Privacy Policy

How you are involved with SIFA Fireside will inform how we collect and process your personal data, and may be for the following reasons:

• to provide you with support and access to our services that you have requested or been referred to;
• to process, record and communicate with you about donations you make to SIFA Fireside, including administering Gift Aid information;
• for our own internal purposes to keep a record of our relationship with you;
• to process job and volunteer applications and student placements;
• to find out what you think about our services or activities;
• to address and resolve complaints;
• to comply with applicable laws and regulations and requests from statutory agencies or funders.

When you interact with us, we may collect your:

• full name & contact details – including your email address, postal address and telephone number;
• company;
• bank account details;
• date of birth;
• donation history and Gift Aid details;
• records of your engagement with us;
• information you enter on our website or through our social media platforms;
• photos, video or audio recordings you have uploaded to our social media platforms e.g. for fundraising;
• employer’s information and National Insurance number if you are a payroll donor;
• copies of your solicitor’s details if you’ve pledged a legacy.

If you are a client of one of our services, we may also collect the following sensitive personal information (which includes Special Category Data and Criminal Offence data) about your:

• current housing status and housing history;
• racial or ethnic origin and or/nationality;
• physical and/or mental health;
• sexual orientation;
• actual or alleged criminal offences.

If you’re a job applicant or volunteer we may collect the following additional information about your:

• work history;
• education and training history.

We may use the following methods to collect this information:

• completion of paper or electronic forms;
• telephone, webchat, email, face to face communication;
• website forms or online surveys;
• third party companies like Virgin Money Giving, JustGiving, CAF donate;
• publicly available sources;
• messaging via social media.

If you are homeless or vulnerably housed client of SIFA Fireside, we may also receive information from local authorities, for example social care or housing teams or other professionals such as health practitioners or offender managers.

Depending on how you are involved with SIFA Fireside we may process your information on these bases:

• your consent (for example, to send you direct marketing by email or SMS. You can withdraw your consent at any time);
• to protect your vital interests (for example, if there is a risk of significant injury or harm);
• a contractual relationship (for example, if you are a volunteer at SIFA Fireside);
• processing that is necessary for compliance with legal and statuary obligation (for example, to process a Gift Aid declaration);
• Legitimate interest (for example, to provide our services).

If you are a homeless or vulnerably housed client of SIFA Fireside, we may collect and process sensitive data (Special Category Data) and Criminal Offence data, we do so under the following lawful bases:

• When processing Health Data for completing assessments to establish the services provided and risk assessments for the appropriateness of services, we do so on the basis of substantial public interest (under Article 9(2)(g) of the UK GDPR); and substantial
  public interest ground for safeguarding individuals at risk (under paragraph 18 of Schedule 1 to the DPA).
• When processing Criminal Offence Data for employee risk assessments, we do so on the basis of carrying out our legal obligation as an employer to take measures to keep our employees safe (under paragraph 2 of Schedule 1 to the DPA);
• For the processing of Criminal Offence Data for sharing with other third parties, we do so on the basis of substantial public interest (under Article 9(2)(g) of the UK GDPR) and substantial public interest ground for safeguarding individuals at risk (under paragraph 18 of Schedule 1 to the DPA);
• For the processing of Equality Data, we do so on the basis of a substantial public interest (under Article 9(2)(g) of the UK GDPR) and equality of treatment (under paragraph 8 of Schedule 1 of the DPA).

Depending on your involvement with SIFA Fireside we may share your personal data with the following parties and for these reasons:

• other homelessness organisations and partners in accordance with our charitable objectives;
• police or statutory services where there is a legal obligation to share data for the prevention or detection of crime.

If you visit our website we automatically record information. This includes:

• the pages you visit;
• how long you spend on our pages;
• how you were directed to our website;
• what kind of device you used to access our website.

Our website uses cookies. A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser. We use Google Analytics to analyse the use of our website. Google Analytics generates statistical and other information about website use by means of cookies. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. Google’s privacy policy is available at: http://www.google.com/privacypolicy.html. Most browsers allow you to reject all cookies. Blocking all cookies may have a negative impact upon the usability of many websites.

We use appropriate technical and organisational precautions to protect your personal data and to prevent the loss, alteration or misuse of your personal data. We store your data securely on paper files and electronic systems. Protection measures include:

• Data Protection training for all staff;
• Physical measures such as locked filing cabinets and door access controls;
• IT Security measures such as password protection, encryption and multifactor authentication.

We will store your personal data for an appropriate length of time to meet the purposes outlined in this policy. We will only hold your data for a longer period of time if it is permitted or required by law. The length of time that data is kept may depend on why we are processing it:

• Supporter and Donor information will be stored for a period of five years after our last interaction with you;
• Client information will be stored for a period of five years after leaving the service;
• Job applicant information will be stored for a period of six months after the selection process has been completed for unsuccessful candidates.

Once the retention period has passed, we will dispose of the data confidentially, anonymise it or permanently delete depending on the interaction you have had with us.

If you ask us not to contact you anymore, we will keep your basic details in order to ensure you do not receive unwanted materials in the future.

From time to time, clients, volunteers and supporters, may agree to give consent for their photo, video image or audio recording to be used in our promotional or fundraising materials (paper or electronic) such as annual reports, funding reports, website and promotional literature. We will not use any images or recordings without prior written or recorded consent. When we request consent, we will explain what it is for and how long the material will be in circulation. We will not use the material for any other purpose and unless further consent is given, we will stop using it after the following time period:

• six months for clients and service users (unless otherwise agreed)
• one year for volunteers and supporters.

Should you wish for the image or recording to be removed before that time we will remove it from our online publication and refrain from including it in any future written material.

If you are concerned about the way we have processed your personal data, please let us know by using the contact details at the bottom of this statement.

You can also complain to the ICO if you are unhappy with how we have used your data. The ICO’s address is:

Information Commissioner’s Office
Wycliffe House
Water Lane Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303-123-1113. ICO website: https://www.ico.org.uk.

If you have any questions, concerns or would like to exercise your rights under UK GDPR, let us know using any of the details below:

Email: office@sifafireside.co.uk
Telephone: 0121 766 1700
Post: SIFA Fireside, 48-52 Allcock Street, Birmingham, B9 4DY

This Privacy Statement will be reviewed on an annual basis and updated from time to time.