Search
|
Emergency Numbers: 999 (Dial 55 while on the line if you cannot speak), ESDAS: 01737 771 350
Staying safe online
Contact us
EXIT SITE

Privacy Policy

ESDAS Privacy Policy – November 2024. Approved By ESDAS Trustee Board

Date of issue: 25/11/2024
Date of Review: 25/11/2027
Version Number: 2

Welcome to East Surrey Domestic Abuse Services’ privacy policy.

We know that your data and privacy is highly important to your trust in us as a safe and specialist service. We are committed to upholding and protecting your rights in respect of your privacy and personal data. We will ensure that we keep your personal information safe and commit to being clear on how we collect your data, how we store it and what we do with it.

This privacy policy applies to the ESDAS website, our social media channels, and our service offer.

We might collect your data in the course of you looking for information, support, training or to donate to us, work or campaign with us.

We keep our privacy policy under regular review and will place any updates on this webpage. This privacy policy was reviewed and updated November 2024.

ESDAS will only collect, process and store information about you that you have willingly provided to ESDAS. We aim to be open about the information we are collecting and clear about what we will be using this for.

We will process your personal data on the basis of your consent and/or our legitimate interest which may be regarding the provision of information about our services, your name, contact details, demographic information such as postcode, as well as other information which you provide to us when you contact us through our website, training and contact via post, telephone, e-mail, webforms or social media.

Any information we collect and store may be accessed by our staff to enable us to effectively communicate with and provide services to you.

How we collect personal data about you

We collect personal data in a variety of ways, which are set out below:

  • Personal data you provide to us directly

You may provide personal data to us when approaching us for support or information, asking for training for your team, making a donation, signing up to attend events, signing up to receive email communications from us, or contacting us via phone or email.

When you interact with our website, we collect your personal data by using “cookies” and other tracking methods. This personal data includes tracking data, browsing activities and patterns over time and across different websites.

  • Personal data you may provide to us indirectly

There may be scenarios where we collect personal data about you that has been provided to us by a third party – normally an agency that you have interacted with, we will ask those services who provide us with information about you whether they have your permission to share your data. In the event of serious safeguarding needs we may share information with a third party without your express consent.

We transfer any necessary documents, which may contain personal data, onto storage provided by third party providers such as Google and Microsoft, who take technological measures to keep your personal data safe.

The personal data we collect about you

We may collect, use and store the following kinds of personal data:

  • your name;
  • your pronouns;
  • your date of birth;
  • your contact details;
  • your address;
  • general information about your situation and/or your health;
  • notes from any calls;
  • equalities monitoring information;
  • any reasonable adjustments necessary;
  • we may collect data about your family;
  • information on tax payer status to enable us to claim Gift Aid;
  • information about activities/interaction on our website or social media platforms e.g. the device being used, IP address and location; and
  • any other personal information you provide to us.

We only collect special category data where there is good reason to do so. You may wish to keep your call to us entirely anonymous and/or ask us not to keep a note of anything.

How we use your personal data

We will use your personal information to do the following:

  • Provide you with information, products or services you’ve requested or that we feel might be of interest to you.
  • Respond to direct requests where you contact us with a query – we will use your personal information to respond.
  • Carry out general administrative tasks like dealing with complaints and feedback, essential record-keeping.
  • Keep you safe: in the event that we reasonably think you (or someone else) is at risk of serious harm or abuse.
  • Monitoring and evaluation: we use your personal information to inform and develop our
    service delivery.
  • Process one-off or regular donations and to claim Gift Aid.
  • Make our marketing campaigns more targeted and relevant to potential clients and donors; we will only send you marketing information if you have given us specific consent to do.
  • Improve your experience of our website, so that we may offer you a more user-friendly navigation of our website.
  • Supporter profiling and analysis: we will use your personal information to help us better target communications, so that you are more likely to receive communications relevant to your interests.

For how long will we keep your personal information?

We are committed to retaining your personal information for no longer than necessary in relation to the purpose for which it was first collected. This is in line with guidance from the Information Commissioner’s Office. We will regularly hold some types of data for up to seven years and in specific cases (children in care, children who are fostered, and client deaths) we
will keep records for longer, in line with the legal requirements.

In the cases of financial transactions like donations and purchases, we will keep your personal information for as long as legally required in respect of tax or accounting purposes, which could be anything up to six years after a transaction has taken place.

You are legally entitled to ask us to delete information we hold about you.

