Together Housing Group is responsible for collecting, processing, storing and safe keeping of personal information as part of our business activities. We manage information in accordance with relevant data protection laws.
We take your privacy and the security of your information seriously. We understand that when you give us your personal information you want to ensure that it is kept private and secure.
This policy sets out our approach to how we use and protect any of the personal information which you provide us.
We collect and process personal data including but not limited to:-
We will only collect information from you that we need to carry out our business activities and we will ensure that it is kept up to date and accurate.
We use your information to ensure we are able to meet any obligations we have to you under any contract which is in place such as paying you any money which is owed to you, or sending you invoices for payments which are owed to Together Housing Group.
We may also use your information where we have a legitimate interest in doing so e.g. for administration or marketing purposes or to ensure our services are delivered effectively.
If we ask you to provide any additional personal information over the phone, or by filling in a form, or through a website we will give you more details about why we need the information and what we intend to do with it.
We use the telephone number or e-mail address that you have provided us to keep in contact with you.
We may use the e-mail address you provide us with to correspond with you, or provide you with news and information about Together Housing. We may also use your e-mail to send you information about other services you can access, but we will only do this where there is a legitimate reason for doing so.
We will only share your personal information where we have a valid legal reason to do so, or where it is in your interests.
We share your personal information with Together Housing staff and with other companies within the Together Housing Group.
We may share information with our External and Internal Auditors in order to comply with our financial controls and accounts. We may also share information with organisations such as HMRC in order to comply with tax legislation, or the Police in the interest of preventing or detecting fraud or other crimes. We may pass on your information to third parties for collection of any unpaid debts.
We may also share your information with credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
We store the information you provide us electronically on secure servers.
We implement security policies, processes and technical security solutions to protect the information you provide from:-
When you contact us, we may ask you to provide some information so that we can confirm your identity. We do this to protect your information and ensure that other people cannot find out things about you that they are not entitled to know.
We will ensure that our staff and other third parties, who may have access to your information or who process it on our behalf, are appropriately trained and can apply effective safeguards in keeping your information secure.
We will not transfer any of your data outside of the European Union, including any data processors who act on our behalf.
We only keep hold of your information for as long as it is needed to fulfil the purpose that you originally provided it to us, or where there is a legal reason for keeping the information. For example we keep information such as financial transactions or bank records for 6 years in order to comply with tax requirements.
We operate information retention policies and have measures in place to securely destroy or delete any information which is no longer needed.
We will be as open as possible with you about the personal information we hold about you, and if something is wrong we want to work with you to put it right.
You have the right to have inaccurate or outdated information amended or deleted. You may also object to us using data that you believe is inaccurate. If any of your circumstances change please contact us.
You can ask us whether we are keeping personal information about you by e-mailing us at firstname.lastname@example.org
The General Data Protection Regulation 2018 gives you a number of rights in relation to your personal information. You can find out more about your rights, and get further guidance, on the Information Commissioners Office website www.ico.org.uk
As part of our service to you, we are happy to provide you with copies of specific documents (eg orders and delivery notes or invoices) upon request on an informal basis. If you want to make a larger or more comprehensive request, you can do this formally by making a ‘subject access request’.
If you make a subject access request we will provide you with a readable copy of the personal information we hold about you within a month of receiving your request. To make a subject access request, you must contact us to advise us of what information you are requesting. We may ask you to clarify exactly what information you want where this will help us to search for it. We will also ask you to provide proof of your identity (2 different forms of ID are required), to make sure we are providing information to the right person.
If you are a contractor or supplier, our finance team will be able to help you with most queries and requests you may have. If you want to contact us specifically about the privacy of your personal information or to make a subject access request, you can send your request to;
Or by writing to:-
Data Protection Team
Together Housing Association
Bull Green House
Please tell us if you have a concern about the personal information we hold about you, or how we use it. We’ll do our best to help.
If, after contacting us, you are still not satisfied you can complain to the Information Commissioner www.ico.org.uk . You can also apply to the Court for compensation for distress and/or damages due to non-compliance with the General Data Protection Regulation.