Why we use your personal information

We use your data for the following purposes:

• For the provision of your health and social care and/or education services (e.g. to help make informed decisions about your care/education, ensure that treatment is safe and effective etc.);
• To work effectively with other persons or organisations who may be involved in your care;
• To ensure our services can meet future needs;
• To review care / education provided and to ensure it is of the highest standard possible;
• To train healthcare / education professionals;
• To provide regular communications regarding the Brainkind’s activities;
• To create publicity materials to promote the Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• To provide quantitative and qualitative information on our performance;
• To monitor Brainkind’s finances;
• For audit purposes;
• For service evaluation purposes;
• To send you newsletters regarding Brainkind’s activities;
• For use in our internal publications such as Managers Bulletin and internal magazine;
• For financial reporting;
• For external use such as Annual Review;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services (i.e. via postal and electronic marketing);
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our events (i.e. via postal and electronic marketing).

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected in a number of ways, via Education, NHS and other health and social care authorities/organisations and professionals, via referral details from your Commissioners, via your family members (or guardians) or directly given by you.

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list): –

• Unique identifiers and reference numbers that we or others have allocated to you (e.g. NHS, NI and other numbers);
• Your Name;
• Your Address;
• Your Date of Birth;
• Photographs of you;
• Contact we have had, such as appointments and home visits Your Health (historic and current)
• Your social care needs;
• Your Activities;
• Your Education;
• Details and records of treatment and care, including notes and reports about your health;
• Information from people who care for you and know you well, such as health professionals and extended relatives or friends;
• Your financial information, including, where relevant, details of your income and expenditure, bank details and transactions with us and other organisations.
• Your Next of Kin and family (e.g. their relationship to you, address, contact details etc);

The information we collect about you may also include special categories of personal information such as sexuality, race, your religion or beliefs, and whether you have a disability, allergies or health conditions.

Where possible, when using your information to communicate with other persons or organisations that may be involved in your care, non-identifiable (pseudonymised) information will be used.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis that processing is necessary for the performance of a task carried out in the public interest and for the provision of health or social care (referred to in the GDPR Article 6(1) (e) and Article 9(2) (h).

This is based upon the following: –

It is important for us to have a complete picture, as this information assists staff involved in your care to deliver and provide improved education, appropriate treatment and care plans, to meet your needs. We also need your information to administer our service to you, including: –

• processing payments in relation to your service;
• keeping an accurate history of transactions;
• sending service statements;
• communicating with you about your service and your relationship with us;
• notifying you of any changes.

There is also likely to be significant benefit from using your information to deliver education, care and improve services across Brainkind, NHS and social care. For example, your information can be used to help: –

• Improve individual care/education
• Understand more about mental health and contributing factors
• Improve diagnosis
• Develop new treatments
• Plan services
• Improve patient safety
• Evaluate Government, NHS and Social Care policy

It helps you because: –

• Accurate and up-to-date information assists us in providing you with the best possible care
• If you see another education/healthcare professional, specialist or an NHS and/or Social Care organisation or Education Authority, we can readily access the information they need to provide you with the best possible care.

Consent – We will obtain your permission, prior to publication, for the inclusion of your information on our or other website(s), social media, press articles and/or case studies (i.e. we will always obtain your fully informed, freely given, consent).

Legal Obligation – For cases where you may have withdrawn consent from or objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

If you are 16 or Under

We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.

Who we may share your personal information with

Information sharing is governed by specific rules and law. To provide the best care possible, sometimes we will need to share information about you with others, this may include: –

• A range of NHS and/or Non-NHS Health and Social Care organisations whom you currently, or are going to, receive care (e.g. GPs, Hospitals, previous community-based or residential care homes, social services or private healthcare organisations).
• A range of Education Authorities;
• Regulatory bodies (e.g. Care Quality Commission, Care Inspectorate Wales, Health Improvement Scotland etc);
• Legal Representation (e.g. Brainkind’s own or your own nominated Representation)
• However, we will not disclose any health information to third parties without your explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk or where the law requires the disclosure of information. We may also be asked to share basic information about you, such as your name and parts of your address, which does not include sensitive information from your health records. Generally, we would only do this to assist them to carry out their statutory duties (such as usages of healthcare services, public health or national audits). In these circumstances, where it is not practical to obtain your explicit consent, we are informing you through this notice, which is referred to as a Privacy Notice.

Where your information is shared with other organisations, a Contract and/or Information Sharing Agreement is drawn up to ensure information is shared in a way that complies with relevant legislation.

