GDPR

GENERAL DATA PROTECTION REGULATION (GDPR)


DATA PROTECTION ACT AS OF 25TH MAY 2018


Privacy and cookies


Barry Summers & Co is a data controller under the Data Protection Act as we collect and process personal information about you in order to provide services and meet our statutory obligations. Please see below 'Why we need your information', for a full description of the services in which we may use your personal data.

Barry Summers & Co is committed to protecting and respecting your privacy. Through this Privacy Notice we have sought to be as transparent as possible to fully explain how your personal data is held and processed.

This Privacy Notice explains when and why we collect personal information about people who engage or come into contact with us, whether via applying or receiving our services, or visiting our website.

Upon visiting our website, we will use third party service providers to collect technical information from your device including standard internet log information such as the Internet Protocol (IP) address, your browser type and version, and certain page interaction information.

This notice explains how we collect, use and share your information and how long we keep it, and how we keep it secure.

We may change this Privacy Notice from time to time so please check this page regularly to ensure that you’re happy with any changes.

Any questions regarding our privacy practices should be sent by email to:

Data Protection Officer:- Tony Jackson at info@barrysummers.co.uk


What type of information is collected about you


Barry Summers & Co may collect various types of personal data about individuals depending on the services your receive, such as your:

•contact details; including name, address, email address, telephone number, etc.

•date of birth

•proof of identity

•national identifiers such as; NHS number and NI numbers

•information about your family

•IP address and information regarding what pages are accessed and when

•lifestyle, social and personal circumstances

•the services you receive

•financial details for purposes of receiving or making payments

•employment details

•housing information

•visual images, personal appearance and behaviour

•licenses or permits held

•business activities

We may also collect sensitive personal data that may include:

•physical or mental health details

•racial or ethnic origin

•gender and sexual orientation

•trade union membership

•political affiliation and opinions

•offences (including alleged offences

•religious or other beliefs of a similar nature

•criminal proceedings, outcomes and sentences

We may also record and monitor telephone calls to our officer for quality and training purposes.


Cookies


Upon visiting our website, cookies are used to collect information about website usage. Cookies are also set when you:

•click on social networking buttons in our pages such as facebook and twitter

•watch videos

•register for services or communicate with us

•take part in online surveys

 

Why we need your information


We need your personal data in order to provide you with the services that you apply for or receive from us and also for where we are required to use information in order to meet our statutory obligations. We will only collect personal data that is absolutely necessary and any information we collect about you will be strictly in accordance with the Data Protection legislation and other statutory obligations which we are bound by.


Who your information may be shared with


Barry Summers & Co has statutory obligations to collect, process and share personal or special categories of personal information without consent, with certain organisations such central government (DWP, HMRC, Home Office etc) and law enforcement agencies such as the Police and the Crown prosecution service, for the following purposes:

•safeguarding of vulnerable adults and children

•if we are required to do so by any court or law

•prevention of fraud

•protect you or other individuals from serious harm


We may also share your information with third party service providers working on our behalf for the purposes of completing tasks and providing services to you on our behalf . However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure, as required by the Data Protection Act 2018 and General Data Protection Regulation 2016 (GDPR), and not to use it for any other purposes.

We will never use or share your personal information to third parties for marketing purposes without your permission.


How long we keep your information

We review our retention periods of the information we hold about you on a regular basis.

We will hold your personal information on our systems for as long as it is necessary for the relevant activity or service that we provide to you, or as required by law. For further details, please contact the Data Protection Officer via info@barrysummers.co.uk or 01388 815324


Marketing and E-Newsletters


Barry Summers & Co always acts upon your choices around what type of communications you want to receive and how you want to receive them. Where you have signed up for one of our newsletters, we use email newsletters to inform you of what we’re doing, news and events.

Tools may be used to help us improve the effectiveness of our communications with you, including tracking whether the emails we send are opened and which links are clicked within a message. This helps us to improve and refine future email marketing around our campaigns and make sure all our emails are relevant and useful as possible.

You have a choice about whether or not you wish to receive marketing information from us. If though you no longer want to receive our e-newsletters, then you can do this by clicking the unsubscribe link on every email.

