We're serious about protecting your privacy. Our privacy notice details what personal data we collect about you, how we use it, why we use it and who we share it with.
If you have any questions about data protection, please contact our Data Protection Officer by calling 01732 749400 or emailing dataprotection@wkha.org.uk.
-
Tenants
Tenant Privacy Notice
Controller: West Kent Housing Association, 101 London Road, Sevenoaks, Kent. TN13 1AX
Data Protection Officer: Ms Aminat King, (01732 749438 | dataprotection@wkha.org.uk).
Introduction
This privacy notice applies to all current and former tenants of West Kent. We collect and process personal information to manage our tenancy agreement with you.
What types of information do we collect about you?
Information we collect from you
Information collected throughout your tenancy
- Name
- Contact details
- Date of birth
- Next of kin details
- Payment details
- Financial details
- National insurance number
- Income and benefit details
- Photographs/CCTV Footage
- Health information (including sickness and disabilities)
- Right to work documentation (including passport and driving licence)
- Proof of housing eligibility
- Relationship status and dependants
- Criminal convictions
- Protected characteristics (including gender, race, ethnicity, religion or philosophical belief and sexual orientation)
- Start and end dates of tenancy
- Information contained in housing register application (including financial information and references)
- Information about the tenancy agreement
- Contact history
- Tenancy records (including repairs, anti-social behaviour, pets)
- Termination records (including notices, recharges and court documents)
- Complaint records
- Call Recordings
- Mutual exchange documentation
- Any marketing materials/photos of you and or your children ta
We will ask for this information under the tenancy agreement we hold with you. If you fail to provide personal information when requested, we may not be able to uphold the tenancy agreement, we may not be able to comply with our legal obligations, and you may be unable to exercise your statutory or contractual rights.
Why do we process your personal information?
We use your personal data to:
- Determine eligibility for social housing – including assessing your financial circumstances, considering any relevant criminal offences, and taking details of people in your household.
- Maintain and enforce the tenancy agreement – including charging and collecting rent, investigating breaches of tenancy, and providing a repairs service to you.
- Complying with our legal obligations – including the detection of fraud, safeguarding, and complying with equality and diversity legislation.
- Providing an effective housing management service – including keeping records of contact with tenants, providing references to other landlords and complying with regulatory standards.
- To conduct data analytics studies – which enable us to review and better understand suitability of our services.
- To communicate with you by your preferred means - including keeping you informed about services we offer which may be useful to you, upon receipt of written consent.
- To prevent, and detect fraud and resolve disputes
We will only process your personal information when the law allows us to. We believe you have a reasonable expectation, as our tenant, that we will process your personal data.
The lawful bases that we rely on to use your personal data are:
- To uphold the tenancy agreement we have with you
- To comply with our legal obligations
- To protect your vital interests, or to protect someone else’s vital interests
- Where it is necessary for our legitimate interests
- Where you have given consent to the processing.
Our legitimate interests are:
- Pursuing our business by assisting tenants with managing their tenancy and finances
- Pursuing our business by recovering money owed to us
- Protecting and maintaining our assets and housing stock
- Asking for opinions and feedback from our customers to improve our services
- Performing effective internal administration
- Protecting our confidential information
- Establishing, exercising or defending legal claims.
We use special category data to:
- Monitor equality and diversity statistics
- Reasonable adjustments to comply with the Equality Act 2010
- Assessing housing need
- Tailoring communication methods
- Assessing repair priorities
- Assessing level of risk to staff and others
- Referrals to support services
Special category data includes information relating to racial or ethnic origin, physical or mental health, sex life or sexual orientation, religious or philosophical beliefs, political opinions, membership of a Trade Union, allegations of criminal offences and criminal convictions and offences, along with biometric data such as fingerprints.
We use CCTV cameras to:
- Collect evidence of breaches of tenancy agreements including anti-social behaviour
- Collect evidence of criminal activity
We may share images and footage collected by CCTV to organisations such as the police and local authority if it will assist with their investigations.
