What is personal data?

‘Personal data’ means any information that can be used to identify a living person, either on its own or with any other information that a data controller holds or is likely to come across. The processing of this data is governed by the General Data Protection Regulation 2016 (GDPR).

New Roots acts as the data controller for information we hold about our email subscribers. This means that we decide how that personal data is processed and for what reasons.

We take privacy very seriously, and we will only use your personal data to meet our contractual needs and, where necessary and not in violation of your individual rights, our legitimate interests as an employer and supported housing provider.

How do we collect your personal data?

All of the personal data that we process about you will come directly from you or be collected when you visit our website.

How do we use your personal data?

New Roots complies with our obligations under the GDPR by:

• Keeping your personal data up to date;
• Storing and destroying it securely;
• Not collecting or retaining information longer than necessary;
• Protecting data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place.

Consent

With your permission, we will only use your personal information to keep you informed of our news, events, activities and services by email; and to respond to any enquiries you may make through the New Roots website.

Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

For more information on how we use cookies, please see our Cookie Policy.

Who might we share your information with?

Your personal data will be kept strictly confidential and only be shared with:

• Charity Checkout, who manage the New Roots website;
• MailChimp, who we use to produce and send our e-newsletter (please see their Privacy Notice for more information).

How long do we keep your personal information?

If you do grant consent to receive our newsletter, you can withdraw it at any time by contacting matthewpickering@newrootshousing.org.uk or clicking the unsubscribe link on any previous email.

If you contact New Roots through our website’s contact form, we will keep your personal data for a period of 2 years, to allow us to maintain effective records of enquiries for a reasonable period.

Finally, for details on how to disable and delete cookies, please see:

• For the New Roots website, our Cookie Policy;
• For the newsletter, MailChimp’s Cookie Policy.

What rights do I have?

Unless subject to an exemption under the GDPR, you have a number of rights with respect to your personal data:

• The right to request a copy of the personal data that New Roots holds about you;
• The right to request that we correct any personal data found to be inaccurate or out of date;
• The right to request the erasure of your personal data when it is no longer necessary for New Roots to retain it;
• The right to withdraw consent to processing at any time (where applicable);
• The right to request that New Roots provide my personal data and, where possible, transmit it directly to another data controller (where applicable);
• The right, where there is a dispute about the accuracy or processing of your personal data, to request a restriction on further processing;
• The right to object to the processing of personal data (where applicable);
• The right to lodge a complaint with the Information Commissioner’s Office (ICO).

Transfer of data abroad

MailChimp

MailChimp may process your personal data anywhere in the world where it, its affiliates or sub-processors maintain operations, including:

• Akamai (Massachusetts, USA);
• Amazon (Washington, USA);
• E-Hawk (New York, USA);
• El Camino (California, USA);
• FullContact (Colorado, USA);
• Google (California, USA);
• Neustar (Virginia, USA);
• R. Donnelley (Illinois, USA);
• Slack (California, USA);
• TaskUs (California, USA);
• Zendesk (California, USA).

When processing data outside of the EU, compliance with the GDPR will be managed by self-certification with the Privacy Shield Framework.

Further processing

If we wish to use your personal data for a new purpose, New Roots will provide you with an explanation and set out the relevant purposes and processing conditions, before commencing. Where and whenever necessary, we will also seek your consent.

Contact details

• New Roots Housing Project, 2-4 Overend Road, Worksop, Nottinghamshire, S80 1QF (01909 501732)
• info@newrootshousing.org.uk

• Privacy Officer: Matthew Pickering (01909 501732 / 07890 191998)
• matthewpickering@newrootshousing.org.uk

• The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF (0303 123 1113)
• https://ico.org.uk/global/contact-us/email/