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.: –
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote the Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology providers.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• For the provision of your health and social care and/or education services to the people we support (e.g. to help make the informed decisions that we make about your relative’s care);
• To work effectively with you and other persons or organisations who may be involved in your relative’s care;
• To provide regular communications regarding the Brainkind’s activities;
• To create publicity materials to promote Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For audit purposes;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities
• For use in our internal publications such as Managers Bulletin and internal magazine;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected in a number of ways (e.g. via other health and social care organisations or professionals with whom the Service User may have been receiving care, via referral details from Commissioners, via Service Users or directly given by you).

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list): –

• Your Name;
• Your Address;
• Your Date of Birth;
• Your contact details;
• Contact we have had, such as appointments and home visits.
• Your visits to the Brainkind’s premises;
• Your relationship with the Service User.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of Legitimate Interest, based upon the general principles that:

Legitimate Interests

It is important for us to have a complete picture of the Service Users background, as this information assists staff involved in their care to deliver and provide improved care and to deliver appropriate treatment and care plans, to meet their needs. There is also likely to be significant benefit from using your information to deliver education, care and improve health, care and education services across Brainkind, NHS and social care. For example, your information can be used to help:

• Improve individual care / education
• Understand more about mental health and contributing factors
• Improve diagnosis
• Develop new treatments
• Plan services
• Improve patient safety
• Evaluate Government, NHS and Social Care policy

It helps you because: –

• Accurate and up-to-date information assists us in providing you with the best possible care;
• If the Service User sees another healthcare professional, specialist or another part of the NHS and/or Social Care, they can readily access the information they need to provide you with the best possible care.

Consent

We will obtain your permission for the purpose of contacting you in relation to future fundraising campaigns, events and/or sending newsletters and inclusion of your information on our or other website(s), social media, press articles and/or case studies (i.e. we will always obtain your fully informed, freely given, consent).

Legal Obligation

For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

If you are 16 or Under

We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.

Who we may share your personal information with

Information sharing is governed by specific rules and law. To provide the best care possible, sometimes we will need to share information about you with others, this may include: –

• A range of NHS and/or Non-NHS Health and Social Care organisations and Professionals whom the Service User currently is, or is going to, receive care (e.g. GPs, Hospitals, previous community-based or residential care homes, social services or private healthcare organisations.
• A range of Education Authorities;
• Regulatory bodies (e.g. Care Quality Commission, Care Inspectorate Wales etc);
• However, we will not disclose any health information to third parties without your explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk or where the law requires the disclosure of information. We may also be asked to share basic information about you, such as your name and parts of your address, which does not include sensitive information from your health records. Generally, we would only do this to assist them to carry out their statutory duties (such as usages of healthcare services, public health or national audits). In these circumstances, where it is not practical to obtain your explicit consent, we are informing you through this notice, which is referred to as a Privacy Notice.

Where your information is shared with other organisations, a Contract and/or Information Sharing Agreement is drawn up to ensure information is shared in a way that complies with relevant legislation.

• The Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.: –
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote the Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology providers.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• For the provision of your health and social care and/or education services to the Service User (e.g. to help make the informed decisions that we make about your relative’s care);
• To work effectively with you and other persons or organisations who may be involved in your relative’s care;
• To provide regular communications regarding Brainkind’s activities;
• To create publicity materials to promote Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For audit purposes;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities
• For use in our internal publications such as Managers Bulletin and internal magazine;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected in a number of ways (e.g. via other health and social care organisations or professionals with whom the Service User may have been receiving care, via referral details from Commissioners, via Service Users or directly given by you).

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list): –

• Your Name;
• Your Address;
• Your Date of Birth;
• Your contact details;
• Contact we have had, such as appointments and home visits.
• Your visits to Brainkind’s premises;
• Your relationship with the Service User.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of Legitimate Interest, based upon the general principles that:

Legitimate Interests

It is important for us to have a complete picture of the Service Users background, as this information assists staff involved in their care to deliver and provide improved care and to deliver appropriate treatment and care plans, to meet their needs. There is also likely to be significant benefit from using your information to deliver education, care and improve health, care and education services across Brainkind, NHS and social care. For example, your information can be used to help:

• Improve individual care / education
• Understand more about mental health and contributing factors
• Improve diagnosis
• Develop new treatments
• Plan services
• Improve patient safety
• Evaluate Government, NHS and Social Care policy

It helps you because: –

• Accurate and up-to-date information assists us in providing you with the best possible care;
• If the Service User sees another healthcare professional, specialist or another part of the NHS and/or Social Care, they can readily access the information they need to provide you with the best possible care.

Consent

We will obtain your permission for the purpose of contacting you in relation to future fundraising campaigns, events and/or sending newsletters and inclusion of your information on our or other website(s), social media, press articles and/or case studies (i.e. we will always obtain your fully informed, freely given, consent).

Legal Obligation

For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

If you are 16 or Under

We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.