 

Business Intelligence, Profiling and Automated-Decision making


Business intelligence:

We may analyse your personal information to improve services and for the following purposes;

•undertake statutory functions efficiently and effectively

•service planning by understanding your needs to provide the services that you request

•understanding what we can do for you and inform you of other relevant services and benefits

•help us to build up a picture of how we are performing at delivering services to you

•analysis of costs and spend of services we provide so that we can to ensure better and efficient use of funds funds

Barry Summers & Co is however committed to using pseudonymised or anonymised information as much as is practical, and in many cases this will be the default position.


Pseudonymisation is a procedure by which the most identifying fields within a data record are replaced by one or more artificial identifiers, or pseudonyms. There can be a single pseudonym for a collection of replaced fields or a pseudonym per replaced field.


Anonymisation is the process of removing identifying particulars or details from (something, especially medical test results) for statistical or other purposes.

 

Profiling and automated-decision making


Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a person, to analyse or predict aspects concerning that person’s economic and health situation, reliability, personal preferences and interests etc.

Automated-decision making means any processing that is carried out by automated means without any human review element in the decision-making.

We may use your information from the services that you engage with to create a single view and profile of you, which will help us to better understand your specific needs and ensure we are providing the right and efficient services to you in accordance with your needs as well as ensure that we hold one accurate record of your basic personal data across our services; such as your name, DoB, address, email address, change in circumstances etc.

Profiling will be carried out only when it is necessary in order to provide you with the service you have agreed to receive or where Barry Summers & Co has a statutory obligation or where to the law allows. However, we will notify you where we would do this and where required we will seek your consent.

 

Protecting your information


Any information held by Barry Summers & Co about individuals is held securely and in compliance with the Data Protection Act 2018 and GDPR.

Barry Summers & Co is committed to protecting its client’s personal data. We have put measures in place to ensure that our staff, service providers, partners and suppliers all look after your information in line with good practice and the law. These follow the rules and practices known as Information Governance (IG).

The information security measures we've put in place include:

•following good Information Governance practice and the law when it comes to collecting, handling and giving access to information

•training staff in their data protection responsibilities

•putting processes in place to ensure good Information Governance practices for information we collect, hold or handle in both manual and electronic forms

•access to your information is only given to those who need to know and where it is necessary

•information will not be held for longer than required and will be disposed of securely

•we encrypt all our electronic devices and sensitive information that is transmitted is encrypted

 

How you can access, update, restrict, remove or correct your information


The Data Protection law gives you the right to apply for a copy of information about yourself. This is called a ‘Subject Access Request'.

The accuracy of your information is important to us to be able to provide relevant services more quickly. If you wish to restrict data processing or sharing including use for marketing or do not want to be contacted by Barry Summers & Co in any way, please inform us. You can request that we remove your details from our database by contacting the Data Protection Officer. We will remove data in accordance with your wishes excluding data we are required to keep by law.

If you change your address or email address, or if any of your circumstances change or any of the other information we hold is inaccurate or out of date, please inform us as soon as possible.

 

Your information choice and rights


Where we use your personal data for other purposes other than what you have consented or where we have to fulfil a statutory obligation, or where the data protection law allows, then we will let you know so that you can make an informed choice about how your information is used.

If you do not want your information to be used for any purpose beyond providing the services you have agreed to receive, such as; sharing it with our partners or providers for service delivery planning or improvement of services or for Business Intelligence, profiling research, you can choose to opt-out of this.

You may not be able to object to your information being used, held, or shared under certain circumstances. For example, where have a duty to safeguard a vulnerable adult or a child, or the prevention and detection of crime, or where we are required to fulfil our statutory obligations.

Where you would like to withdraw your consent or opt-out of any other use of your information, please write to:

Data Protection Officer:- Tony Jackson, 29 Whitworth Terrace, Spennymoor, County Durham, DL16 7LE

 

Information Commissioner’s Office


The Information Commissioner is the UK's independent body set up to uphold information rights.

If you would like to know more about your rights under the Data Protection law, and what you should expect from us, visit the Information Commissioner’s website.

If you have any concerns regarding our privacy practices or about exercising your Data Protection rights, you may contact the Information Commissioner’s Office:

Information Commissioner's Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Tel: 0303 123 1113 or 01625 545 745

Email: casework@ico.org.uk

 

Changes to our privacy policy

The terms of this Privacy Notice may change, so please recheck periodically. This statement was last updated 15th May 2018