Visiting our website
Why we collect your data
We will only collect personal data where you have submitted this on one of our webforms. If you want to get advice by email, we need to ask you some questions about your personal and housing situation in order to ensure that the advice we give is accurate and appropriate to your situation. We also have to provide some information to our funders in order to give a demographic breakdown of who is using our online service. We will then record this information on our secure case recording system, which is provided by Advice UK and ACM Solutions. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
When we respond to your request for advice, whether by email or through our chat service, we may ask you to provide feedback. This feedback is gathered through a third party website but can be provided anonymously.
Disclosure of your personal data
We will not share any of your personal data to any third party – except where:
- the transfer is to a secure data processor, which carries out data processing operations on our behalf (please see section 13 for more information)
- we are required to do so by law, for example to law enforcement or regulatory bodies where this is required or allowed under the relevant legislation
- it is necessary to protect the vital interests of an individual
- we have obtained your consent
We will never share or sell your personal data to a third-party organisation for marketing, fundraising, or campaigning purposes.
Transfers of data outside of the European Economic Area
We use Microsoft Office 365 and Azure products, which are multi-tenant cloud services, for our internal office use. This means that internal documents and information generated by us are stored in cloud services hosted within the European Economic Area (EEA).
Retention of your data
Whatever your relationship with us, we will only store your information for a specified amount of time and no longer than necessary.
The length of time that data will be kept may depend on the reasons for which we are processing the data and on the law or regulations that the information falls under, such as financial regulations, Limitations Act, Health and Safety regulation etc., or any contractual obligation we might have – such as with government contracts or if we have a business case, such as with research data. For business case data, we will anonymise the data so no individual is identifiable.
Subject to the above, we will typically store data relating to people to whom we provide services to for a maximum of seven years after completion of those services. .Once the necessary retention period has expired, the information will be confidentially disposed of or permanently deleted.