Who we may share your personal information with

Information sharing is governed by specific rules and law. To provide the best care possible, sometimes we will need to share information about you with others, this may include: –

• A range of NHS and/or Non-NHS Health and Social Care organisations and Professionals whom the Service User currently is, or is going to, receive care (e.g. GPs, Hospitals, previous community-based or residential care homes, social services or private healthcare organisations.
• A range of Education Authorities;
• Regulatory bodies (e.g. Care Quality Commission, Care Inspectorate Wales etc);
• However, we will not disclose any health information to third parties without your explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk or where the law requires the disclosure of information. We may also be asked to share basic information about you, such as your name and parts of your address, which does not include sensitive information from your health records. Generally, we would only do this to assist them to carry out their statutory duties (such as usages of healthcare services, public health or national audits). In these circumstances, where it is not practical to obtain your explicit consent, we are informing you through this notice, which is referred to as a Privacy Notice.

Where your information is shared with other organisations, a Contract and/or Information Sharing Agreement is drawn up to ensure information is shared in a way that complies with relevant legislation.

• The Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.: –
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology providers.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To administer services including:
  • processing payments;
  • keeping an accurate history of transactions;
  • sending service statements;
  • communicating with you about the service and your relationship with us;
  • notifying you of any changes.
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and / or have notified Brainkind that you do not wish to be contacted and / or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and / or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities;
• For use in our internal publications such as Managers Bulletin and internal magazine;
• To create publicity materials to promote the Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For financial reporting;
• For external use such as Annual Review

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interests –on the basis that you have expressed an interest in our services and/or we need to administer the service and, if you are a business contact, in relation to future fundraising campaigns, events and/or sending newsletters, as you are also likely to benefit from knowing about: –
  • Changes/improvements to these services
  • Similar services we provide which may benefit potential service users

• Consent– For the purpose of contacting you, if you are a private individual, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology providers.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To acknowledge, process and thank you for your donation (unless no acknowledgement is required, or insufficient contact details have been provided);
• To process gift aid from HMRC on donations made;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities.
• To create publicity materials to promote the Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For use in our internal publications such as Managers Bulletin and dtFocus;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected via our Partners, Just Giving or Virgin Money or directly given by you.

We process the following types of personal information in relation to you (unless your donation is anonymous) – e.g. (this is not an exhaustive list): –

• Your Gender
• Your Title
• Your Name
• Your Contact Details (address, telephone number, email)
• Your Date of Birth
• Your donation preferences including Direct Debit/Standing Order details
• Your employment status
• Amount donated
• Gift Aid information
• Your bank details including any cheques provided etc.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interest – For the purpose(s) of acknowledging and thanking you for your donation and associated correspondence;
• Consent– For the purpose of contacting you in relation to future fundraising campaigns, events and/or sending newsletters and inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you and to fulfil our legal responsibilities for financial and gift aid reporting.

If you are 16 or Under

We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).

If you claim Gift Aid on a donation you make, we are required by HMRC to keep data related to your donation for six years after the tax year in which the donation was made. Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To acknowledge and thank you for your offer of support; unless no acknowledgement is required, or insufficient contact details have been provided;
• To send you information on Volunteering, Match Funding and Sponsorship/Advertising Opportunities;
• To provide you with further information about how to take part in an event, visit a service or how Brainkind can become your Charity of the Year;
• To process funds that your company has raised;
• To identify if you or your company have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising or publicity campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities.
• To create publicity materials to promote Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For use in our internal publications such as Managers Bulletin and dtFocus;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected via our Partners, Just Giving or Virgin Money or directly given by you.

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list):

• Company Name
• Company Address
• Name of contact
• Email of contact
• Job title of contact
• Social Media links
• Logos
• Banking Information
• Medical information (e.g. for marathons)
• Cause you would like to support
• Event/support giving

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of:

• Legitimate Interests – For the purpose(s) of acknowledging and thank you for your support, sending you a registration form and associated information, providing you with further information in relation to your leaving a gift in your will and processing payments you have made to Brainkind.
• Explicit consent (referred to in the GDPR Article 9(2) (a)– For the purpose(s) of processing your special category data (e.g. health)
• Consent– For the purpose of contacting you in relation to future fundraising campaigns, events and/or sending newsletters and inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

If you are 16 or Under

We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.: –
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years after your support was given (or in the case of gifting in a Will – 2 years after settlement). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To respond to your offer of, or thank you for, your voluntary support/contribution; unless no acknowledgement is required, or insufficient contact details have been provided
• To send you information in relation to volunteering opportunities;
• To ensure the safety of our volunteers, staff and customers;
• To process expenses;
• To carry out an awards programme;
• To help us measure our inclusion and accessibility across our volunteering programmes.
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• For reference in press/media articles and/or case studies;
• To send you newsletters regarding Brainkind’s activities.
• To create publicity materials to promote the Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For use in our internal publications such as Managers Bulletin and internal magazine;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected via our Partners (e.g. National Association for Voluntary and Community Access), or directly given by you.