We may use covert CCTV cameras where revealing our methods of collecting evidence will prejudice the outcome of investigations by us, the police or the local authority.
Photographs
We take photographs inside and outside our homes to:
- Monitor the condition of our components, health and safety risks and defects e.g. roof, kitchen, bathroom, doors, locks, flooring
- Evidence safeguarding concerns e.g. hoarding
- Evidence quality control of work we’ve undertaken
- Evidence fraud, financial crime and illegal sub-letting.
Where we take photographs for these purposes, we do not need your consent but we will tell you why we are taking photographs.
Who do we share your personal data with?
Your personal data is only accessed internally by the individuals and teams that need it to carry out the purposes above. For example, our Finance team use your payment details to charge you rent, and our Tenancy Services team use your tenancy records to check you are complying with the terms of your tenancy agreement.
We may share your data with the following categories of organisations:
- Contractors providing services to West Kent, such as repairs and maintenance
- Local authority teams such as benefit departments and social services
- Government departments such as the Ministry of Housing, Communities & Local Government
- Public services such as the police
- Support services such as financial assistance or personal care services
- Other housing associations
- Utility companies
- Tracing agents
- ICT service providers
- Auditors
- Professional advisers, such as solicitors
How do we keep personal information secure?
West Kent is committed to the data protection principles of collecting minimum personal data. Personal Data stored electronically is protected from unauthorised access and managed within a variety of IT software systems, which are designed to maintain a high level of security and confidentiality. Our systems are password protected and all electronic data is stored securely. All paper files are kept in locked cabinets. We also implement security measures which protect your data from unauthorised modification, improper disclosure and unlawful destruction or accidental loss. We have Data Processing Agreements in place that sets the standard of how your data should be used properly and protected. In addition, our employees complete mandatory information security and data protection training at the start of their employment, and annually thereafter to reinforce responsibilities and requirements set out in our information security policies.
How long do we hold your information?
Most of your personal information will be retained for six years after your tenancy comes to an end. This includes records of rent payments, contact history with you and details of any breaches of tenancy, such as anti-social behaviour.
The exceptions to this are:
- Information will not be retained if it has no bearing on the ongoing tenancy with us.
- Information such as criminal convictions will be retained for as long as necessary for verification purposes, and then deleted unless deemed relevant to the ongoing tenancy with us.
We do not envisage that any of your personal data will be transferred outside the European Economic Area.
We do not envisage that any decisions about you will be made by automated decision making.
Your rights
You have the following rights regarding your data, under data protection legislation. We will respond to any requests under data protection law within one calendar month.
- The right to be informed – this privacy notice is our way of informing you how your data is used.
- The right of access – you can request a copy of all the information we hold about you to check that we are lawfully processing it.
- The right to rectification – you can request that we rectify information about you that is incorrect.
- The right to erasure – also known as the right to be forgotten. You can request that information about you is deleted.
- The right to restrict processing – you can request that we pause processing your data so we can verify the lawfulness of processing.
- The right to object – you can request that we stop processing your information if you feel that the processing is not lawful.
- The right to data portability – you can request that data is transferred to another party so it can be reused across services.
Where you have given consent for us to use your data for specific purposes, you have the right to withdraw this consent at any time. If you would like to exercise any of the above rights, please contact our data protection officer on the contact details above.
The Information Commissioner’s Office (ICO) is the regulator for data protection in the UK. You have the right to make a complaint to the ICO if you feel that we have not complied with your data protection rights.
If you have a query or are dissatisfied with the outcome of your request, we encourage you to contact us in the first instance and we will consider your request in line with the UK GDPR. If you remain dissatisfied with our response in relation to your concern, you may contact the Information Commissioner’s Office who is the regulator for the UK GDPR, to make a formal complaint about how we have handled your personal data. If you decide to contact the ICO, please write to:
Information Commissioner's Office
Wycliffe House
Water Lane
Cheshire
SK9 5AF
icocasework@ico.org.uk
Or complete the online form here https://ico.org.uk/global/contact-us/.
