, and control the processing of, your personal data).
WHAT PERSONAL DATA WE COLLECT
PERSONAL DATA PROVIDED BY YOU
We collect personal data about you (such as your name and email address) when you subscribe to our mailing list or make a donation. We collect additional information when you enquire about our services, such as address and telephone number. We also collect personal data when you contact us or complete a user survey, but you can choose to remain anonymous if you prefer.
PERSONAL DATA PROVIDED BY THIRD PARTIES
We do not buy or request information about you from other sources (such as credit reference agencies).
PERSONAL DATA ABOUT OTHER INDIVIDUALS
If you give us data on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
give consent on his/her behalf to the processing of his/her personal data;
receive on his/her behalf any data protection notices;
SENSITIVE PERSONAL DATA
We may ask you to provide sensitive personal data, for example if you enquire about our services or apply for employment. If we request such data, we will explain why we are requesting it and how we intend to use it.
Sensitive personal data can include information about your health, race, ethnic origin, political opinions, criminal convictions and offences, sexual orientation or religious beliefs.
We will only process your sensitive personal data if you have given your explicit consent.
MONITORING AND RECORDING COMMUNICATIONS
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, compliance and safeguarding.
For example, we may monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of a user's internet service provider. This information helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie will never give TDAS access to your computer or any information about you, other than the data you choose to share with us and your IP address.
You can set your browser to not accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our website features may not function as a result.
WHY WE COLLECT YOUR PERSONAL DATA
We collect data about you so that we can:
identify you and manage any services we provide to you;
meet our safeguarding responsibilities for children and vulnerable adults
conduct research, statistical analysis and behavioural analysis;
if you agree, let you know about other products or services that may be of interest to you—see 'Marketing’ section below;
detect and prevent fraud;
customise our website and its content to your particular preferences;
notify you of any changes to our website or to our services that may affect you;
carry out security vetting;
improve our services; and
process any charitable donation you make
We would like to send you information by post, email, telephone or text message (SMS) about events, fundraising initiatives, awareness campaigns and TDAS news and achievements which may be of interest to you.
We do not pass or sell your details to any other business or third party for marketing purposes.
We will only ask whether you would like us to send you marketing messages when you tick the relevant boxes when you enquire about our services, make a charitable donation or choose to receive our newsletters.
If you have consented to receive such marketing from us, you can opt out at any time. See 'Your Rights and Your Personal Data’ below for further information.
SHARING YOUR PERSONAL DATA
We will only share your data with parties outside of the organisation with your consent or where we are obliged to do so for legal reasons.
KEEPING YOUR DATA SECURE
We will use technical and organisational measures to safeguard your personal data, for example, we store your personal data on secure servers.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that is transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘Contact details’ below).
WHAT CAN I DO TO KEEP MY INFORMATION SAFE?
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
YOUR RIGHTS AND YOUR PERSONAL DATA
Unless subject to an exemption (under the General Data Protection Regulation), you will have the following rights with respect to your personal data:
The right to request a copy of your personal data which TDAS holds about you;
The right to request that TDAS corrects any personal data if it is found to be inaccurate or out of date;
The right to request your personal data is erased where it is no longer necessary or legally required for TDAS to retain such data;
The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller (the right to data portability), where applicable;
The right to lodge a complaint with the Information Commissioners Office.
To exercise all relevant rights, queries or complaints please in the first instance contact TDAS if you have any questions about the privacy notice or the information we hold about you.
If you wish to contact us, please send an email to email@example.com or write to us at Trafford Domestic Abuse Services, Gorse Hill Studios, Cavendish Road, Stretford, M32 0PS or telephone 0161 872 7368.
You can contact the Information Commissioners Office on 0303 123 1113 or https://ico.org.uk/global/contact-us/email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
CHANGES TO THE ONLINE PRIVACY NOTICE
We may change this online privacy notice from time to time. You should check this notice occasionally to ensure you are aware of the most recent version that will apply each time you access this website.
DO YOU NEED EXTRA HELP?
[If you would like this notice in another format (for example: audio, large print, braille) please contact us (see ‘Contact details’ above).
This Privacy Notice was last updated 23 September 2022.