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list):

• Your Name;
• Your Contact Details (address, telephone, email etc);
• The cause/event/activity you would like to volunteer for;
• Emergency contact details
• Bank details
• Contact preferences
• Ethnicity
• Gender
• Availability to volunteer
• Disability (including physical and mental conditions)
• Disclosure and Barring Service Screening (for criminal records)

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interest – For the purpose(s) of acknowledging and thank you for your voluntary support/contribution and sending you associated information;
• Explicit consent (referred to in the GDPR Article 9(2) (a) – For processing of your special category data (e.g. ethnicity, disability etc)
• Consent– For the purpose of contacting you in relation to future fundraising campaigns, events and/or sending newsletters and inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

If you are 16 or Under

We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.: –
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years after you have last volunteered with us. Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To acknowledge and thank you for your contribution;
• To invite and send you information regarding our Annual General Meeting;
• To invite you to renew your subscription with us (Note: applicable only to members)
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To process your subscription (Note: applicable only to Members).
• To send you newsletters regarding Brainkind’s activities;
• To create publicity materials to promote Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For use in our internal publications such as Managers Bulletin and dtFocus;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected via an appointment process and/or directly given by you.

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list):

• Your Name;
• Your Contact Details (address, telephone, email etc);
• Your Bank Details if you are a Member;
• Your background (e.g. experience, qualifications).

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interest – For the purpose(s) of general correspondence and if you are business contact, contacting you in relation to future fundraising campaigns, events and/or sending newsletters, financial reporting and annual reviews;
• Consent– For the purpose of contacting you, if you are a private individual, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

If you are 16 or Under

We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.: –
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is two years after the ceasing of relationship with Brainkind. Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To email or post to you a copy of the publication;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interest – as you have made a request for the publication and we can send this to you and if you are business contact, for the purpose of contacting you in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– For the purpose of contacting you, if you are a private individual, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To progress an opportunity;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities;

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interest – as you have expressed an interest in our services or our charitable work; and for contacting you if you are a business contact, in relation to future fundraising campaigns, events and / or sending newsletters).
• Consent– For the purpose of contacting you, if you are a private individual, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal informatio

When you register with us directly to attend an seminar/conference, your personal information is used to: –

• Register you for the event (so we know how many people are, or who is, attending);
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and / or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities.

When you provide your business contact details at a seminar/conference, your personal information is used to: –

• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and / or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interest – as you have expressed an interest in our services and activities; and for contacting you if you are a business contact, in relation to future fundraising campaigns, events and/or sending newsletters).
• Consent– For the purpose of contacting you, if you are a private individual, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• Consider you for a recruitment vacancy;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interest– as you have expressed an interest in working with us and we will be able to consider your application and contact you in this respect.
• Consent – For the purpose of contacting you in relation to future fundraising campaigns, events and/or sending newsletters, inclusion in any press articles and/or case studies, in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

Who we may share your personal information with

We may share your information with:

• Brainkind’s Technology Providers, who support our day to day operations.

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

If you visit our website and/or if you send a Contact Request via our website

We use your data for the following purposes: –

• To understand website traffic and usage (refer to our Cookie Policy).
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities.
• To forward your questions and comments to the appropriate recipient in Brainkind, where you have entered such information into a web form.
• To send you publications that you have requested, such as the Brainkind Guide To Living – Refer to “If you are someone requesting our publications or resources (e.g. Guide to Living)”.
• To contact you if, by completing our secure online referral form, you indicate that you would like to refer a patient to one of our services – Refer to “If you are someone referring or paying for our Services (e.g. Commissioner, Local Authority or Medical Professional etc Service User”.

If you register as a BINI / BISI User on our Website

We use your data for the following purposes: –

• Licensing you, as a Clinical or Social Care or Criminal Justice Professional, to utilise these tools;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities.
• To understand website traffic and usage (refer to our Cookie Policy).

If you submit a job application via our website – please refer to “If you are a Recruitment Applicant”

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of:

• Legitimate Interests – for the maintenance and monitoring of the performance of our website, to constantly look to improve the site and the services it offers to our users, for the licencing of our tools and for contacting you if you are a business contact, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– For the purpose of contacting you, if you are a private individual, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation – to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

If you are 16 or Under

We are committed to the protection of the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Links to other websites

Our website may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other sites. When you go to other websites from here, we advise you to be aware and read their privacy policy

Cookie Policy

This website uses cookies and similar technologies. Please read on to learn which cookies we use and for what purposes.

By using our website, you accept that we use cookies as described in the following.