-
Job applicants
Job Applicant Privacy Notice
Controller: West Kent Housing Association, 101 London Road, Sevenoaks, Kent. TN13 1AX
Data Protection Officer: Ms Aminat King | 07814069046 | dataprotection@wkha.org.uk
Introduction
This privacy notice applies to all job applicants to West Kent, whether directly or indirectly through an agency. We collect and process personal information to manage the recruitment process.
What types of information do we collect about you?
Information we collect from you
- Name
- Contact details
- Information contained in application (including CV and personal statement)
- Interview notes
- Right to work documentation (including driving licence and passport)
- Qualification certificates
- References
- Salary, benefits and pension entitlement
- Professional memberships
- Criminal convictions
- Health information (including disabilities)
- Protected characteristics (including gender, race, ethnicity, religion or philosophical belief, and sexual orientation)
- National insurance number
- Correspondence and the results of any written or online selection tests
- Details of periods of leave taken by you, including holiday, sickness absence, family leave and sabbaticals, and the reasons for the leave.
We will ask for this information to process your application for recruitment. You are under no statutory or contractual obligation to provide this information during the recruitment process. If you fail to provide personal information when requested, we may not be able to enter into an employment contract with you, we may not be able to comply with legal obligations, and you may not be able to exercise your statutory rights.
Why do we process your personal information?
We use your personal information to:
- Manage an effective recruitment process - including assessing your suitability for employment.
- Comply with legal obligations - including checking your right to work in the UK, complying with our duty to make reasonable adjustments and monitoring and reporting on equal opportunities.
- Keep appropriate records of our recruitment process and decisions- including keeping applicants informed of future employment opportunities for which they may be suited, upon consent.
We will only process your personal information when the law allows us to. We believe you have a reasonable expectation, as a job applicant, that we will process your personal data.
Information we obtain from CCTV images and building access
We operate CCTV at all our premises. While you are on-site at any of our offices, you may be recorded by our CCTV system. Prominent signs are displayed where CCTV is in operation.
CCTV images shall be retained for 30 days, or in the event of an incident requiring further investigation for no longer than 3 years after creation.
For details of when we may share CCTV images with third parties, see the section ‘Who do we share your personal data with?’ below.
The lawful bases that we rely on to process your personal information are:
- To determine whether to offer you a contract, or to enter into a contract with you
- To comply with our legal obligations
- Where it is necessary for our legitimate interests
- Where you have given consent for the processing.
Our legitimate interests are:
- Pursuing our business by hiring employees
- Performing effective internal administration
- Managing the recruitment process
- Conducting due diligence on prospective staff
- Establishing, exercising or defending legal claims.
We use special category data to:
- Monitor equality and diversity statistics
- Reasonable adjustments to comply with the Equality Act 2010.
Who do we share your personal data with?
Your personal data is only accessed internally by the individuals and teams that need it to carry out the purposes above. For example, members of the interview panel will receive copies of your personal data.
If your application is successful, we may share your personal information with:
- Organisations who carry out pre-employment reference and background checks
- The Disclosure and Barring Service, to obtain a criminal record check if necessary
- Former employers, to obtain references
- Professional advisers, such as solicitors
- Regulators
- Medical/occupational health professionals
- Recruitment agencies
- Public authorities, agencies, and other government bodies
How long do we hold your information?
If your application is unsuccessful, most of your information will be retained for six months after the end of the recruitment process.
The exceptions to this are:
- Where the law requires us to keep information for longer
- Information which we deem to protect us against legal risk, which we will keep for six years.
If your application is successful, we will retain the information collected during the recruitment process for the duration of your employment, in line with the Employee Privacy Notice.
How do we keep personal information secure?
West Kent is committed to the data protection principles of collecting minimum personal data. Personal Data stored electronically is protected from unauthorised access and managed within a variety of IT software systems, which are designed to maintain a high level of security and confidentiality. Our systems are password protected and all electronic data is stored securely. All paper files are kept in locked cabinets. We also implement security measures which protect your data from unauthorised modification, improper disclosure and unlawful destruction or accidental loss. We have Data Processing Agreements in place that sets the standard of how your data should be used properly and protected. In addition, our employees complete mandatory information security and data protection training at the start of their employment, and annually thereafter to reinforce responsibilities and requirements set out in our information security policies.
