BIRMINGHAM RATHBONE – PRIVACY POLICY

This Privacy Policy outlines how Birmingham Rathbone operates in relation to information collected from users who visit our website (www.rathbone.co.uk), or people who otherwise share personal information with us.

Summary

This privacy policy describes what personal data we might collect, the purposes for which it is used, how it is stored and how it is disposed of. It also outlines your rights under data protection legislation and what you can do if not happy about various aspects of the handling of your personal data. At the end of the policy it states when it was last updated. We update the policy on a regular basis and you should therefore open the policy on a regular basis to be sure that you are aware of any changes we may have made.

Grounds for Data Collection

Processing of your personal information (i.e. any information which may potentially allow your identification with reasonable means – hereafter called ‘Personal Information’) is necessary for the performance of our contractual obligations towards you in providing you with our services, to protect our legitimate interests and for compliance with legal and financial regulatory obligations to which we are subject.


When you use our website or use receive one of our services, you consent to the collection, storage, use, disclosure and other uses of your Personal Information as described in this policy. For clients are referred or refer themselves to receive our services, we also always ask for explicit written consent to be able to share your Personal Information as necessary in order to deliver the service (e.g. with social workers, GPs etc.).


We encourage our clients and website users to read the Privacy Policy carefully and to use it to make informed decisions about consents and the handling of your Personal Information.


Contact Details

Our full details are:

Full name of legal entity: Birmingham Rathbone Society

E-mail address: ask@rathbone.co.uk

Postal address:     

  First Floor

  Morcom House

  Ledsam Street

  Ladywood

  Birmingham

  B16 8DN

 

What personal data do we collect, for what purpose and how do we use it?

Personal data means any information which can identify an individual and so does not include anonymised data. So that we can provide a safe and professional service, we need to keep certain records about you. We may process the following types of data:

  • Your basic details and contact information e.g. your name, address, date of birth and next of kin;
  • Your financial details e.g. your funding arrangements for your care, your entitlement to benefits etc.

We also record the following data which is classified as ‘special category’;

  • Health and social data about you, which might include both your physical, learning disability/difficulty and mental health data;
  • We may also record data about your race, ethnic origin, gender, sexual orientation and religion.

Why do we have this data

By law we need to have a lawful basis for processing your personal data. We process your data because:

  • We are legally obliged to do so – generally under the Health & Social Care Acts 2008 and 2012, Mental Capacity Act 2005 and Care Act 2014.

We process your special category data because:

  • It is necessary for us to provide you a person-centred care service
  • It is necessary in relation to social protection law e.g. safeguarding
  • It is necessary to meet our obligations under the Equality Act 2010

We also have to satisfy the Common Law Duty of Confidentiality in our use of health and social care data, by:

  • You having provided us with your consent
  • Us having a legal requirement to collect, share and use data
  • Having to share when it is in the public interest e.g. to assist the Police in an investigation or prevention of a serious crime

So that we can provide you with a high-quality care/support service we need specific data, which comes from you or third parties. We gather this data face to face, over the phone (by voice or text), by e-mail, by post, on referral/application and other forms and via our website.


We may share this information lawfully with third parties such as:

  • Other parts of the health & social care system such as hospitals, GPs, CPNs, social workers, the Integrated Care Board, and other health and care professionals;
  • The Local Authority;
  • Your family and friends – but only with your permission
  • Organisations we have a legal obligation to share information with e.g. for safeguarding, the CQC as care regulator;
  • The Police or other law enforcement agency if we have to by law or Court Order.

Communication Data – This includes any communication we receive from you through the website contact form, e-mail, text, social media messaging, social media posting, or any other communication you send to us. We process this data in order to communicate with you, to keep accurate records and for information in case of disputes or complaints.

Referral Forms: Our website contains links to the referral forms for the different types of services which we offer. The referral forms contain a section which requires you to give us consent to process the information in order to process your referral and to access the services and support appropriate to your needs. This may require us to share some or all of the information you have given with other relevant organisations.

A referral can be made by a professional on behalf of a potential client, a member of the public, or you may use the forms to self-refer to our services. When you send us a completed referral form we strongly advise you to password protect and/or encrypt the document and then to contact us separately to inform us how to open it.

