Important information and who we are
TBRP has a well-established reputation for helping some of the most vulnerable people in our communities. Individuals rely on our trust, discretion and integrity when engaging with our recovery services. We extend our commitment to maintaining this trust and confidence to all visitors of our website. We respect your privacy and are committed to protecting your personal data.
This website is not intended for children and we do not knowingly collect data relating to children.
Full name of legal entity: The Basement Recovery Project
Addressee: Attn: Data Controller
Email address: firstname.lastname@example.org
Postal address: Basement House, 10 Carlton Street, Halifax, HX1 2AL
Collection and use of personal information
Personal information means any information that may be used to identify you, such as your name, title, phone number, hair colour, email address or postal address. In general, you can browse our website without giving us any personal information.
Our statistical analysis collects only anonymous, aggregate technical statistics i.e. we do not link a specific IP address, name or any other personal information which can directly identify you as an individual.
Your IP address is also used by our security software to protect us (and other site visitors) from malicious malware, attacks and spam.
The exception to this is if you wish to sign up for our newsletter email list. Our newsletter email list collects your name and email address to enable us to personalise and send you occasional news, stories and event information that are relevant to TBRP or our sector in general. Our newsletter is no more frequent than monthly but typically is more like quarterly. You can unsubscribe at any time from our newsletter email list, either by emailing us from the email address you used to sign up or by following the unsubscribe link in the newsletter itself.
TBRP’s email servers and services are registered and authorised for use with MailChimp using DKIM and SFP records. All our newsletters will come from the thebasementproject.org.uk domain.
Correspondence Via Email
You may use our contact form on the website to send a message to one of our offices. The information you enter through our contact form is information you freely provide and is forwarded via secure email protocols. This is the same process as if you had emailed us direct, except no email is stored on the website and nothing is in your email sent items. The information received in our email system will be treated with confidence, like all emails, and will be used only to deal with your enquiry. Our email forms are sent via SMTP protocols over Transport Layer Security (TLS) to encrypt and protect email traffic.
How do we handle your personal information (Principles of processing)
We handle personal information according to the requirement of the UK Data Protection Act 2018 and UK GDPR which applies the EU’s General Data Protection Regulation, GDPR, standards for the processing of data considered as “general data”. Your personal information held by TBRP is secure and is accessed by our staff, volunteers, contractors and data processors working on our behalf when required to do so for lawful purpose and the principles of processing your data.
TBRP will ensure that we comply with one or more key principles of processing personal data:
a) processed lawfully, fairly and in a transparent manner in relation to individuals (‘lawfulness, fairness and transparency’);
b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes (‘purpose limitation’);
c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the UK GDPR in order to safeguard the rights and freedoms of individuals (‘storage limitation’);
f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’)
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.
Your right to be informed
Your right of access
- You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
Your right to rectification
- You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
Your right to erasure
- You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing
- You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing
- You have the right to object to processing if we are able to process your information because the process is in our legitimate interests.
Your right to data portability
- This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
Special Categories of Personal Data
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).
We have implemented reasonable technical and organisational measures designed to secure your personal data from accidental loss and from unauthorised access, use, alteration or disclosure. However, the Internet is an open system and we cannot guarantee that unauthorised third parties will never be able to defeat those measures or use your personal information for improper purposes.
Sharing your information
We will not share your information with any third parties for the purposes of direct marketing.
In some circumstances, we may be legally obliged to share information. For example, under a court order or where we cooperate with supervisory authorities in providing our services. We might also share information with other bodies in order to further their, or our, objectives in helping you to attain the most from our services. In any scenario, we’ll satisfy ourselves that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information.
Your right to complain
We work to high standards when it comes to processing your personal information. If you have any queries or concerns, please contact us using the information above (Controller) and we’ll respond in a timely manner. If you remain dissatisfied, you can make a complaint about the way we process your personal information to the Information Commissioner’s Office.
Changes to this Policy
[Page Updated: 2 March 2022]