How we use your data
Who are we?
We are LACE Housing Limited.
If you have any questions about this Policy, or about how we look after your data generally, please contact Anne Graves via firstname.lastname@example.org.
LACE Housing Limited (‘we’ or ‘us’ etc), is a ‘data controller’. This means that, under the General Data Protection Regulation (GDPR), we may control and process your personal data and, in certain circumstances, special categories of data (previously known as sensitive data).
We take privacy very seriously. We are committed to keeping your data secure and processing it fairly and lawfully. We ask that you read this policy very carefully because it contains important information about how we process your personal data.
This policy is aimed at our clients, service users, staff and any other third parties interacting with us.
Personal data we may collect about you
We may obtain personal data about you (such as, but not limited to, your name, address, contact details, medical conditions and history, personal and social circumstances, likes and dislikes, payment details, financial information) whenever you complete a form for us, whether online or in person.
We may also collect information about you when our staff speak to you about our services.
We may also receive information about you from other sources (such as relatives, referral agencies, commissioning bodies, strategic partners or your solicitors or accountants) which we will add to the information which we already hold about you.
How we use your personal data
We may use your data for one or more of the following purposes:
- As part of delivering our services to you
- Providing you with housing and extra care
- Where we consider it necessary to be in your vital interests
- Where we are legally required to do so, such as because of a contractual obligation owed to a third party, such as a commissioning body
- For the purposes of assessing your application for services or housing
- Research, statistical analysis and behavioural analysis
- Direct marketing, where you have specifically consented
- Fraud prevention and detection
- Taking and processing payments
- Customising our website and its content to your particular preferences
- To notify you of any changes to our website or to our services which may affect you
- Security vetting
- Improving our services
Marketing and opting out
We will not contact you for the purposes of direct marketing unless you have asked us to do so. However, if you have asked us to do so and later your change your mind, you can opt-out at any time with no hassle. To do this, just let us know. See further 'Your rights' below for details about how to contact us.
Who has access to your personal information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf: We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.
Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Disclosure of your sensitive data
Your sensitive data (now called Special Categories of Data under the GDPR) includes information about you concerning:
(a) racial or ethnic origin,
(b) political opinions,
(c) religious beliefs or other beliefs of a similar nature,
(d) whether you are a member of a trade union;
(e) your physical or mental health or condition,
(f) your sexual life,
(g) the commission or alleged commission by you of any offence
We may disclose personal data, which may include special categories of data, to:
- Other organisations that we work with in partnership to provide services, such as organisations within the Blue Sky Consortium, or Lincs Independent Living Partnership where it is necessary to do so as part of our work with you;
- Our commissioning bodies, such as Lincolnshire County Council;
- Our solicitors, accountants, property agents and other professional advisors;
- External bodies where it is in your vital interests, such as Lincolnshire Safeguarding, the emergency services or Adult Social Care
- Law enforcement agencies in connection with any investigation to help prevent unlawful activity
To enable us to make decisions about you and for fraud prevention and money laundering purposes, we (or our agents) may search the files of credit reference and fraud prevention agencies (who will record the search). We may disclose information about how you conduct your account to such agencies and your information may be linked to records relating to other people living at the same address with whom you are financially linked. Other credit grantors may use this information to make credit decisions about you and the people with whom you are financially associated, as well as for fraud prevention, debtor tracing and money laundering purposes. If you provide false or inaccurate information and we suspect fraud, we will record this.
Keeping your data secure
We will use technical and organisational measures to safeguard your personal data, for example:
- Access to our systems is controlled by password and username which are unique to the user;
- We store your electronic personal data on secure servers;
- We store your paper records in locked fire-proof storage rooms;
- We train our staff in good records management;
- Payment details are encrypted
Non-sensitive details (your contact details and preferences for example) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Transferring your information outside of europe
We may store your data temporarily on our cloud service operated by Google. This may include limited special categories of data. We have taken appropriate steps to satisfy ourselves that your data will be secure during this process; we have a contractual relationship with Google that underpins this. As part of that security, Google may store your data in one or more or its international data centres, meaning that your data may be stored temporarily outside of the European Economic Area. If you have any concerns about this, please contact us using the details below.
Information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
- Give consent on his/her behalf to the processing of his or her personal data
- Receive on his/her behalf any data protection notices
How long do we keep your data for?
As a general rule, we will not keep your data for any longer than is necessary to complete tasks or provide you with services. We have a separate policy setting out retention periods for specific types of data. You can ask to see this policy by writing to us, using the contact details under the “Your Rights” section below. You also have the right to ask us to delete your data (sometimes known as ‘the right to be forgotten’.)
- Track your use of the site;
- Recognise you whenever you visit this website (this speeds up your access to the site as you do not have to log on each time);
- Obtain information about your preferences, online movements and use of the internet;
- Carry out research and statistical analysis to help improve our content, products and services and to help us better understand our visitor/customer requirements and interests
- Target our marketing and advertising campaigns more effectively
- Make your online experience more efficient and enjoyable
If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of this website. For further information about cookies and how to disable them please go to: www.aboutcookies.org or www.allaboutcookies.org
You have various rights under the GDPR, including the right to:
- request access to, deletion of or correction of, your personal data;
- request your personal data be transferred to another person; and
- complain to the Information Commissioner’s Office (ICO).
To exercise any of your rights concerning your information, please send an email to the following address:
Or to our postal address:
LACE Housing Limited
2 Olsen Rise
We may ask you to provide us with proof or your identity. Please do not be offended; this may occur even if we know you. It is a requirement of the GDPR in some cases.
For details of how to contact the ICO, see their website https://ico.org.uk/global/contact-us/
This Policy was last reviewed in March 2018.