Data Protection Act
Under the Data Protection Act 1998 we hold information relating to your tenancy. This will be your name, address and any disabilities you have told us about or any other information relating to your tenancy and the services we provide you with.
This data is held securely and is only used to communicate with you and provide services. If you wish to have a copy of the information we hold about you, you will be asked to pay a £10 administration fee and will need to complete a Data Subject Access Request Form. Once we receive your payment we will respond to you within 40 Calendar days.
To request a Data Subject Access Request Form please contact us on 0800 953 0213.
Community Gateway Association (CGA) is responsible for the collection, processing, storing and safe keeping of any information, personal or otherwise, gathered during the course of carrying out our day to day activities. We manage the information you provide in accordance with the Data Protection Act 1998 and are registered as a Data Controller (registration number Z9495636) with the Information Commissioner’s Office.
CGA is thoroughly committed to abiding by the principles of the Data Protection Act 1998.
This statement demonstrates how seriously CGA takes the security of your information and sets out our approach to safeguarding it.
This statement applies to all personal information collected by CGA, our subsidiaries, partners and contractors acting on our behalf.
What information might we collect about you?
CGA does not collect or use personal information for any purpose other than that indicated in our notification with the Information Commissioner’s Office.
The information we may collect about you and others could include, but is not limited to:
- Date of birth
- National Insurance Number (where applicable)
- Contact details (phone/mobile/email)
- Photograph or CCTV footage
- Racial or ethnic origin
- Physical or mental health or condition
- Transaction history
How will we use the information we collect?
CGA collects and processes personal and sensitive information about you for the provision of products and services, appropriate to your needs, and to support your relationship with us. The information collected also allows CGA to:
- Ensure the information we hold about you is relevant and up to date.
- Be committed to providing services fairly and equitably.
- Improve the services we provide to you through research and analysis.
- Keep you up to date with the latest news, products and services (marketing).
- Support the health and safety and safeguarding of our tenants and employees.
- Ensure we are meeting our legal obligations e.g. Equalities Act and Health and Safety Act.
CGA may also seek to apply markers to your information, e.g. in relation to your vulnerability or health status, to allow us to tailor the services we deliver to you.
Please keep CGA informed of any changes to your circumstances, as this will help us to provide you with the best possible service in the future.
CGA will regularly seek to review your personal information and make any changes deemed necessary to our service or information handling procedures as dictated by law or the Information Commissioner’s Office.
Who may we share your information with?
Sharing Information within CGA
Information will be shared within CGA to ensure you are receiving all the services available to you. Only staff who need to see your personal data will have access to it.
Our legal obligations
We will not normally share your information without your consent unless required to do so by law or in line with our obligations under the Data Protection Act 1998. Examples of occasions when CGA will be legally obliged to share relevant information with third parties include:
- The prevention or detection of crime and fraud.
- The apprehension or prosecution of offenders.
- The assessment or collection of tax or duty owed to customs and excise.
- In connection with legal proceedings.
- In relation to the physical and mental health of an individual, where disclosure is required to protect them or others from serious harm.
- For research or statistical purposes.
Sharing information with our partners
CGA may enter into partnerships with other organisations, such as local authorities and the police. For example, we may join a partnership to help prevent and control anti-social behaviour. We will ensure a data sharing agreement is in place before any sharing of data takes place with a partner organisation.
Sharing information with our contractors and suppliers
There are some instances when we will share your information to support legitimate business purposes. We do this to ensure that we can meet your needs and also to meet our health and safety obligations towards those delivering services on our behalf. This may include sharing information with our contractors and suppliers to enable them to carry out duties on our behalf or to meet contractual obligations in place.
Applying to work at CGA
If you submit an application to work for CGA we will use your personal information to process your application and to produce and monitor recruitment statistics. We will not take up references without your prior permission. We will not share or disclose your information unless you have given us your consent or we are required to do so by law. Where we are required to carry out a Disclosure and Barring Service check we will comply with the law and your rights when carrying out these checks.
We retain personal information relating to unsuccessful applicants for no longer than 12 months, for use in the event of an appeal.
We produce statistical information to assist with recruitment analysis.
Visiting our website
When you visit our website will we collect standard internet log information for statistical purposes.
- Do not make any attempt to identify visitors to our websites. We do not associate information gathered from our sites with personally identifying information from any source.
- When we collect personal information, for example via an online form, we will explain what we intend to do with it.
Our websites contain links to third party websites. We are not responsible for the content or privacy practices of any external website that are linked from our sites.
Cookies are small text files placed on a website visitor’s computer, which identify it to our server. Cookies don’t identify individual users and are widely used in order to make websites work, or work more efficiently, as well as to provide analytical information to the owners of the site which is used to improve user experience.
You may delete and block all cookies from this site. Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
Please be aware that restricting cookies may impact on the functionality of the VerseOne website.
List of the cookies used on the VerseOne websites
VerseOne uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of our websites which are used in aggregate form to improve the performance and user experience on our site. Google Analytics uses only first party cookies and collects no personally identifiable information.
