Reducing the Risk (RtR) maintains a database of information about Domestic Abuse Champions (both past and current), training attendees, donors, subscribers to our e-bulletin, and other friends of RtR in order for us to stay in touch and keep you updated about news, events, training, fundraising activities and other areas of interest.
We are committed to protecting and respecting your privacy and this Policy sets out what information we collect about you, where and how we use (“process”) it. This applies whether you:
In both instances (individuals with offline database records and individuals with online profiles), we collect and store personal information (or “data”) about you.
We may change this Policy from time to time. If we make any significant changes we will advertise this on the website or contact you directly with the information. Please check this page occasionally to make sure you are happy with any minor changes.
For the purposes of the General Data Protection Regulations (GDPR) and any subsequent UK legislation covering data protection, the Data Controller is Reducing the Risk.
If you have any questions regarding this Policy or your personal information, please get in touch with the Data Controller at email@example.com.
The type of personal information we collect
The information we have about you depends on where we collect it, and what your relationship with Reducing the Risk is, but may include:
Where we collect information from
We may collect personal information when you:
How we use your information
We will use your personal information in a number of ways, always with a legal basis for processing your data. These may include:
We may share some Domestic Abuse Champion data with:
Please note that if you are registered with our online community of Domestic Abuse Champions, the information we share about you, with your consent, is the information you provide us with when you register. You are responsible for the accuracy of the information we hold on you. Please will you check its accuracy when you register, and update it when necessary. We are not able to double-check it and cannot take responsibility if it is not correct.
Our legal basis for processing your information
The use of your information for the purposes set out above is lawful because one or more of the following applies:
A fourth basis applies if you are a Domestic Abuse Champion, and it is necessary for us to hold and use your information to carry out our obligations under a contract entered into with the Local Authority or organisation you are a Domestic Abuse Champion for.
Updating your consent preferences
If you have an online profile on this website you can update your consent options by logging-in and clicking on “My Settings” in your profile. Scroll down to find your ‘Consent options’ where you will see a list of consents and the options “opt-in”, “opt-out” and “unspecified”.
Via ‘My Settings’ you can also choose to hide your profile from Google, limit access to your profile so that it’s only viewable to your connections and adjust some of the automatic notifications that you receive from this website. Please note that your name (but not full profile) may appear in various places around the community website, such as a ‘Recent Joiners’ box and in ‘Search’ results irrespective of the privacy settings you have selected.
If we are using consent as our legal basis for processing your data, we must have an explicit “opt-in” from you for this specific type of processing. When we review our consent options and add in additional features, you may be asked to confirm your consent again and “opt-in”.
If we are using legitimate interests as our legal basis for processing your data, we will process your data responsibly in a way that you would reasonably expect, and you can opt-out at any stage.
If you click ‘unsubscribe’ at the bottom of one of our emails sent you will be automatically opted-out of these types of email communications in the future.
If you want to contact us about your consent preferences please contact the Data Controller by email: firstname.lastname@example.org.
How we keep your information safe
We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.
Your data is stored on a dedicated, secure cloud server hosted by Amazon Web Services (AWS) in the EU and managed by our website provider, ToucanTech. Industry-standard firewalls, anti-virus, encryption and back-up methods are in place, as well as strict data handling protocols.
We always ensure only authorised persons have access to your information, which means only our approved employees and contractors, and that everyone who has access is appropriately trained in data management.
If you have an online profile for this website you are responsible for keeping your login details (email and password) confidential and we ask that you do not share your password with anyone. Breach of this may result in restricted access to the site.
No data transmission over the internet can be guaranteed to be completely secure. So, whilst we strive to safeguard your information, we cannot guarantee the security of any information you provide online and you do this at your own risk.
Who has access to your information?
We will not share your personal information with any other third parties without your express consent. The only exception is if we have reason to believe it is necessary in order to safeguard an adult at risk or child.
Keeping your information up to date
Please keep your contact details up to date. Online members can update their details directly by logging in to the website and clicking on ‘My Settings’ under your profile. You can also update your details by contacting us at email@example.com.
How long we keep your information for
We will hold your personal information for as long as it is necessary for the relevant activity.
Where we rely on your consent to contact you for direct email marketing/ fundraising purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for 2 years. We may periodically ask you to renew your consent.
If you ask us to stop contacting you, we will keep a record of your contact details and the limited information needed to ensure we comply with your request. If you ask us to remove your personal data from our database we will delete all the information we hold out apart from your name and archive your record in our database.
You have the right to request details of how we use your personal information through making a subject access request. Such requests have to be made in writing by emailing Reducing the Risk on firstname.lastname@example.org.
You also have the following rights:
All of these rights are subject to certain safeguards and limits or exemptions. To exercise any of these rights, you should contact Reducing the Risk at the above email address.
If you are not happy with the way in which we have processed or dealt with your information, we would appreciate hearing from you first via email@example.com. If you are not satisfied with the way your complaint or query has been handled, you can contact the Information Commissioner’s Office here https://ico.org.uk/.
This Policy was last updated in February 2021.