Privacy Notice

Protecting your privacy

ICO registration number ZA502388, expires 05 March 2020

This Privacy Notice tells you about the types of personal data that The Daisy Project collects, how we handle it, how we store it and how we keep it safe. This notice also tells you about your rights in relation to your personal data. We hope the following sections will answer any questions you have but if not, please do get in touch with us. It’s likely that we’ll need to update this Privacy Notice from time to time. We’ll notify you of any significant changes, but you’re welcome to come back and check it whenever you wish

Who are we?

The Daisy Project (Domestic Abuse Integrated Support for You) provides integrated domestic abuse advocacy and support services to families across the South of Glasgow.
Our ICO registration number is at the top of this statement

Our contact details are:
Castlemilk Community Centre, 121 Castlemilk Drive, Castlemilk, Glasgow, G45 9UG

Tel: 0141 634 4053
E-mail: office@thedaisyproject.org.uk

What personal data do we process?

The Daisy Project collects, stores and uses information about:

• our own employees and prospective employees
potential and/or current clients
• occasionally, other family members of potential and/or current clients
the employees of some of our suppliers / partner organisations
• the personal data being processed by our suppliers / partner organisations to the extent that it is necessary for us to provide our services to our client(s)
Special Category Data: where it is necessary for the purpose of:

(i) protecting an individual from neglect or physical, mental or emotional harm; or
(ii) protecting the physical, mental or emotional well-being of an individual.
Where that individual is: a child or an adult at risk, under 18 or, having needs for care and support, experiencing or at risk of neglect or any type of harm, unable to protect themselves

We need to collect the information to ensure we can keep accurate case notes and an action plan of your situation that will enable the service to provide you with an appropriate level of service.
As you would expect, we are fully committed to dealing with all personal data in a fair and transparent way and ensure that we have the appropriate security measures in place. This notice sets out what we do with your personal data, why we do it, who we pass it on to and what we do to keep it secure.

Telephoning our office
When you call our office whether by mobile or landline we may collect Calling Line Identification (CLI) information that retains your telephone number (unless you have a withheld your number). We use this information to help improve our efficiency and in order that we may call you back in the event of a ‘missed call’.

Contacting us by e-mail
When you email our office for the first time we will store your email address in order to respond to your questions or enquiry. We monitor any emails sent to us, including file attachments, for viruses, phishing and malicious software.

Visiting our website
Our website uses Google Analytics to collect information and details of visitor behaviour patterns. This helps us understand how many people have visited our site and which pages are visited most often. We do not collect or store personal information in this way and we cannot identify you as an individual through this third-party service. For more information on cookies, see our separate cookie notice.

If you complete a “contact us” form on our website, you will be asked to complete your name, email address and telephone number. This will be used to contact you to respond to your enquiry.

Visiting our office
We will use an internal referral form to collect personal information from you relating to the enquiry or the matter for which you are looking to have assistance with, i.e. support / advocacy / information etc.

Why do we process this information?

Potential and/or Current Clients

We use the personal data of potential and/or current clients to contact you about the work we are doing or to provide support and/or recommend further services. Data protection laws require us to have a legal reason for collecting, holding and using your personal information.

  • In some circumstances, we may rely on your consent as the legal reason. 
  • In some circumstances, we may rely upon the fact that processing is necessary for the performance of a contract to which you are party.
  • In some circumstance, we may rely upon the fact that we are subject to a legal obligation
  • And, in some circumstances, the processing may be required to protect your vital interests or those of another natural person.You have the right to withdraw your consent to us holding and using your personal information and special category personal information by contacting us.  Once you have withdrawn your consent, we will no longer use your personal information and special category personal data for the purpose(s) you originally agreed to, unless we have another legal reason for doing so

Our other legal reasons for holding and using your personal information might be:

  • (As a Data Processor and Controller) contractual obligations to local authorities and funders
  • Legal and regulatory obligations which apply to us as a registered social charity and legal organisational entity;
  • Protection of your vital interests;

We may also have a legitimate interest to process this information in order to keep doing business and provide the services that we offer.

Personal Data we Process as part of our Service

We may occasionally have to use the personal data that is being processed by a partner organisation in order to provide our services. We will only use this for that purpose and no other purpose. It will be held securely and then returned to the partner organisation as soon as it is no longer required for that purpose, or destroyed / deleted in accordance with our retention and disposal policy.

 

Who do we share your data with?

We will only share personal data as is necessary to provide our services or provide safeguards to individuals and in accordance with our legal obligations.

This will only be with third parties, agencies, partner organisations that we trust such as;

  • Local authority,
  • Police,
  • cloud storage provider,
  • recommended law firm, and only when there are appropriate data sharing agreement and arrangements in place.
  • All of our data is stored on an internal server and backed up, daily, on a secure hard drive.
Data Retention

Potential and/or Current Clients

We will hold details for as long as we are providing you with our services or advice and support. If we no longer have a relationship with you, we will delete your data in accordance with our retention schedule, after the termination of the relationship, aside from any data that we are required to keep to fulfil our legal obligations.

Your Rights

You have rights in relation to your personal data and you can ask The Daisy Project to:

  • Provide a copy of your personal data
  • Correct any mistakes in your personal data
  • In certain situations; Delete your personal data
  • In certain circumstances; Restrict processing of your personal data,  i.e. if you contest the accuracy of the data
  • In certain situations; Provide you with a copy of the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party

You can object:

  • At any time to your personal data being processed for direct marketing (including profiling);
  • In other situations, to our continued processing of your personal data,  e.g. processing carried out for the purpose of our legitimate interests.

If you would like to exercise any of these rights, or if you have any concerns about how your personal data is being processed, please contact us using the details above and we will do our best to address your concerns.

Your objection (or withdrawal of consent) may mean we cannot perform the services you have requested of us or you may not be able to use the services we offer. We will advise you where this is the case. In certain circumstances, even if you withdraw your consent we may still be able to process your personal information if:

  • required or permitted by law
  • for the purpose of exercising or defending our legal rights
  • meeting our legal and/or any regulatory obligations

You also have the right to complain to the Information Commissioner where any alleged infringement of data protection laws occurred. We would, however, appreciate the chance to deal with your concerns before you approach the Information Commissioner so please contact us in the first instance. If you still believe that we have not handled your personal data properly or have not complied with your rights, you can complain to the Information Commissioner.

Contact details are available at: www.ico.org.uk

 

Privacy Notice last updated 31st March 2019