Read about the impact we have on supporting people with brain injuries and other neurological conditions
Our team across our services are here to answer your queries and questions
Take a look at our different services across the UK, and how they can support you
Read about how our services are having an impact on people’s lives
Learn about brain injuries, the rehabilitation journey, from diagnosis and treatment to the ongoing support and independence.
The Brain Injury Linkworker Service is based on the belief in equal and fair access to neurorehabilitation for all. Learn how we can support your organisation.
Read the latest insights about brain injury rehabilitation from the Brainkind research team
View our research teams published book chapters and articles in peer reviewed publications.
Get involved and support a world where life after brain injury is a life well lived.
Do you support homeless people and prisoners and ex-offenders who have experienced an acquired brain injury? Our training is designed to give you the tools you need to support people in your service.
View our careers page for jobs across all our services.
There are many ways to donate to Brainkind. Your donations will help support people with brain injuries and neurological conditions.
Home / Privacy policies
Brainkind provides specialist residential, community-based support, and rehabilitation and hospital care and treatment for adults with acquired brain injury, complex physical or learning disabilities, and for people with autism, including education.
Brainkind also aims to make a difference to the lives of those who are unable to access our core services by proving support, initiating and enhancing good practice, and directing or influencing policy within our areas of expertise – brain injury, learning disabilities, autism and physical disabilities.
People are at the heart of everything we do and our services across the country include purpose-built residential accommodation, community-based housing, respite care, special education and community enabling services to maximise each individual’s independence.
Working in partnership with those we support, their families and friends, local authorities, health authorities, housing associations and other organisations, we have an established track record of delivering leading-edge services that meet the needs of people with complex and challenging disabilities. We continually evaluate our activities and conduct research in our efforts to refine our existing services and develop new ones in response to identified individual needs.
Security
Brainkind is committed to protecting your personal information and privacy. We are certified to an internationally recognised security standard (ISO/IEC 27001), with a United Kingdom Accreditation Service (UKAS) accredited body.
We have security measures in place designed to prevent the loss of data, preserve data integrity, and to control access to the data and know that ensuring the accuracy and security of your personal information is essential to retaining your confidence and trust.
Purpose of this Privacy Policy
The purpose of this privacy policy is to describe, in cases where Brainkind is the Data Controller, why and how we collect and use your personal information and to provide information about your rights. It applies to personal information provided to us, both by individuals themselves or by others. We may use personal information provided to us for any of the purposes described in this privacy policy or as otherwise stated at the point of collection.
When collecting and using personal information, our policy is to be fair, lawful and transparent about why and how we process it.
To find out more about our specific processing activities, please refer to the relevant sections of this policy in the left hand menu.
Brainkind’s Contact Details
The Data Controller is The Disabilities Trust t/a Brainkind (registered in England under Charity No: 800797 and with its registration address at 32 Market Place, Burgess Hill, West Sussex, RH15 9NP).
If you have any questions about this privacy policy or how and why we process personal information, please contact us via any of the routes below: –
Post:
The Data Protection Officer
Brainkind
32 Market Place
Burgess Hill
West Sussex
RH15 9NP
Email: dpo@thedtgroup.org
Phone: 01444 239123
Why we use your personal information
We use your data for the following purposes:
How we obtain your personal information and the types of personal information we may obtain
Your personal information is collected in a number of ways, via Education, NHS and other health and social care authorities/organisations and professionals, via referral details from your Commissioners, via your family members (or guardians) or directly given by you.
We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list): –
The information we collect about you may also include special categories of personal information such as sexuality, race, your religion or beliefs, and whether you have a disability, allergies or health conditions.
Where possible, when using your information to communicate with other persons or organisations that may be involved in your care, non-identifiable (pseudonymised) information will be used.
Our legal basis for using your personal information
The processing of your personal information is based upon the lawful basis that processing is necessary for the performance of a task carried out in the public interest and for the provision of health or social care (referred to in the GDPR Article 6(1) (e) and Article 9(2) (h).
This is based upon the following: –
It is important for us to have a complete picture, as this information assists staff involved in your care to deliver and provide improved education, appropriate treatment and care plans, to meet your needs. We also need your information to administer our service to you, including: –
There is also likely to be significant benefit from using your information to deliver education, care and improve services across Brainkind, NHS and social care. For example, your information can be used to help: –
It helps you because: –
Consent – We will obtain your permission, prior to publication, for the inclusion of your information on our or other website(s), social media, press articles and/or case studies (i.e. we will always obtain your fully informed, freely given, consent).