We do not envisage that any of your personal information will be transferred outside of the European Economic Area.
We do not envisage that any decisions about you will be made by automated decision making.
Your rights
You have the following rights regarding your data, under data protection legislation. We will respond to any requests under data protection law within one calendar month.
- The right to be informed – this privacy notice is our way of informing you how your data is used.
- The right of access – you can request a copy of all the information we hold about you to check that we are lawfully processing it.
- The right to rectification – you can request that we rectify information about you that is incorrect.
- The right to erasure – also known as the right to be forgotten. You can request that information about you is deleted.
- The right to restrict processing – you can request that we pause processing your data so we can verify the lawfulness of processing.
- The right to object – you can request that we stop processing your information if you feel that the processing is not lawful.
- The right to data portability – you can request that data is transferred to another party so it can be reused across services.
Where you have given consent for us to use your data for specific purposes, you have the right to withdraw this consent at any time. If you would like to exercise any of the above rights, please contact our data protection officer on the contact details above.
The Information Commissioner’s Office (ICO) is the regulator for data protection in the UK. You have the right to make a complaint to the ICO if you feel that we have not complied with your data protection rights.
If you have a query or are dissatisfied with the outcome of your request, we encourage you to contact us in the first instance and we will consider your request in line with the UK GDPR. If you remain dissatisfied with our response in relation to your concern, you may contact the Information Commissioner’s Office who is the regulator for the UK GDPR, to make a formal complaint about how we have handled your personal data. If you decide to contact the ICO, please write to:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AFicocasework@ico.org.uk
Or complete the online form here (https://ico.org.uk/global/contact-us/).
-
Volunteers
Volunteer Privacy Notice
Controller: West Kent Housing Association, 101 London Road, Sevenoaks, Kent. TN13 1AX
Data Protection Officer: Ms Aminat King, (01732 749438 | dataprotection@wkha.org.uk).
Introduction
This applies to all applicants to our volunteer service and our volunteers. We collect and process personal information to manage our relationship with you.
What types of information do we collect about you?
Information we collect from you
Information collected throughout your volunteering
- Name
- Contact details
- Date of birth
- Next of kin details
- Health information (including sickness and disabilities)
- Vehicle information and driving ability
- References
- Information contained in communication (such as emails and notes on systems)
- Meeting notes with your manager
We will ask for this information under the volunteer agreement we have with you. If you fail to provide personal information when requested, we may not be able to uphold the volunteer agreement, we may not be able to comply with our legal obligations, and you may be unable to exercise your statutory rights.
Why do we process your personal information?
We use your personal data to:
- Manage an effective volunteer recruitment process - including assessing your suitability for volunteering.
- Maintain the volunteer agreement - including contacting you about potential volunteer opportunities, processing expenses claims and monitoring performance against the Volunteer Code of Conduct.
- Complying with our legal obligations - including safeguarding and complying with equality and diversity legislation.
We will only process your personal information when the law allows us to. We believe you have a reasonable expectation, as an applicant to the volunteer service or a volunteer, that we will process your personal data.
The lawful bases that we rely on to use your personal data are:
- Where it is necessary for our legitimate interests
- To comply with our legal obligations
- To protect your vital interests, or to protect someone else's vital interests
- Where you have given consent to the processing.
Our legitimate interests are:
- Pursuing our business by recruiting volunteers to carry out work on our behalf
- Performing effective internal administration
- Protecting our confidential information
- Establishing, exercising or defending legal claims.
Who do we share your personal data with?
Your personal data is only accessed internally by the individuals and teams that need it to carry out the purposes above. For example, the manager for the service you are working on will have access to your details in case they need to contact you about your volunteer work.