What is a cookie and what are similar technologies?

Cookies are small information units which the Website places on your computer’s hard disk, on your tablet or on your smartphone. Cookies contain information that the Website uses to make the communication between you and your web browser more efficient. The cookie does not identify you as an individual user, it identifies your computer.

What type of cookies do we use and for what purposes?

There are two types of cookies – session cookies and persistent cookies:

• Session cookies are temporary bits of information which are deleted when you exit your web browser.
• Persistent cookies are more permanent bits of information that are stored and remain on your computer until they are deleted. Persistent cookies delete themselves after a certain period of time but are renewed each time you visit the website.

The Website uses session cookies and persistent cookies.

We use similar technologies for storing and accessing information in the browser or device which utilises local units and local storage, such as HTML 5 cookies and other methods. These technologies can operate across all your browsers. In some cases, the use of these technologies cannot be controlled by the browser but requires special tools. We use these technologies to store information to ensure the quality of reviews and to spot irregularities in the use of the Website.

We use cookies for: –

• Statistics: Measuring Website traffic i.e. number of visits on the Website, which domains the visitors come from, which pages the visitors visit on the Website and in which overall geographical area the visitors are located.
• Improvement of the functionalities of the Website: Optimising your experience, which includes making the Website more accessible to people who use screen readers to understand information online, as well as giving you the ability to send us donations easily via JustGiving and contact us easily online via secure web forms.
• Connect with Social Media: We give you the possibility of connecting with Social Media, such as Twitter.
• Targeted advertisement: Displaying specific advertisements on the Website which we believe you will find interesting.
• Quality assurance: Ensuring that you can easily access the most recent reviews of our services by care sector inspectors such as the CQC, NIW or other regulators, via our Website.
• Third party cookies: Our Website uses cookies from the following third parties:
  • Google Analytics: for statistical purposes. You can decline cookies from Google Analytics by clicking on this link: http://tools.google.com/dlpage/gaoptout
  • Facebook: only set if you interact with the ShareThis social media plugin or are already logged into one of the related social media platforms from other source for the purpose of connecting and integrating with them. You can decline cookies from ShareThis by clicking on this link: http://www.networkadvertising.org/understanding-online-advertising
  • Twitter: Set by Twitter only if you interact with the Twitter plugin or are already logged into Twitter from other source for the purpose of connecting and integrating with them.
  • DoubleClick: for the purpose of displaying relevant advertisements.

Deletion of cookies

If you want to delete the cookies already on your equipment, you can, if you use a PC or a more recent browser, press CTRL + SHIFT + DELETE simultaneously. If the shortcuts do not work on your browser, please visit the support page for the browser in question. Please note that our Website will not work to its full extent if you delete the cookies.

For further information visit www.aboutcookies.org or www.allaboutcookies.org.

Why we use your personal information

We use your data for the following purposes: –

• To register you for a competition;
• To create publicity materials to promote Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities;
• For use in our internal publications such as Managers Bulletin and internal magazine.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of:

• Legitimate Interest – as you have expressed a wish to enter our competition; and, if you are a business contact – for contacting you, in relation to future competitions, fundraising campaigns, events and/or sending newsletters).
• Consent– For the purpose of contacting you, if you are a private individual, in relation to future competitions, fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documents created is one month after your entry to our competition or two years after you have given us the relevant consents. Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To send you applications, letters and proposals for the purpose of obtaining additional income to support activities;
• To store your preferences for future contact;
• To send updates of the agreed funded projects;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and / or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding Brainkind’s activities;
• To create publicity materials to promote the Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For use in our internal publications such as Managers Bulletin and internal magazine;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected via the Charity Commission, your website or directly given by you.

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list):

• Brainkind Name;
• Brainkind Address;
• Brainkind Email;
• Details of support given;
• Monetary amounts given;
• Preferences for Contact;
• Admin or Trustee Name;
• Admin or Trustee Address;
• Admin or Trustee email;
• Telephone number

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of:

• Legitimate Interest – If you are a business contact, for the purpose(s) of sending you applications, letters and proposals in line with your organisation’s public application processes and/or Brainkind interest and contacting you in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– For the purpose of contacting you, if you are a private individual, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).

Who we may share your personal information with

We may share your information with: –

• The Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote the Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To send letters of correspondence or requests for the purpose of supporting Brainkind including event invitations and campaign support;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding the Brainkind’s activities;
• To create publicity materials to promote the Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For use in our internal publications such as Managers Bulletin and dtFocus;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

If you are a celebrity your personal information is collected via CelebrityWorld, your website, Twitter, or directly given by you, or your Agent.

