Skip to main content

Privacy Policy

 

Our privacy policy

 

Looking after your private information

The City Mental Health Alliance C.I.C. (“we”) is committed to making sure your privacy is protected. We do this by looking after your personal information carefully and keeping it private from other people. The City Mental Health Alliance C.I.C. is the data controller and is responsible for processing data lawfully under the General Data Protection Regulations (GDPR).

What type of information do we collect?

The City Mental Health Alliance C.I.C. will collect your personal data to ensure we can keep you informed about our work, membership activities, training opportunities, member events and other activities that we believe you have an interest in hearing about.

Information we collect may include your full name, preferred name, job title, business telephone number and email address, business name and postal address, size of business and date(s) of membership.

In cases where you are participating in one of our events, training courses or other activities, we may also collect other information about you or your needs (for example, information on your access requirements, dietary requirements or emergency contacts).

Where you are paying for membership or other services we offer (such as our training or other additional services), we may also collect billing information, including some or all of the following: company unique tax reference and/or registration number, company registered address and billing contact information.

We may also record details of your interactions with us. For example, we may collect notes from our conversations with you, details of any complaints or comments you make, details of courses and events you attended, and how and when you contact us.

We may also collect your social media username(s), if you interact with us through those channels, to help us respond to your comments, questions or feedback.

If we employ or engage you in connection with delivering training courses, consultancy or other activities that we manage, we may also collect and store your bank details so that we may pay you.

We may also gather information by the use of cookies in your web browser. You can learn more about how we use cookies and similar technologies by reading our Cookies Policy here.

How and why do we use your personal data?

We want to give you the best and most relevant information, advice and membership experience. We can do by combining the data we have about you to get the best picture we can of who you are.

With your consent, we may use your personal data, preferences and details of your transactions to keep you informed by email, web, text, telephone or post about new resources, member information, products and other services that are most likely to be of interest and relevance to you.

We may also use it to respond to your queries, requests and complaints. Handling the information you sent enables us to respond. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing the best service and understanding how we can improve our service based on your experience.

We may also use it to send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Policy or legally required information relating to your membership. These service messages will not include any promotional content and do not require prior consent when sent by email or text message. If we do not use your personal data for these purposes, we would be unable to comply with our legal obligations.

The data privacy law allows this as part of our legitimate interest in understanding our members and other individuals and in providing the highest levels of service.

Of course, if you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below. You are free to opt out of hearing from us by any of these channels at any time.

Please note, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for. For example, if you’ve asked us to let you know when we are next running a specific member seminar, we can’t do that if you’ve withdrawn your general consent to hear from us.

We will not collect or keep personal information about you unless we need it.

We will not collect more information than we need and we will not keep it longer than we need to.

You can ask us to remove your personal information at anytime - see the ‘What are my rights?’ section below.

Photographs and films:

We sometimes take photographs and film at our sessions and events. Before taking any images we will ask for verbal consent from those people we will be filming so that the photographs and films may be used by the CMHA for our website, flyers, publicity, etc.

How do we protect your personal data?

We know how much data security matters to you, so we treat your data with the utmost care and take all appropriate steps to protect it.

Access to your personal data is password-protected.

We regularly monitor our system for possible vulnerabilities and attacks.

How long will we keep your personal data?

Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

Who do we share your personal information with?

All the personal data we hold about you is only processed by our staff.

Some of our service providers may have access to your data in order to perform services on our behalf – e.g. our accountancy firm in order to manage billing. We make sure anyone who provides a service for us meets our standards for data security. They will not use your data for anything other than the service that they are providing and will destroy your data after providing the service.

No other third parties have access to your personal data unless the law allows them to do so.

What are my rights?

Under data protection law, you have rights including:

  • Your right of access: you have the right to ask us for copies of your personal information.
  • Your right to rectification: you have the right to ask us to correct information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure: you have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing: you have the right to ask us to restrict the processing of your information in certain circumstances.
  • Your right to object to processing: you have the the right to object to the processing of your personal data in certain circumstances.
  • Your right to data portability: you have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

How to contact us

Please contact us using the following contact information if you wish to make a request.

FAO: Data Processing Officer

City Mental Health Alliance C.I.C., 60 Alington Grove, Wallington, Surrey, SM6 9NG

cmha@citymha.org.uk

How to complain

You can also complain to the ICO if you are unhappy with how we have used your data. The ICO’s address is:

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Their Helpline number is: 0303 123 1113