Legal Obligation – For cases where you may have withdrawn consent from or objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.
If you are 16 or Under
We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.
Who we may share your personal information with
Information sharing is governed by specific rules and law. To provide the best care possible, sometimes we will need to share information about you with others, this may include: –
Where your information is shared with other organisations, a Contract and/or Information Sharing Agreement is drawn up to ensure information is shared in a way that complies with relevant legislation.
The transfer of your personal information to a Country or International Organisation outside of the European Union
We intend to transfer personal information outside of the European Union, to some of our Technology providers.
These transfers occur on the basis of the protection provided by the EU-US Privacy Shield.
How long we keep hold of your data
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). Our Records Management and Retention Policy sets out how long records should be retained.
Automated Decision Making & Profiling
We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g. we do not conduct automated decision making).
Neither do we conduct any automated processing of personal information to evaluate certain things about you (e.g. we do not conduct profiling).
We use your data for the following purposes: –
Your personal information is collected in a number of ways (e.g. via other health and social care organisations or professionals with whom the Service User may have been receiving care, via referral details from Commissioners, via Service Users or directly given by you).
The processing of your personal information is based upon the lawful basis of Legitimate Interest, based upon the general principles that:
Legitimate Interests
It is important for us to have a complete picture of the Service Users background, as this information assists staff involved in their care to deliver and provide improved care and to deliver appropriate treatment and care plans, to meet their needs. There is also likely to be significant benefit from using your information to deliver education, care and improve health, care and education services across Brainkind, NHS and social care. For example, your information can be used to help:
Consent
We will obtain your permission for the purpose of contacting you in relation to future fundraising campaigns, events and/or sending newsletters and inclusion of your information on our or other website(s), social media, press articles and/or case studies (i.e. we will always obtain your fully informed, freely given, consent).
Legal Obligation
For cases where you may have objected to marketing, we also have a legal obligation to hold some personal data, albeit limited, in order to ensure no more marketing is sent to you.
The processing of your personal information is based upon the lawful basis of: –
We may share your information with: –
Your personal information is collected via our Partners, Just Giving or Virgin Money or directly given by you.
We process the following types of personal information in relation to you (unless your donation is anonymous) – e.g. (this is not an exhaustive list): –
We intend to transfer personal information outside of the European Union, to some of our Technology and/or Marketing Partners.
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).
If you claim Gift Aid on a donation you make, we are required by HMRC to keep data related to your donation for six years after the tax year in which the donation was made. Our Records Management and Retention Policy sets out how long records should be retained.
We do not make any decisions in relation to your personal information, solely by automated means without any human involvement (e.g we do not conduct automated decision making).
We process the following types of personal information in relation to you – e.g. (this is not an exhaustive list):
The processing of your personal information is based upon the lawful basis of:
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years after your support was given (or in the case of gifting in a Will – 2 years after settlement). Our Records Management and Retention Policy sets out how long records should be retained.
Your personal information is collected via our Partners (e.g. National Association for Voluntary and Community Access), or directly given by you.
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years after you have last volunteered with us. Our Records Management and Retention Policy sets out how long records should be retained.
Your personal information is collected via an appointment process and/or directly given by you.
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is two years after the ceasing of relationship with Brainkind. Our Records Management and Retention Policy sets out how long records should be retained.
Why we use your personal informatio
When you register with us directly to attend an seminar/conference, your personal information is used to: –
When you provide your business contact details at a seminar/conference, your personal information is used to: –
We may share your information with:
If you visit our website and/or if you send a Contact Request via our website
If you register as a BINI / BISI User on our Website
If you submit a job application via our website – please refer to “If you are a Recruitment Applicant”
We are committed to the protection of the privacy of children aged 16 or under. If you are aged 16 or under and we process your data on the legal basis of Consent (i.e. your permission), we will ensure we obtain your parent/guardian’s Consent beforehand whenever you or other parties, provide us with your personal information.
Links to other websites
Our website may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other sites. When you go to other websites from here, we advise you to be aware and read their privacy policy
Cookie Policy
This website uses cookies and similar technologies. Please read on to learn which cookies we use and for what purposes.