When we have vacancies for paid staff, volunteers or trustees we place the application pack in the vacancies section of our website. The application form asks for a range of personal information. We advise you to password-protect and/or encrypt the completed form before sending it to us via the website. You can also send it by post to our address above.

The application form will only be seen by staff involved in the recruitment and selection process and you will be contacted and invited to interview if you are shortlisted (this applies equally to paid, volunteer and trustee positions).

Sensitive Data – This includes details about your race, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic or biometric data, and information about criminal convictions and offences, some of which we request as part of the selection process.


Along with the application form we ask candidates to complete a diversity monitoring form and a rehabilitation of offenders form. The data from the diversity monitoring form is only seen by a member of staff who is not part of the shortlisting/interview panel and so any information declared for monitoring purposes is not fed into the selection process. The diversity data is compiled into an anonymised report for trustees and senior management, and the original forms are destroyed once the data has been extracted.


We work with vulnerable people and so we need candidates to declare if they have any relevant convictions which could make them unsuitable for this kind of work. Simply declaring a conviction will not rule out a candidate and the type and seriousness of the offence and the length of time since it occurred will be taken into account at the shortlisting stage, along with scoring all application forms against the person specification and the requirements of the particular role.


All application forms and rehabilitation of offender declarations, other than those submitted by successful candidates, are securely destroyed within a 12 month period of the end of the process.

Marketing/Promotional Communications – We may use your contact details to send you information on events, activities, opportunities, services or any other area we think you might be interested in knowing about. Before we share your personal data with a third party we will get your express consent, unless we are required by law to divulge it.

CookiesWe use cookies when you visit our website. Cookies are small pieces of information that a website assigns to your device while you are viewing a website. Cookies are very helpful and can be used for various different purposes. These purposes include allowing you to navigate between pages efficiently, enable automatic activation of certain features, remembering your preferences and making the interaction between you and our website quicker and easier.

Disclosure of your Personal Data – Where, with your consent, we share your personal data with a third party (e.g. a local authority, health service etc.) we will require them to respect your privacy and to treat it within the law. We will only allow such third parties to process your data for specific purposes (e.g. processing your Housing Benefit claim). Where we are required by law to disclose information we will be bound to do so.

Data Security – We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed or accessed without authorisation. We also allow access to your personal data to employees and partners who have a business need to know such data. They will only process your data on our instructions and will keep it confidential.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally obliged to do so.

Data Retention – We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.

When deciding the length of time we need to retain information we will make an assessment of whether the purpose for which we collected the data is still valid and if not, destroy it securely.

We permanently delete electronically stored records from our servers and we use a secure on-site shredding company for destroying paper records.

Your Legal Rights – Under data protection legislation you have rights in relation to your personal data which include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and to withdraw consent (unless in that instance we are required by law).

You can find out more about these rights by visiting https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights

If you wish to exercise any of these rights set out above, please e-mail ask@rathbone.co.ukaddressed to the Data Protection Officer (DPO), or write to the DPO at:

  Birmingham Rathbone

  Morcom House

  Ledsam Street

  Ladywood

  Birmingham

  B16 8DN

 

You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, frivolous, vexatious or excessive, or may refuse to comply with your request in these circumstances.

We may need to ask for specific information from you in order to confirm your identity before giving you access to your personal data (or if exercising any of your other rights). This is to make sure that personal data is not disclosed to anyone without a right to see it. We may also contact you to ask for further information in relation to your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you of the delay.

If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO) the UK supervisory authority for data protection issues ( www.ico.org.uk ). We would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

National Data Opt Out – We do not share any data for planning or research purposes for which the national data opt out would apply. We review all client information which we process annually to check if any is used for this purpose. If it were, we would inform the individuals of their right to opt out and stop the information being shared. More information on this can be found at https://www.nhs.uk/your-nhs-data-matters/

Third-Party Links – Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow a third party to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Transfer of data outside of the EEA – We do not transfer any personal data outside of the UK. 

If you have any queries about our website, or the information we collect about you and how we use it, please contact us at ask@rathbone.co.uk or via the Contact Us page of our website, or write to:

  Birmingham Rathbone

  Morcom House

  Ledsam Street

  Ladywood

  Birmingham

  B16 8DN

 

Last updated 12th April 2024