Legal basis for processing data

Data protection law ensures that every use of personal data is justified by a “legal basis”.

  • Consent

This legal basis requires clear consent to be obtained in order to process personal data for a specific purpose. We ensure we have obtained consent before collecting your personal data wherever necessary. You have the right to withdraw consent at any time.

  • Legal Obligation

The processing is necessary for ESDAS to comply with the law. For example, we collect personal data in order to keep a record of donations for tax purposes and under anti-money laundering legislation.

  • Legitimate interest

The processing is necessary for an individual’s legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data, which overrides those legitimate interests.

How we keep your information safe

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, volunteers, contractors and other third parties who have a legitimate business need to know. We ensure that only people who need to access the information have passwords in order to access it. They will only process your personal data on our instructions and they are subjected to a duty of confidentiality.

We ensure that all staff and volunteers are trained in data protection and confidentiality so that they understand how to protect personal data. We take other measures, such as only allowing access to those that need it, requiring passwords, using two factor authentication when available and monitoring access to systems.

We store the required personal data, excluding credit card details, on our server for as long as needed to process the donation. We also keep any paper records locked away or under the supervision of a member of staff until digitised, from then it is destroyed.

Disclosures of your personal data

We will only use your personal information for the purposes for which it was obtained in the first place. We won’t share it with any third parties and you won’t receive any communications from other organisations. We will only disclose your personal data in a few minimal ways.

  • In the event that we use third party suppliers to help deliver our services, fundraising activities and campaigns. For example, we use On track by Oasis to hold details of our cases.
  • Where we are legally bound to disclose your personal information, for example, to further criminal investigation or to keep you safe if we believe you (or someone else) is at risk of serious harm or abuse.

Additionally, we can share some details with HMRC, or if the law necessitates sharing personal data. We may only share information with any venues or organisers that are running events for or with us. We only share the information that we need to share. We may need to share your information with our various regulators such as the Charity Commission and anonymous monitoring data with our commissioners and funders.

Your rights

You have several rights over your data. If you want to do any of these things, please contact support@esdas.org.uk

Please note, that some of these rights are not guaranteed. For example, you can always ask for a copy of your data, but if you ask us to delete something that we have a legal obligation to hold (such as information about a safeguarding decision) then we may not be able to comply.

  • The right to be informed about the collection and use of personal data

We will tell you what we are doing with your information

  • The right to access personal data and supplementary information

You can request a copy of any personal data that we hold about you.

  • The right to have inaccurate personal data rectified, or completed if it is incomplete

If you think that our records of your personal data are incorrect, inaccurate or incomplete, please let us know. We will correct any factually incorrect information.

  • The right to erasure (to be forgotten) in certain circumstances

In some cases, you can ask us to delete your information. If this is not possible, we will explain why this is the case.

  • The right to restrict processing in certain circumstances

You can ask us to stop using your data for certain purposes

  • The right to data portability, which allows you to obtain and reuse your personal data for your own purposes across different services

You can ask us for a copy of your data in a format that is machine-readable

  • The right to object to processing in certain circumstances

You can object to some of our processing

  • Rights in relation to automated decision making and profiling

We have to tell you if we are using any programmes to make automatic decisions about you – however, we do not do this.

Use of CookieYes

We use a third-party service, CookieYes, to manage cookie consent on our website. CookieYes sets a necessary cookie to record your consent preferences. This cookie does not store any personally identifiable information but may record information such as your IP address, the date and time of your consent, and the categories of cookies you accepted or rejected.

CookieYes enables us to comply with data protection laws by ensuring non-essential cookies are not set unless you have given consent. You can update or withdraw your consent at any time using the cookie banner or settings on our website.

For more information on cookies used by our site, including those managed through CookieYes, please see our Cookie Policy.

Complaints

If you have any complaints or concerns with regard any personal data that ESDAS may hold about you or if you wish to exercise rights in relation to your personal data, please contact us via our Data Protection Officer at Support@esdas.org.uk. You also have the right to raise concerns with the UK Information Commissioner’s Office, which is the regulator for data protection matters. They can be contacted at ico.org.uk.

We may change this privacy policy from time to time. If we make any significant changes in the way we treat your personal information, we will make this clear on our website or by contacting you directly.

Contact us

If you have any questions or comments regarding this privacy policy, please contact our Data Protection Officer at Support@esdas.org.uk or by phone at 01737 771350.