By using our website, you accept that we use cookies as described in the following.
What is a cookie and what are similar technologies?
Cookies are small information units which the Website places on your computer’s hard disk, on your tablet or on your smartphone. Cookies contain information that the Website uses to make the communication between you and your web browser more efficient. The cookie does not identify you as an individual user, it identifies your computer.
What type of cookies do we use and for what purposes?
There are two types of cookies – session cookies and persistent cookies:
The Website uses session cookies and persistent cookies.
We use similar technologies for storing and accessing information in the browser or device which utilises local units and local storage, such as HTML 5 cookies and other methods. These technologies can operate across all your browsers. In some cases, the use of these technologies cannot be controlled by the browser but requires special tools. We use these technologies to store information to ensure the quality of reviews and to spot irregularities in the use of the Website.
We use cookies for: –
Deletion of cookies
If you want to delete the cookies already on your equipment, you can, if you use a PC or a more recent browser, press CTRL + SHIFT + DELETE simultaneously. If the shortcuts do not work on your browser, please visit the support page for the browser in question. Please note that our Website will not work to its full extent if you delete the cookies.
For further information visit www.aboutcookies.org or www.allaboutcookies.org.
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documents created is one month after your entry to our competition or two years after you have given us the relevant consents. Our Records Management and Retention Policy sets out how long records should be retained.
Your personal information is collected via the Charity Commission, your website or directly given by you.
If you are a celebrity your personal information is collected via CelebrityWorld, your website, Twitter, or directly given by you, or your Agent.
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years from consent or unless updated by CelebrityWorld. Our Records Management and Retention Policy sets out how long records should be retained.
If you are a Parliamentarian, we collect your data from the relevant Parliamentary website:
We intend to transfer personal information outside of the European Union, to some of our Technology and / or Marketing Partners.
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years from consent or unless updated by the Government. Our Records Management and Retention Policy sets out how long records should be retained.
Your personal information is collected via Vuelio or directly given by you.
We retain the personal information processed by us, only for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for your personal information and other documentary created is 2 years from consent or unless updated by Veulio. Our Records Management and Retention Policy sets out how long records should be retained.
We do not intend to transfer your personal information to any countries or International Organisations outside of the European Union.
Background
Brainkind uses the definition of research outlined by the Health Research Authority (HRA). All projects that meet this definition require prior review and approval by the relevant bodies. This process includes the review of information materials and consent forms. No personal information will be gathered for research purposes without your prior written consent.
If you are invited, and give informed consent, to take part in our research, we use your data for the following purposes: –
Your personal information is directly given by you.
The type of personal information in relation to you we process may include – e. g. (this is not an exhaustive list):
However, you will be provided with specific details about what information will be collected, and about what participation will entail prior to giving your consent to take part in research.
Our legal basis for using your personal information:
The personal information you provide will always be kept separately from research data, which is stored in an anonymised format. Some projects may require sharing of information with specific academic partners. You will be informed of the identity of these partners and about the nature of the information to be shared prior to giving your consent to share. Only the named investigators of a particular project will have access to this information and will only use your personal data in order to meet previously specified research objectives.
Any transfer of personal information outside the European Union will require approval by the relevant bodies. This will be stated explicitly in the information materials you receive, and no transfers of data will occur without your explicit consent.
It is necessary for us to process personal data of both job applicants and workers for the following reasons:
Your personal information is directly given by you or from a Recruitment Agenda.
The type of personal information in relation to you we process may include – e. g. (this is not an exhaustive list): –
In line with our Record of Processing Activity (ROPA) our legal basis for processing personal data of applicants and workers is that:
Our “legitimate interests” for these purposes are:
We may from time to time need to process Special Categories of Data, for example medical records or other information relating to the health and wellbeing of an individual.
In that case we will either obtain the explicit consent of the individual to the processing of such data or we may consider the processing of that data as being necessary for carrying out our obligations as an employer. That will be assessed on a case by case basis.
If you do not provide at least that data that is necessary for us to assess suitability for employment and then to conduct the employment relationship then it will not practically be possible for us to employ you.
Your personal data may be received by the following categories of people:
Examples are: – Income tax and NI returns, income tax records, wage and salary records and correspondence with HMRC: We are obliged to keep these records for 6 years after the end of the financial year to which they relate.
