Privacy Notice

Personal data

Personal data is information that identifies and relates to a living individual. This can include information such as your name, DOB and address which, when put together, can identify a person.

Special category data

The Together Trust sometimes also holds information on you, which can be seen as more sensitive to an individual. It is known as special category data. We take special care of holding any information you might provide to us on the following:

• Racial or Ethnic Origin,
• Political Opinions,
• Religious/Philosophical Beliefs,
• Member of a Trade Union,
• Health,
• Sexual life/Orientation,
• Genetic or Biometric Data

Why do we hold your personal information?

The Together Trust might need to hold your information about you to:

• Deliver and manage services and support to you or your family
• Train and manage staff who deliver these services
• Ensure individual welfare and safeguarding
• Protect or prevent crime/fraud
• Check and monitor the quality of these services
• Investigate complaints about these services
• Ensure individual health, welfare and safeguarding (including measures to manage Covid-19)

What allows us to use your information?

There are a number of different legal reasons, which allow us to collect and use your personal information. You can see our individual service privacy notices to see which legal reason is being used.

In general, data will be collected where:

• you, or your legal representative, have given consent
• you have entered into a contract with us
• it is necessary to perform our statutory duties
• it is necessary to protect someone in an emergency
• it is required by law
• it is necessary for employment purposes
• it is necessary to deliver health or social care services 
• you have made your information publicly available
• it is necessary for legal cases 
• it is necessary for archiving, research, or statistical purposes

Any time we rely on consent as a reason to use your data we will provide you with the means to withdraw this consent at anytime. To exercise this right please contact dataprotection@togethertrust.org.uk and tell us what service you would like to withdraw your consent from.

Use of your personal data in automated decision making and profiling

We do not currently put your personal information through any automated decision making or profiling process. This means we do not make decisions about you using only computers without any human involvement.

If this changes in the future, we will update this notice in order to explain how we do this to you, including your right to object to it.

What are your rights?

You have a number of rights in regards to the information we hold about you.

• the right to be informed
• the right to access your personal information
• the right to edit and update your personal information
• the right to request to have your personal information deleted
• the right to restrict processing of your personal information
• the right to data portability
• the right to object - including automated decision making and profiling
• the right to lodge a complaint with a supervisory authority

The Together Trust has provided a guide explaining these rights in more detail.

To exercise any of these rights please contact our Data Protection Officer on dataprotection@togethertrust.org.uk

We only use what we need

The Together Trust only collects the personal information it needs to deliver a service to you or meet a requirement. 

If we don’t need personal information we’ll either keep you anonymous if we already have it for something else or we won’t ask you for it. For example in a survey we may not need your contact details we’ll only collect your survey responses.

If we use your personal information for research and analysis, we will always keep you anonymous or use a different name unless you have agreed that your personal information can be used for that research.

We will never sell your personal information to anyone else.  

Who do we share your information with?

We use a range of organisations to either store personal information or help deliver our services to you. Where we have these arrangements we will put an agreement in place to make sure that the organisation complies with data protection law. 

We will often complete a privacy impact assessment (PIA) before we share personal information to make sure we protect your privacy and comply with the law.

Sometimes we have a legal duty to provide personal information to other organisations. This is often because we need to give that data to courts or for legal proceedings.

We may also share your personal information when we feel there is a good reason that is more important than protecting your privacy. This does not happen often, but we may share your information:

• in order to find and stop crime and fraud; or if there are serious risks to the public, our staff or to other professionals;
• to protect a child; or
• to protect adults who are thought to be at risk, for example, if they are frail, confused or cannot understand what is happening to them. 

Your information may be shared with us by third parties, for example, fundraising sites like Just Giving.  These third parties will only do this when you have indicated that you wish to support the Together Trust and with your consent. You should check their Privacy Policy when you provide your information to understand fully how they will process your data.

Our individual privacy notices explain which organisations the service shares data with and why.

How do we protect your information? 

We will do what we can to make sure we hold records about you (on paper and electronically) in a secure way, and we will only make them available to those who have a right to see them. Examples of our security include:

• Encryption, meaning that information is hidden so that it cannot be read without special knowledge (such as a password).
• Pseudonymisation, meaning that we’ll use a different name so we can hide parts of your personal information from view. This means that someone outside of the Together Trust could work on your information for us without ever knowing it was yours
• Controlling access to systems and networks allows us to stop people who are not allowed to view your personal information from getting access to it
• Training for our staff allows us to make them aware of how to handle information and how and when to report when something goes wrong
• Secure servers, firewalls and SSL encryption. Regular testing of our technology and ways of working including keeping up to date on the latest security updates.

• We follow payment card industry (PCI) security compliance guidelines when processing credit card payments.

How long do we keep your information?

The Together Trust often has to legally keep personal data for a set period of time. This can range from a few months up to decades for sensitive records. We have a records retention schedule that details how long specific records need to be kept for. You can ask to see this by contacting the Data Protection Officer.

When you use our website

Our website uses cookies. You can read about the cookies we use and how to manage them on our cookies page.

If you submit a form through our website, we will store that information securely and it will only be accessed by appropriate staff.

If you make a payment, your payment details are securely processed by Worldpay or Paypal. We do not see your card details.

Where does your information sit? 

The majority of personal information is stored on systems in the UK. But there are some occasions where your information may leave the UK either in order to get to another organisation or if it’s stored in a system outside of the EU.

We have additional protections on your information if it leaves the UK ranging from secure ways of transferring data to ensuring we have a robust contract in place with that third party. 

Where can I get advice?

If you have any worries or questions about how your personal information is handled please contact our Data Protection Officer at dataprotection@togethertrust.org.uk or by calling 0161 283 4848.

For independent advice about data protection, privacy and data-sharing issues, you can contact the Information Commissioner’s Office (ICO) at:

Information Commissioner's Office

Wycliffe House 

Water Lane 

Wilmslow

Cheshire SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number.

Alternatively, visit ico.org.uk or email casework@ico.org.uk.