Google stores the information collected by the cookie on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using the VerseOne website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
How to reject or delete this cookie
|Cookie name||Expires||Linked Information||Functions|
|_utma||2 years||Anonymous||Gather information about site visitors, in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.|
|_utmc||On closing browser|
Cookies used by VerseOne CMS
VerseOne CMS does not use any cookies by default. However, three 'session' cookies are created when a visitor to the VerseOne website does the following:
- logs in to the website;
- clicks one of the contrast buttons.
The three cookies are used to cross-reference each other for improved security.
|Persist||2 hours||Anonymous||Remembers that the user has chosen a high contrast or low contrast stylesheet.
Caches data against the session in order to maximise performance.
|JSESSIONID||Session||Browser close||Username||When a user logs in, maintains authentication state, access rights, etc.|
These cookies do not store any personal information about you, your computer, your visit, or your browsing history. After the time indicated above, the cookies’ validity is destroyed and the browser instructed to remove the cookie from your computer.
For more information
Contact us via firstname.lastname@example.org or call 01483 263099.
Keeping your information secure
CGA store information both electronically and in paper form.
We implement security policies, processes and technical security solutions to protect the personal information we hold from:
- Unauthorised access.
- Improper use or disclosure.
- Unauthorised modification.
- Unlawful destruction or accidental loss.
When contacting CGA we may ask you to provide us with some information so that we can confirm your identity. If other people (e.g. family members, support workers, solicitors) act on your behalf, we will take steps to ensure that you have agreed for them to do so. This may include asking them to provide us with supporting information to indicate your consent. We do this to protect you and to make sure other people cannot find things out about you that they are not entitled to know.
Employees and third parties who have access to, or are associated with the processing of, your personal information are obliged to make reasonable efforts to safeguard it.
How we use your telephone number
Text messages and contact via telephone provide a direct way for CGA to contact you and share information about the services we can deliver. It can also help you receive important promotional/marketing messages which may be of interest or help you.
We may use the telephone number that you have provided us to keep in contact with you by text. When we send SMS/text messages, there may be someone in your household who may read the message before you are able to. You may like to inform the people who live with you that you may receive text messages from time to time.
Operational SMS/text messaging and calls
If you supply us with your telephone contact details, we may use them to call or send you operational text messages.
Examples of operational text messages include:
- Confirming a repair and/or a time and date for a repairs contractor to visit
- Confirming a home visit
- Sending a reminder about an appointment
- Asking you to contact a named person
You cannot opt-out of the use of your telephone numbers for operational purposes.
Promotional and marketing SMS/text messaging and calls
Our promotional or marketing SMS/text messages can benefit you by giving you information about our own services and those provided by approved third parties (such as companies or groups we work with).
Representative examples of the promotional or marketing text messages which we may send you include:
- Helping you if you have money worries, through advice, guidance and appropriate referrals to support agencies.
- Promoting services that may interest you, including supporting families with young people not in education, employment or training.
- Supporting families affected by anti-social behaviour.
- Giving you information on energy, heating or water saving services.
- Inviting you to take part in telephone surveys.
- Access to work readiness programme or employment training or employment opportunities.
- Activities to help bring communities together.
When you supply your telephone contact details, you can ask us to either send or not send promotional and marketing SMS/text messages. You can opt-out of receiving these types of SMS/text messages by e-mailing email@example.com.
Sharing your telephone number with third parties
We may pass your telephone number to third parties so that we can meet our contractual obligations with you. We may also share your telephone numbers if we are required to by law. In doing so, we will comply with the Data Protection Act 1998.
We may supply the details to our approved marketing or third-party contractors who are delivering or performing services on our behalf, and these companies must not use your information for any other purpose. We will never share or sell your telephone numbers to telesales/marketing companies.
Please contact us first if you have a concern about anything relating to how we process your personal data. We will do everything we can to help you. You have the right to:
- Ask for a copy of your personal information.
- Know how your personal information will be shared and under what circumstances.
- Know how to opt-out of promotional and/or direct marketing and automated decisions.
- Challenge incorrect personal information and request for it to be amended.
- Have inaccurate information rectified, blocked, erased or destroyed.
- Complain to the Information Commissioner.
- Apply to the Court for compensation for distress and/or damages due to non compliance with the Data Protection Act 1998.
Finding out about the personal information we hold about you
You can ask us whether we are keeping personal information about you by writing to our Data Protection Officer, Community Gateway Association, Harbour House, Port Way, Preston, PR2 2DW.
The Data Protection Act 1998 gives you a number of rights in relation to your personal information. You can find out about your rights, and get further guidance, on the ICO website.
Accessing Your Personal Information
As part of our service to you, we are happy to provide you with copies of specific documents (e.g. rent statements, tenancy agreements) upon request on an informal basis. If you want to make a larger or more comprehensive request, you can do this formally by making a ‘subject access request’.
If you make a subject access request we will provide you with a readable copy of the personal information we hold about you. To make a subject access request you must:
- Make your request in writing
- Provide proof of your identity
- Pay a £10.00 fee
Please send your request to:
Data Protection Officer
Community Gateway Association
If you are a CGA customer, our Customer Service Team will be able to help you with most queries and requests you may have. If you want to contact us specifically about the privacy of your personal information, please contact the Data Protection Officer at the above address.
We keep our privacy statement under regular review.