top of page

Privacy and Cookies Policy

 

This is Brent Mencap’s HR privacy notice. Our company registration number is 03651245 and our charity number is 1077038. Our address is 379-381 High Road, Willesden, NW10 2JR.  

We are the Data Controller for the processing activities outlined in this privacy notice.

This notice applies to our employees, job applicants, volunteers, freelancers, trustees.

How and when do we collect information about you?

You provide several pieces of data to us directly during the recruitment period and subsequently upon the start of your employment/engagement. 

 

In some cases, we will collect data about you from third parties, such as employment agencies or former employers when gathering references.

What types of information is collected about you and who provides it? 

We keep several categories of personal data on our employees/freelancers/job applicants/trustees and volunteers in order to carry out effective and efficient processes. We keep this data in a personnel file relating to each individual and we also hold the data within our computer systems, for example, our holiday booking system.

 

Specifically, depending on your type of engagement with the Brent Mencap, we may process the following types of data:

 

a)     personal details such as name, address, phone numbers

b)    name and contact details of your next of kin

c)     your photograph, your gender, marital status

d)    footage of the organisation events where you may appear

e)    information of any disability or other medical information you have disclosed 

f)      right to work documentation

g)     information gathered via the recruitment process such as that included in a CV, cover letter or application form, references from former employers, details on your education and employment history etc

h)    National Insurance number, bank account details and tax codes

i)      information relating to your employment with us (e.g job title, job description, salary, terms and condition of the contract, annual leave records, appraisal and performance indication, formal and informal proceedings involving you such as letters of concern and disciplinary, disciplinary and grievance proceedings. 

j)      internal and external training modules undertaken

k)     information on time off from work including sickness absence, family related leave etc

l)      IT equipment use including telephones and internet access

We may also process special category of data which include health information, sexual orientation, race, ethnic origin and religion. We may also process criminal records information if the role involves DBS check. 

How is the information used?

We are required to use your personal data for various legal and practical purposes for the administration of your contract of employment or your volunteer/trustee agreement, without which we would be unable to employ you. Holding your personal data enables us to meet various administrative tasks, legal obligation or contractual/agreement obligation. 

Lawful basis for processing

We mainly use ‘contractual obligation’ as a lawful basis for processing your personal data for employees, job applicants and free lancers. We mainly use  ‘legitimate interest’ for trustees and volunteers. We may also have legal obligation in order to process and share your data, for example we need to share salary information to HRMC or use some of your data to enrol a new employee on a pension scheme. When processing special category of data, we may use your consent. 

 

We may rely on our legitimate interest for processing activity such as keeping supervision and appraisal records; using your image, bio and videos/pictures of the organisations’ events where you may appear on our website or marketing/fundraising materials to promote the charity. When relying on legitimate interest, we may undertake a balancing test to ensure your rights are upheld. 

 

When processing criminal records (for example, in order to perform DBS check), the organisation relies on the lawful basis of legitimate interest, and Condition 10 from Schedule 1, DPA 2018, ("preventing or detecting unlawful acts").

How long do we keep your data?

We only keep your data for as long as we need it for, which will be at least for the duration of your employment/engagement with us though in some cases we will keep your data for a period of 6 years after your employment/engagement has ended. If you’ve applied for a vacancy but your application hasn’t been successful, we will keep your data only for 12 months. 

 

Some data retention periods are set by the law. Retention periods can vary depending on why we need your data. Please get in touch by contacting Ann O’Neill on 0208 451 5278 you want to know more about retention period. 

 

Data is destroyed or deleted in a secure manner as soon as the retention date has passed.

 

Confidentiality - who do we share your data with?

Employees within our company who have responsibility for recruitment, administration of payment and contractual benefits and the carrying out performance related procedures will have access to your data which is relevant to their function. All employees have been trained in ensuring data is processing in line with UK GDPR and the Data Protection Act (2018). 

 

Data in relation to your salary is shared with HRMC as part of our legal obligation. Data may be shared with third parties for the following reasons: for the administration of payroll, pension, HR functions, administering other employee benefits and with the building security team for the issuing of you building access pass. When sharing with third parties, we have data sharing, processor agreements or contracts in place to ensure data is not compromise . Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

 

We may have a section on our website or social media where we upload the name, photo and a short bio of our employees. It is in our legitimate interest to have such information available on the website but you have the right to object. Please see section Your rights as Data Subject.  

 

Your Rights

  • Right to be Informed: You have the right to be informed about how we are using your data. If you think we are doing something with your information that we have not told you about in this Privacy Notice, you can object to this;

  • The Right of Access: You can request access to a copy of the personal data that we hold about you;

  • The Right to Rectification: If you think that the personal data we hold about you is inaccurate or incomplete, you have a right to request that it be rectified;

  • The Right to Erasure: You can ask us to delete your personal data where it is no longer necessary for us to use it, where you have withdrawn consent (if we process based on consent), or where we have no lawful basis for keeping it;

  • The Right to Restrict Processing: You can ask us to restrict the personal data we use about you where you have asked for it to be erased or where you have objected to our use of it;

  • Right to Data Portability: You can ask us to provide you, or a third party (if possible), with some of the personal data we hold about you in a structured, commonly used, electronic form, so that it can be easily transferred; and

  • Right to Object: You can object to the processing of your personal data. You should note that this right does not apply in all circumstances, for example, where we are processing information because it is necessary to complete a contract.

You can contact us at 0208 451 5278 to exercise your rights outlined above. We will treat your information with respect and will not share it with any other organisation. 

Changes to Privacy Notice

This Privacy Notice is effective as of the ‘last updated’ date (29/11/2023) and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page. 

We reserve the right to update or change our Privacy Notice at any time and you should check this Privacy Policy periodically. If we make any substantial changes to this Privacy Notice, we will notify you by placing a prominent notice on our website. 

 

Contact Us:

If you have any questions about this Privacy Notice or the data that we keep about you and how we use it, please contact us at 0208 451 5278 or email on info@brentmencap.org.uk.

Affiliate Mencap logo

Brent Mencap

379-381 High Rd, London NW10 2JR Tel: 020 8451 5278

Registered Charity Number: 1077038

Brent Mencap
bottom of page