We may share your personal data with the following categories of organisations:
- Organisations that ask for a reference about you
- ICT service providers
- Auditors
- Professional advisers, such as solicitors
- Regulators.
How do we protect your information?
- West Kent has employed data loss prevention strategies to protect against and recover from data loss
- Firewalls are used to ensure that only authorised members of staff can access or transfer data
- Personal data is password protected with restricted access granted on a ‘need to know’ basis
- Personal data is not shared with third parties for marketing purposes
- Staff have been trained with strict data processing techniques
How long do we hold your information?
Most of your personal information will be retained for one year after your volunteer work comes to an end.
The exception to this is information will not be retained if it has no bearing on any ongoing volunteering with us.
We do not envisage that any of your personal data will be transferred outside the European Economic Area.
We do not envisage that any decisions about you will be made by automated decision making.
Your rights
You have the following rights regarding your data, under data protection legislation. We will respond to any requests under data protection law within one calendar month.
- The right to be informed – this privacy notice is our way of informing you how your data is used.
- The right of access – you can request a copy of all the information we hold about you to check that we are lawfully processing it.
- The right to rectification – you can request that we rectify information about you that is incorrect.
- The right to erasure – also known as the right to be forgotten. You can request that information about you is deleted.
- The right to restrict processing – you can request that we pause processing your data so we can verify the lawfulness of processing.
- The right to object – you can request that we stop processing your information if you feel that the processing is not lawful.
- The right to data portability – you can request that data is transferred to another party so it can be reused across services.
Where you have given consent for us to use your data for specific purposes, you have the right to withdraw this consent at any time. If you would like to exercise any of the above rights, please contact our data protection officer on the contact details above.
The Information Commissioner’s Office (ICO) is the regulator for data protection in the UK. You have the right to make a complaint to the ICO if you feel that we have not complied with your data protection rights.
If you have a query or are dissatisfied with the outcome of your request, we encourage you to contact us in the first instance and we will consider your request in line with the UK GDPR. If you remain dissatisfied with our response in relation to your concern, you may contact the Information Commissioner’s Office who is the regulator for the UK GDPR, to make a formal complaint about how we have handled your personal data. If you decide to contact the ICO, please write to:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AFicocasework@ico.org.uk
Or complete the online form here https://ico.org.uk/global/contact-us/.
-
Abacus Furniture Project Customers
Abacus Furniture Project Customers Privacy Notice
Controller: West Kent Housing Association, 101 London Road, Sevenoaks, Kent. TN13 1AX
Data Protection Officer: Ms Aminat King | 01732 749438 | dataprotection@wkha.org.uk
Introduction
This privacy notice applies to all current and former customers of our Abacus furniture stores. We collect and process personal information to carry out the transaction with you.
What types of information do we collect about you?
Information we collect from you
- Name
- Contact details
- Delivery address
- Payment information
We will ask for this information under the contract we form with you when we enter into a transaction. If you fail to provide personal information when requested, we may not be able to uphold the contract, we may not be able to comply with our legal obligations, and you may be unable to exercise your statutory or contractual rights.
Why do we process your personal information?
We use your personal data to:
- Uphold the sales contract - including collecting payment and delivering furniture to your chosen delivery address.
- To provide you with information - including products, or services which we feel may be of interest to you, upon receiving your consent to be contacted for such purposes.
- Respond to incoming enquiries
- To notify you about changes to our service
We will only process your personal information when the law allows us to. We believe you have a reasonable expectation, as our customer, that we will process your personal data.
The lawful bases that we rely on to use your personal data are:
- To uphold the contract we have with you
- Where you have given consent for the processing.
Who do we share your personal data with?
- We may share information with the local authority or police to assist with safeguarding individuals and to prevent crime
- With banks, for example, to carry out payments through a secure system;
- We may share information if we have a legal obligation to do so or to comply with GDPR legislation
- Information about you may be provided to authorised debt recover agencies to enable them to recover any monies owed to West Kent.
Your personal data is only accessed internally by the individuals and teams that need it to carry out the purposes above. For example, our team will use your delivery address to deliver furniture, where you have requested this service.
