Relatives & Residents Association

We support, inform and speak on behalf of older people in care

Menu

Privacy Notice

What personal data does R&RA collect

We collect information directly from helpline users, who telephone, email or write to us. This includes names, contact details and information about the issue with which they are seeking advice and support.

We store data given to us by members who have joined R&RA.

We maintain records for members of staff in line with statutory requirements and good practice. We store information about volunteers.

We maintain a mailing list of members, users of the helpline and other contacts, who have given permission to be included as recipients of our news bulletin via our online marketing service Mailchimp. Mailchimp has its own privacy notice which you can read here

 

What is this personal data used for

We use information provided by helpline users to understand and try to resolve the issues they are raising and to contact them to provide updates and support.

Information from members is used for communication, including the e-bulletin, notice of the AGM and other meetings and membership administration. The mailing list is used for the e-bulletin and other news about R&RA and its work.

 

Who is data shared with

We do not share personal information provided by helpline users without their knowledge and consent. There may be rare occasions, when there appears to be a need to safeguard the user or another individual or their family, when it would be necessary for us to contact the relevant statutory authorities.

We do not share information about members of R&RA or other contacts on our mailing list, nor do we sell information for marketing or other purposes.

 

How is data stored

Most of our data is stored in digital form and we use various cloud services that comply with the GDPR, such as Mailchimp.

The remaining information is stored as written documents in our office.

 

Who is responsible for ensuring compliance

Under the GDPR there is no statutory requirement for R&RA to have a Data Protection Officer. The person who ensures that R&RA meets its obligations under the GDPR is the Chief Executive, who can be contacted regarding data protection at dataprotection@relres.org.

 

Who has access to personal data

Members of staff have access to helpline users’ data so that they can provide advice and support. A small number of people who assist with helpline enquiries on a voluntary basis also have access to the data when covering for a member of staff.

Staff have access to members’ data to carry out their legitimate tasks, including informing members of the date of the AGM and sending the e-bulletin.

Trustees of R&RA may be given access to the data to undertake their roles as officers of the organisation.

 

What is the legal basis for collecting this data

R&RA collects personal data for the purpose of its legitimate interests as a provider of a helpline service and as a membership organisation.

Information about employed staff is held as part of their contractual arrangements and in line with legal obligations.

Information about volunteers is held with their written consent.

Personal data relating to financial matters is retained to comply with legal obligations.

 

How you can check what data R&RA holds about you

We undertake to provide you with the data we hold about you in response to a written request by letter or email. We may need to take steps to verify the identity of the person making the request to ensure confidentiality.

Please contact dataprotection@relres.org for assistance if you wish to check the personal data we hold about you.

 

How you can ask for data to be removed, corrected or limited

Helpline users can withhold personal information when contacting R&RA. Staff are always willing to provide advice to users who do not wish to be identified, though this may limit the help that can be given and require the caller to re-state the matter during future contacts, as the record kept will be anonymous.

Current members can restrict the information given but R&RA does need a means of contacting all members and will not be able to claim gift aid without a valid address. Members can ask to be removed from the membership list at any time.

 

How long does R&RA keep personal data and why

Helpline personal data is stored in an anonymised form after 6 months from the last date of contact. This enables R&RA to identify trends and issues to inform campaigns and the work of the organisation but does not allow individual callers or their relatives to be identified.

Members personal data is deleted immediately on request or when membership lapses. Some personal data may be kept relating to R&RA’s claims for gift aid in line with the requirements of HMRC.

The personal data of staff is retained for the legally required period, including information  relating to payroll and pensions. The personal data of former employees is kept for 6 years after the end of their employment.

 

May 2018

Helpline

020 7359 8136

Open 9.30-4.30 Mon-Fri

We take the time to listen

Our Helpline advisers are real experts in the care field and happy to cope with referrals from other advice or befriending lines when more in-depth knowledge is needed.

Read More

View Case Studies

News

View all news

Subscribe to our e-Bulletin

* indicates required