Privacy Policy
Access All Aerials is a service of Community Equality Disability Action (CEDA), we share their commitment to respecting your privacy and protecting your personal information. We promise to respect all personal information that you share with us, or we receive from other organisations, and keep it safe. We will be clear when we collect your personal information and we will not do anything you would not
reasonably expect us to.
This privacy policy, together with our terms and conditions and cookies policy, will explain how and why we use your personal information, to ensure you remain informed and in control of your information. So that CEDA and Access All Aerials Radio can provide services to the people we support we collect and use
certain personal information about you.
The data that we hold is managed in line with the General Data ProtectionRegulation (GDPR), which applies in the United Kingdom and across the European Union which sets out our obligations to you and your rights in respect of how we manage your personal information. CEDA will ensure that the personal information we hold about you is:
-Used lawfully, fairly and in a transparent way
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
-Relevant to the purposes we have told you about and limited only to those purposes
- Accurate and kept up to date
- Kept only as long as necessary for the purposes we have told you about
- Kept securely
If you have any questions about this privacy promise or would like further explanation as to how your personal information is managed then please contact us, see details at the end of this policy.
Information collected by CEDA
When you enquire about our services through our website, phone, email, post, face to face or social media, and during the course of providing services to you we collect the following personal information when you provide it to us:
- Your name, home address, date of birth and contact details (including your telephone number, email address) and emergency contacts (i.e. name, relationship and home and telephone numbers)
-Your feedback and contributions to questionnaires and surveys about the service we offer
- Your complaints, compliments or concerns about the service we provide
- Any safeguarding or welfare concerns
- Your image can be captured on CCTV which is in operation around the Clare Milne Centre and at our studios in Marsh Barton
-When using our website, we collect standard internet log information(commonly known as cookies), including:
- IP address
- Details of the pages you visit
-General details about the type of computer or device that you are using
The personal information we gather through our website is for statistical information only which we collect in order to find out the numbers of visitors to our site and the pages they have visited. This information is collected in such a way that it is not used to identify individuals. Where we do collect personal information on the website, this will be made obvious to you through the relevant pages. See our full cookie policy for more information. Please be aware that our website may provide you with links to other websites. If you follow a link to any other website please note they have their own privacy promises. We do not accept any responsibility or liability for the privacy and security practices of such third-party websites and your use as
such is at your own risk.
We will share minimal and relevant information within CEDA in order to provide safe and effective services to you.We will not share, sell or trade your personal information with any other third party without your consent. Electronic data and databases are stored on secure computer systems and we control who has access to them. Our staff receive data protection training and we have data protection policies and procedures in place which teams are required to adhere to.
We regularly review who has access to information that we hold to ensure it is only accessible by trained staff and contractors. In order to deliver our service to you we rely on third parties to provide specialist support to us. To provide this support they will have access to, or a duty of care over your personal information. These providers are:
- IT and Telecoms Support companies – to ensure the safe, secure and resilient operation of our IT infrastructure including computers, servers, phones and mobile devices
- Software support companies – to provide specialist support and resolve issues with the software that we run, for example the systems we use to store and manage your customer records
- Data archiving companies – responsible for the secure storage and destruction of records.
These providers are under a written contract to ensure the same level of privacy and security that we promise to you.
Whether information has to be provided by you, and if so why Information regarding your disability and any other relevant conditions is necessary to enable us to create a care plan and to provide you with suitable
services. Without this information, we will not be able to assess your support needs or provide any services to you.
How long your personal information will be kept
-We will hold the personal information kept within your electronic customer file for the length of your contract plus 3 years, for children this will be until the young person reaches the age of 24 and has left our
services for 3 or more years
- We will hold the personal information kept within your hard copy customer files for 3 years from the date of the last entry
- We will hold the personal information kept within our feedback procedure for 2 years so that we can identify trends and patterns in our service
-We will hold financial records and transactions for 7 years in line with our legal requirements
- All safeguarding records will be held indefinitely
Reasons we can collect and use your personal information
We rely on the following grounds within the GDPR:
- Article 6(1)(a) – processing is conducted with your consent to process personal data for specified purposes
- Article 6(1)(b) – processing is necessary for the performance of our contracts to provide individuals with care and support services
- Article 6(1)(c) – processing is necessary for us to demonstrate compliance with our regulatory framework and the law
- Article 6(1)(f) – to process your personal data in pursuit of legitimate interests, which include;
Marketing purposes – the privacy impact on you is expected to be minimal. Marketing will be specific to services we believe are of interest to you using information from enquiries we receive from you, you can unsubscribe at any time
Corporate due diligence and financial modelling, servicedevelopment and innovation – the privacy impact on you is expected to be minimal. We will process your data internally to ensure our business is stable, trusted and innovating to provide the best possible service to you
GDPR recognises that additional care is required when processing special category (sensitive) data such as your health. We process this under the following grounds within GDPR;
- Article 9(2)(h) – processing is necessary for the provision of social care or the management of social care systems and services
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
How to contact us
You can contact us by:
Email info@cedaonline.org.uk
Post – Data Protection Officer, CEDA, The Clare Milne Centre, Emperor
Way, Exeter Business Park, Exeter, EX1 3QS
Telephone – 01392 360645
If you would like to exercise any of those rights, please:
1. Contact us using the details above – making clear that you wish to exercise one of your privacy rights
2. Let us have enough information to identify you (e.g. your name and
address). We may ask you for additional identification if we do not know you.
3. Let us know the information to which your request relates
If you would like to unsubscribe from any marketing emails you can also click
on the ‘unsubscribe’ button at the bottom of the marketing emails. It may take up to 14 days for this to take place
Keeping your personal information secure
The confidentiality and security of your information is of paramount importance
to us. We have appropriate organisational and technical security measures in
place to prevent personal information from being accidentally lost, or used or
accessed in an unauthorised way. We limit access to your personal information
to those who have a genuine need to know it. Those processing your
information will do so only in an authorised manner and are subject to a duty
of confidentiality.
We also have procedures in place to deal with any suspected data security
breach. We will notify you and any applicable regulator of a suspected data
security breach where we are legally required to do so.
How to complain
We hope that we can resolve any query or concern you raise about our use of
your information.
The GDPR also gives you right to lodge a complaint with a supervisory
authority, in particular in the European Union (or European Economic Area)
state where you work, normally live or where any alleged infringement of data
protection laws occurred. The supervisory authority in the UK is the
Information Commissioner who may be contacted
at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Data Protection Officer, CEDA, The Clare Milne Centre, Emperor Way, Exeter
Business Park, Exeter, EX1 3QS
Telephone 01392 360645
Email info@cedaonline.org.uk
Do you need extra help?
If you would like this privacy promise in another format (for example, in audio,
large print or braille) please contact us.