Test and Trace – Recording staff, customer and visitor details: how we use your information
To support NHS Test and Trace (which is part of the Department for Health and Social Care) in England, we have been mandated by law to collect and keep a limited record of staff, customers and visitors who come onto our premises for the purpose of contact tracing.
By maintaining records of staff, customers and visitors, and sharing these with NHS Test and Trace where requested, we can help to identify people who may have been exposed to the coronavirus.
As a customer/visitor of Brainkind you will be asked to provide some basic information and contact details. The following information will be collected:
· the names of all customers or visitors
· a contact phone number for each customer or visitor
· date of visit and arrival time and departure time.
Brainkind as the data controller for the collection of your personal data, will be responsible for compliance with data protection legislation for the period of time it holds the information. When that information is requested by the NHS Test and Trace service, the service would at this point be responsible for compliance with data protection legislation for that period of time.
The NHS Test and Trace service as part of safeguarding your personal data, has in place technical, organisational and administrative security measures to protect your personal information that it receives from Brainkind, that it holds from loss, misuse, and unauthorised access, disclosure, alteration and destruction.
In addition, if you only interact with one member of staff during your visit, the name of the assigned staff member will be recorded alongside your information.
NHS Test and Trace have asked us to retain this information for 21 days from the date of your visit, to enable contact tracing to be carried out by NHS Test and Trace during that period. We will only share information with NHS Test and Trace if it is specifically requested by them.
For example, if another customer at the service reported symptoms and subsequently tested positive, NHS Test and Trace can request the log of customer details for a particular time period (for example, this may be all customers who visited on a particular day or time-band, or over a 2-day period).
We require you to pre-book appointments for visits or to complete a form on arrival.
Under government guidance, the information we collect may include information which we would not ordinarily collect from you and which we therefore collect only for the purpose of contact tracing. Information of this type will not be used for other purposes, and NHS Test and Trace will not disclose this information to any third party unless required to do so by law (for example, as a result of receiving a court order). In addition, where the information is only collected for the purpose of contact tracing, it will be destroyed by us 21 days after the date of your visit.
However, the government guidance may also cover information that we would usually collect and hold onto as part of our ordinary dealings with you (perhaps, for example, your name, date of birth and phone number). Where this is the case, this information only will continue to be held after 21 days and we will use it as we usually would, unless and until you tell us not to.
Your information will always be stored and used in compliance with the relevant data protection legislation.
The use of your information is covered by the UK General Data Protection Regulations Article 6 (1) (c) – a legal obligation to which we as a venue/establishment are subject to. The legal obligation to which we’re subject, means that we’re mandated by law, by a set of new regulations from the government, to co-operate with the NHS Test and Trace service, in order to help maintain a safe operating environment and to help fight any local outbreak of corona virus.
Following an amendment to the Health and Social Care Act 2008, all care home workers and other visiting professionals will need to be fully vaccinated against Covid 19, unless they have an exemption or there is an emergency. As such, Brainkind will be gathering your information to enable us to:
The use of your information is covered by the UK General Data Protections Regulations Article 6 (1) (c) and Article 9 (2) (i) – a legal obligation to which we as a care provider are subject to under the Health and Social Care Act 2008 (Regulated Activities).
Brainkind treat all data relating to vaccination status confidentially and disclosure of an individuals vaccination status would only occur in defined circumstances.
By law, you have a number of rights as a data subject, such as the right to be informed, the right to access information held about you and the right to rectification of any inaccurate data that we hold about you.
You have the right to request that we erase personal data about you that we hold (although this is not an absolute right).
You have the right to request that we restrict processing of personal data about you that we hold in certain circumstances.
You have the right to object to processing of personal data about you on grounds relating to your particular situation (also again this right is not absolute).
If you are unhappy or wish to complain about how your information is used, you should contact a member of staff in the first instance to resolve your issue.
If you are still not satisfied, you can complain to the Information Commissioner’s Office. Their website address is www.ico.org.uk.
You can also contact the Brainkind’s Data Protection Officer at dpo@brainkind.org.
We keep our privacy notice under regular review, and we will make new versions available on our privacy notice page on Brainkind’s website: https://brainkind.org/privacy-policy/