Here at Islington Mind, we are committed to protecting service users, employees and volunteers personal information and making every effort to ensure that personal information is processed in a fair, open and transparent manner.
We are a “data controller” for the purposes of the Data Protection Act 1998 and (from May 2018) the EU General Data Protection Regulation 2016/679 (“Data Protection Law”). This means that we are responsible for, and control the processing of, your personal information. For further information about our privacy practices, please contact our Data Protection Officer – currently Gideon Ahabwe (HR, Finance and Administration Officer) by:
Writing to Islington Mind, Unit 4, Archway Business Centre, 19-23 Wedmore Street, Islington, London, N19 4RU
Calling us on 020 3301 9850
How we collect information
Islington Mind’s work aims to ensure that we can help people experiencing mental health problems get both support and respect. We want to make sure that our service users and employees receive the communications that are most relevant to them, be it through visiting our website or receiving emails, post or phone calls. We want to make sure that people receive the best attention when they become users of our services, access a volunteering placement or employment opportunity, or make a donation.
We collect information in the following ways:
When people interact with us directly: This could be if people ask us about our activities, register with us for services, training, or an event, donate to us, ask a question about mental health, apply for a job or volunteering opportunity or otherwise provide us with personal information. This includes when people phone us, visit our website, or get in touch through the post, or in person. we ask every service user, and every volunteer to sign a consent form to keep their personal information.
When you interact with us through partners on their behalf: This could be through being eligible for clinical supervision as a volunteer counsellor which is delivered through trusted individuals working on our behalf and always under our instruction.
When people interact with us through third parties: This could be people who provide a donation through a third party such as MyDonate or one of the other third parties that we work with and provide your consent for your personal information to be shared with us.
When you visit our website: We gather general information which might include which pages you visit most often and which services, events or information is of most interest to you.
The information we collect and why we use it
The information we collect is used to achieve our vision that everyone experiencing a Mental Health problem gets support and respect. C.1 Personal information We collect personal details such as name, date of birth, email address, postal address, telephone number, credit/debit card details (if you are making a purchase or donation), as well as other information provided in any communications with us. This information is provided to us whilst an individual is registering with our services, making a donation, registering for an event, placing an order on our website or any of the other ways to interact with us.
Why do we use Personal Information
We will use the information you provide us with to carry out our work, which will include, amongst others, the following purposes:
to plan and deliver services
to create an appropriate person-centred support plan in line with your needs
to liaise effectively with other services for your benefit
to help protect you or others from abuse or harm
to help you arrange and receive services when needed
to ensure our services are accessible to all parts of society
to carry out our responsibilities to staff and volunteers, and to administer, and volunteering and employment arrangements
so that external regulators and inspectors can check and audit our services and ensure they meet the required standards
so that we may review, audit and improve the quality of our services and increase their benefit to you and others
to meet the needs of our funders’ monitoring procedures
to facilitate promotion of our services and fundraising.
to keep a record of our work and people / companies’ relationships with us
to process donations or other payments, to claim Gift Aid on donations and verify any financial transactions
to update with important administrative messages e.g. about donation, an event or services or goods requested
to comply with the Charities (Protection and Social Investment) Act 2016 and follow the recommendations of the official regulator of charities, the Charity Commission, which require us to identify and verify the identity of supporters who make major gifts so we can assess any risks associated with accepting their donations.
We may also use personal information:
to contact agencies about their work and how they can support Islington Mind (see Marketing below).
to invite people to participate in surveys or research or events. We will not be able to provide services, process donation, sign people up for a particular event without collecting relevant personal information that allows us to provide the requested service or follow up the requested activity.
Legal basis for using your information
In some cases, we will only use personal information where we have people’s consent to do so or because we need to use it in order to fulfil an agreement or contract. However, there are other lawful reasons that allow us to process personal information and one of those is called ‘legitimate interests’. This means that the reason that we are processing information is because there is a legitimate interest for Islington Mind to process personal information to help us to achieve our vision mentioned above. Whenever we process individual’s Personal Information under the ‘legitimate interest’ lawful basis we make sure that we take into account the individual’s rights and interests and will not process personal information if we feel that there is an imbalance.
Some examples of where we have a legitimate interest to process personal information are where we contact via post, phone or email, use personal information for data analytics, conducting research to better understand who our supporters are, improving our services, for our legal purposes (for example, dealing with complaints and claims), or for complying with guidance from the Charity Commission.
We may send information about our work and how to support us and about events by phone, email, text message, and postal address, unless we have been told not do so or not to do so in that way. You can update your choices or stop us sending you these communications at any time by contacting firstname.lastname@example.org
If a service user is happy to share personal details with staff members or if they would like us to share their story with the media or other parties as part of our work telling people’s personal stories about mental health (for example, on our blog) – they can of course decide if they want to remain anonymous.
The personal information we collect about service users will mainly be used by our staff and volunteers at Islington Mind so that they can provide adequate support. We will never sell or share service users’ personal information with organisations for marketing activities. Islington Mind may however share information with our trusted partners and who work with us on or on our behalf to deliver our services, but processing of this information is always carried out under our instruction. We make sure that these partners store the data securely, delete it when they no longer need it and never use it for any other purposes.
Some examples of where we may share information are with our partners who help us to process donations and claim Gift Aid and our partners who help us to manage our social media accounts. When we enter into contracts with these service providers we require them to comply with Data Protection Laws and ensure that they have appropriate controls in place to secure your information.
We may disclose information if required to do so by law (for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority.)
Keeping and storing information
We take looking after personal information very seriously. We have implemented appropriate physical, technical and organisational measures to protect the personal information we have under our control, both on and off-line, from improper access, use, alteration, destruction and loss.
Unfortunately, the transmission of information using the internet is not completely secure. Although we do our best to protect people’s personal information sent to us this way, we cannot guarantee the security of data transmitted to our site. Our websites may contain links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. Please be aware that websites that have links on our site may collect personally identifiable information about you. This privacy statement does not cover the information practices of those websites.
Any debit or credit card details which we receive on our website are passed securely to Sage Pay our payment processing partner, according to the Payment Card Industry Security Standards.
How long we hold your information for We keep personal information only for as long as is reasonable and necessary for the relevant activity, which may be to provide mental health support services or fulfil statutory obligations (for example, the collection of Gift Aid). We will delete information from our records, following a service user’s discharge from our services, and on their request.
You have various rights in respect of the personal information Islington Mind holds about you – these are set out in more detail below. If you wish to exercise any of these rights, you can do so by contacting us at Islington Mind, unit 4, Archway Business Centre, 19-23 Wedmore Street, Islington, London,N19 4RU, by email at email@example.com or by phone on 020 3301 9850. You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office.
Access to your personal information
You have the right to request access to a copy of the personal information that we hold about you, along with information on what personal information we use. You can make this request for access free of charge. Please make all requests for access in writing, and provide us with evidence of your identity.
Right to object
You can object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. Please contact us as noted above, providing details of your objection.
If you have given us your consent to use personal information for other than legal or duty of care reasons, for example, for marketing, you can withdraw your consent at any time. Rectification You can ask us to change or complete any inaccurate or incomplete personal information held about you.
You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.
You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it. We do not currently carry out any automated decision making. Please note, some of these rights only apply in certain circumstances and we may not be able to fulfil every request.
We may record your communications with us (including by telephone or email) for training, quality control and compliance purposes to ensure that we continuously improve our customer service standards.
Revised December 2020
Click here for a pdf copy