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list):

• Celebrity Name;
• Celebrity Date of Birth;
• Celebrity Contact Details (e.g. Mobile, Fax etc);
• Celebrity Agent Name;
• Celebrity Agent Contact Details (e.g. Address, Tel, Mobile, Fax);
• Celebrity Social Media links/profiles.
• Celebrity Website

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of: –

• Legitimate Interest – For the purpose(s) of sending you letters, requests and invites where we know there is an interest in Disability, Autism or Brain Injury or other topics associated with our charitable purpose.

Who we may share your personal information with

We may share your information with: –

• The Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote the Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years from consent or unless updated by CelebrityWorld. Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• To send letters of correspondence or requests for the purpose of supporting Brainkind including event invitations and campaign support.
• To send outcome reports;
• To discuss legislation, policy or guidance;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding the Brainkind’s activities;
• To create publicity materials to promote the Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For use in our internal publications such as Managers Bulletin and dtFocus;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

If you are a Parliamentarian, we collect your data from the relevant Parliamentary website:

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list):

• Your name;
• Your contact details including constituency details, website, email, postal and postal addresses and social media handles/profiles;
• Details of committee or group memberships connected with your Parliamentary role

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of:

• Legitimate Interest – For the purpose(s) of sending you letters, requests and invites where we know there is an interest in Disability, Autism or Brain Injury or other topics associated with our charitable purpose.

Who we may share your personal information with

We may share your information with: –

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote the Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and / or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years from consent or unless updated by the Government. Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes:

• To maintain a relationship with you in relation to our orders and your services (e.g. in relation to service delivery activities, invoicing and ongoing communication/relationship management);
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding the Brainkind’s activities.
• To create publicity materials to promote the Brainkind’s activities – for inclusion on/in our or other website(s), social media, press articles and/or case studies);
• For use in our internal publications such as Managers Bulletin and internal magazine;
• For financial reporting;
• For external use such as Annual Review.

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of:

• Legitimate Interest – to maintain a relationship with you in relation to our orders and yours services (e.g. in relation to service delivery activities, invoicing and ongoing communication/relationship management) and for contacting you, in relation to future fundraising campaigns, events and/or sending newsletters;
• Contract– Where we need to process your personal details to comply with our obligations under the contract;
• Consent– For the purpose of contacting you, if you are a private individual, in relation to future fundraising campaigns, events and/or sending newsletters.
• Consent– If you are a private individual or a business contact, for inclusion of your information on our or other website(s), social media, press articles and/or case studies (in which case we will always obtain your fully informed, freely given, consent (i.e. we will obtain your permission).
• Legal Obligation – For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you

Who we may share your personal information with

We may share your information with:

• Brainkind’s Technology Providers, who support our day to day operations;
• Our Marketing Partners – e.g.:
  • Marketing Automation Partners;
  • Social Media;
  • Event Organisations – to register you for an event;
  • Mailing Houses – to provide you with information regarding our services and/or future events (i.e. via telephone, postal and electronic marketing);
  • Design Agencies – so we can create publicity materials to promote Brainkind’s activities; however, this is only where we have obtained your fully informed, freely given, consent).

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes:

• To send press releases and articles of interest;
• To invite and send you information regarding our events;
• To take photographs for future campaigns and promotions;
• To write case studies for publication and to keep them updated;
• To identify if you have registered with the Fundraising Preference Service, Corporate Telephone Preference Service, Telephone Preference Service and/or have notified Brainkind that you do not wish to be contacted and/or receive direct marketing information regarding our services and activities;
• Unless we have identified (or been made aware) you do not wish to receive marketing information, as per above – to contact you directly in the future regarding our services, future fundraising campaigns and/or events (i.e. via postal and electronic marketing);
• To send you newsletters regarding the Brainkind’s activities;
• For financial reporting;
• For external use such as Annual Review.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is collected via Vuelio or directly given by you.

We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list): –

• Publication type e.g. radio, magazine, press;
• Publication name;
• publication email;
• publication contact name;
• Telephone number;
• Named person in photograph;
• Quote from person;
• Information about history for case study including medical

Our legal basis for using your personal information

The processing of your personal information is based upon the lawful basis of:

• Case Study Contacts – Consent– We will obtain your permission for the purpose of inclusion in press articles and/or case studies (i.e. we will always obtain your fully informed, freely given, consent).
• Media Contacts – Legitimate Interest– For the purpose(s) of sending you press articles and event information for inclusion in your publication for public interest.

Who we may share your personal information with

We may share your information with: –

• The Brainkind’s Technology Providers, who support our day to day operations

The transfer of your personal information to a Country or International Organisation outside of the European Union

We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.

These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years from consent or unless updated by Veulio. Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

We use your data for the following purposes: –

• For security and health and safety purposes (knowing who is in our building and when).

Our legal basis for using your personal information

Who we may share your personal information with

We may share your information with: –

• The Brainkind’s Technology Providers, who support our day to day operations;

The transfer of your personal information to a Country or International Organisation outside of the European Union

We do not intend to transfer your personal information to any countries or International Organisations outside of the European Union.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Background

Brainkind uses the definition of research outlined by the Health Research Authority (HRA). All projects that meet this definition require prior review and approval by the relevant bodies. This process includes the review of information materials and consent forms. No personal information will be gathered for research purposes without your prior written consent.

Why we use your personal information

If you are invited, and give informed consent, to take part in our research, we use your data for the following purposes: –

• To fulfil the research objectives of the specific project in which you agreed to participate;
• To share information about other relevant projects.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is directly given by you.

The type of personal information in relation to you we process may include – e. g. (this is not an exhaustive list):

• General Personal details (Name, Address & contact Info);
• Information about your medical history.

However, you will be provided with specific details about what information will be collected, and about what participation will entail prior to giving your consent to take part in research.

Our legal basis for using your personal information:

Who we may share your personal information with

The personal information you provide will always be kept separately from research data, which is stored in an anonymised format. Some projects may require sharing of information with specific academic partners. You will be informed of the identity of these partners and about the nature of the information to be shared prior to giving your consent to share. Only the named investigators of a particular project will have access to this information and will only use your personal data in order to meet previously specified research objectives.

The transfer of your personal information to a Country or International Organisation outside of the European Union

Any transfer of personal information outside the European Union will require approval by the relevant bodies. This will be stated explicitly in the information materials you receive, and no transfers of data will occur without your explicit consent.

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Why we use your personal information

It is necessary for us to process personal data of both job applicants and workers for the following reasons:

• We will need the information in order to identify the individual for the purposes of recruitment;
• We will need to maintain that information for the general purposes of the ongoing employment relationship including performing the employment contract and maintaining the health and safety of individuals on our premises.

How we obtain your personal information and the types of personal information we may obtain

Your personal information is directly given by you or from a Recruitment Agenda.

The type of personal information in relation to you we process may include – e. g. (this is not an exhaustive list): –

• General Personal details (Name, Address & contact Info, DOB, etc);
• Education, Qualifications, Training Records;
• Employment History;
• Pre-employment Checks (Ability to Work, Criminal Records Checks (CRC))
• Employment and/or Personal References;
• Equal Opportunity Data (Ethnic Origin, Gender, Religion, Sexual Orientation etc);
• Pre-existing medical conditions at the time of employment;
• Occupational health records;
• Benefit Providers (and associated information);
• Unique identifiers and reference numbers that we or others have allocated to you (e.g. Employee ID/Payroll No, NI and other numbers);
• Photographs of you;
• Employment Performance Records (e.g. appraisals, disciplinary notes etc);
• Holiday and sickness records;
• Your financial information, including, where relevant, details of your salary, bonuses, bank details, tax records etc.
• Your Next of Kin and family (e.g. their relationship to you, address, contact details etc).

Our legal basis for using your personal information

In line with our Record of Processing Activity (ROPA) our legal basis for processing personal data of applicants and workers is that:

• Processing the personal data is necessary for the purpose of carrying out the employment contract or to take steps to enter into an employment contract;
• Processing is necessary to comply with a legal obligation (for example we are obliged under employment law to include in a written statement of employment terms the identity of the parties to the employment contract);
• Processing the data is necessary to protect the vital interests of an individual (for example we are legally responsible for the health and safety of staff and job applicants (when they are on our premises) and so it is necessary to process data relating to those individuals for that reason); and/or
• Processing the data is necessary for the purposes of our “legitimate interests” as the data controller (except where such interests are overridden by the interests, rights or freedoms of the individual).

Our “legitimate interests” for these purposes are:

• The need to process data on applicants and staff for the purposes of assessing suitability for employment and then carrying out the employment contract;
• The need to gather data for the purposes safeguarding the health and safety of job applicants and employees;
• The need to transfer employee data intra-group for administrative purposes; and
• The need to process employee data for the purposes of ensuring network and information security.

We may from time to time need to process Special Categories of Data, for example medical records or other information relating to the health and wellbeing of an individual.

In that case we will either obtain the explicit consent of the individual to the processing of such data or we may consider the processing of that data as being necessary for carrying out our obligations as an employer. That will be assessed on a case by case basis.

If you do not provide at least that data that is necessary for us to assess suitability for employment and then to conduct the employment relationship then it will not practically be possible for us to employ you.

Who we may share your personal information with

Your personal data may be received by the following categories of people:

• Our HR department;
• In the case of job applicants, the interviewer and prospective manager;
• Any individual authorised by us to maintain personnel files;
• Our professional advisers;
• Our Technology Providers;
• Training Providers and Awarding/Examining Bodies – for the provision of information in relation to the qualifications of our workforce;
• Employee Membership / Benefit providers; and
• Appropriate external regulators and authorities (such as HMRC and HSE)

How long we keep hold of your data

We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.

Examples are: – Income tax and NI returns, income tax records, wage and salary records and correspondence with HMRC: We are obliged to keep these records for 6 years after the end of the financial year to which they relate.

Automated Decision Making & Profiling

We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).

Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).

Test and Trace – Recording staff, customer and visitor details: how we use your information

To support NHS Test and Trace (which is part of the Department for Health and Social Care) in England, we have been mandated by law to collect and keep a limited record of staff, customers and visitors who come onto our premises for the purpose of contact tracing.

By maintaining records of staff, customers and visitors, and sharing these with NHS Test and Trace where requested, we can help to identify people who may have been exposed to the coronavirus.

As a customer/visitor of Brainkind you will be asked to provide some basic information and contact details. The following information will be collected:

· the names of all customers or visitors

· a contact phone number for each customer or visitor

· date of visit and arrival time and departure time.

Brainkind as the data controller for the collection of your personal data, will be responsible for compliance with data protection legislation for the period of time it holds the information. When that information is requested by the NHS Test and Trace service, the service would at this point be responsible for compliance with data protection legislation for that period of time.

The NHS Test and Trace service as part of safeguarding your personal data, has in place technical, organisational and administrative security measures to protect your personal information that it receives from Brainkind, that it holds from loss, misuse, and unauthorised access, disclosure, alteration and destruction.

In addition, if you only interact with one member of staff during your visit, the name of the assigned staff member will be recorded alongside your information.

NHS Test and Trace have asked us to retain this information for 21 days from the date of your visit, to enable contact tracing to be carried out by NHS Test and Trace during that period. We will only share information with NHS Test and Trace if it is specifically requested by them.

For example, if another customer at the service reported symptoms and subsequently tested positive, NHS Test and Trace can request the log of customer details for a particular time period (for example, this may be all customers who visited on a particular day or time-band, or over a 2-day period).

We require you to pre-book appointments for visits or to complete a form on arrival.

Under government guidance, the information we collect may include information which we would not ordinarily collect from you and which we therefore collect only for the purpose of contact tracing. Information of this type will not be used for other purposes, and NHS Test and Trace will not disclose this information to any third party unless required to do so by law (for example, as a result of receiving a court order). In addition, where the information is only collected for the purpose of contact tracing, it will be destroyed by us 21 days after the date of your visit.

However, the government guidance may also cover information that we would usually collect and hold onto as part of our ordinary dealings with you (perhaps, for example, your name, date of birth and phone number). Where this is the case, this information only will continue to be held after 21 days and we will use it as we usually would, unless and until you tell us not to.

Your information will always be stored and used in compliance with the relevant data protection legislation.

The use of your information is covered by the UK General Data Protection Regulations Article 6 (1) (c) – a legal obligation to which we as a venue/establishment are subject to. The legal obligation to which we’re subject, means that we’re mandated by law, by a set of new regulations from the government, to co-operate with the NHS Test and Trace service, in order to help maintain a safe operating environment and to help fight any local outbreak of corona virus.

Following an amendment to the Health and Social Care Act 2008, all care home workers and other visiting professionals will need to be fully vaccinated against Covid 19, unless they have an exemption or there is an emergency. As such, Brainkind will be gathering your information to enable us to:

• Monitor vaccination and COVID status of staff;
• Ensure staff maintain an up to date vaccination status;
• Monitor vaccination and COVID-19 status of personnel entering the care home.

The use of your information is covered by the UK General Data Protections Regulations Article 6 (1) (c) and Article 9 (2) (i) – a legal obligation to which we as a care provider are subject to under the Health and Social Care Act 2008 (Regulated Activities).

Brainkind treat all data relating to vaccination status confidentially and disclosure of an individuals vaccination status would only occur in defined circumstances.

By law, you have a number of rights as a data subject, such as the right to be informed, the right to access information held about you and the right to rectification of any inaccurate data that we hold about you.

You have the right to request that we erase personal data about you that we hold (although this is not an absolute right).

You have the right to request that we restrict processing of personal data about you that we hold in certain circumstances.

You have the right to object to processing of personal data about you on grounds relating to your particular situation (also again this right is not absolute).

If you are unhappy or wish to complain about how your information is used, you should contact a member of staff in the first instance to resolve your issue.

If you are still not satisfied, you can complain to the Information Commissioner’s Office. Their website address is www.ico.org.uk.

You can also contact the Brainkind’s Data Protection Officer at dpo@brainkind.org.

We keep our privacy notice under regular review, and we will make new versions available on our privacy notice page on Brainkind’s website: https://brainkind.org/privacy-policy/