How do we keep personal information secure?
West Kent is committed to the data protection principles of collecting minimum personal data. Personal Data stored electronically is protected from unauthorised access and managed within a variety of IT software systems, which are designed to maintain a high level of security and confidentiality. We also implement security measures which protect your data from unauthorised modification, improper disclosure and unlawful destruction or accidental loss. In addition, our employees complete mandatory information security and data protection training at the start of their employment, and annually thereafter to reinforce responsibilities and requirements set out in our information security policies.
How long do we hold your information?
Most of your personal information will be retained for one year after you purchase a product from us. This includes your name, address and contact details, in case there is a query with your order.
We do not envisage that any of your personal data will be transferred outside the European Economic Area.
We do not envisage that any decisions about you will be made by automated decision making.
Your rights
You have the following rights regarding your data, under data protection legislation. We will respond to any requests under data protection law within one calendar month.
- The right to be informed – this privacy notice is our way of informing you how your data is used.
- The right of access – you can request a copy of all the information we hold about you to check that we are lawfully processing it.
- The right to rectification – you can request that we rectify information about you that is incorrect.
- The right to erasure – also known as the right to be forgotten. You can request that information about you is deleted.
- The right to restrict processing – you can request that we pause processing your data so we can verify the lawfulness of processing.
- The right to object – you can request that we stop processing your information if you feel that the processing is not lawful.
- The right to data portability – you can request that data is transferred to another party so it can be reused across services.
Where you have given consent for us to use your data for specific purposes, you have the right to withdraw this consent at any time. If you would like to exercise any of the above rights, please contact our data protection officer on the contact details above.
Further information
If you would like further information about how we manage your data, please see the privacy
notice for West Kent at https://www.westkent.org/privacy/ or by ringing 01732 749438.
The Information Commissioner’s Office (ICO) is the regulator for data protection in the UK. You have the right to make a complaint to the ICO if you feel that we have not complied with your data protection rights.
If you have a query or are dissatisfied with the outcome of your request, we encourage you to contact us in the first instance and we will consider your request in line with the UK GDPR. If you remain dissatisfied with our response in relation to your concern, you may contact the Information Commissioner’s Office who is the regulator for the UK GDPR, to make a formal complaint about how we have handled your personal data. If you decide to contact the ICO, please write to:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AFicocasework@ico.org.uk
Or complete the online form here https://ico.org.uk/global/contact-us/.
-
Youth Services Customers Privacy Notice
Youth Services Privacy Notice
Introduction
This section applies to young people who take part in our youth services, including the 8-12s Project, House, and Youth Forums. We provide these services on behalf of Kent County Council.
Data Controller: Kent County Council, County Hall, Maidstone, ME14 1QX (data.protection@kent.gov.uk)
Data Processor: West Kent Housing Association, 101 London Road, Sevenoaks, TN13 1AX
Data Protection Officer: Ms Aminat King | 01732 749438 | dataprotection@wkha.org.uk
What types of information do we collect about you?
Information we collect from you
Information collected throughout your time with us
- Name
- Contact details
- Date of birth
- Next of kin details
- Health information (including sickness and disabilities)
- Contact history
- Progress with support
- Photographs
We will ask for this information as a result of your wish to participate in youth services. If you fail to provide personal information when requested, we may not be able to enrol you onto a service, we may not be able to comply with our legal obligations, and you may not be able to exercise your statutory or contractual rights.
Why do we process your personal data?
We use your personal data to:
- Provide youth services - including checking your attendance, letting you know about future events, and measuring your progress throughout a support service.
- Complying with our legal obligations - including safeguarding.
We will only process your personal information when the law allows us to. We believe you have a reasonable expectation, as someone using our youth services, that we will process your personal data.
The lawful bases we rely on to use your personal data are:
- Where you have given consent to the processing
- Where it is necessary for our legitimate interests
- To comply with our legal obligations
- To protect your vital interests, or to protect someone else's vital interests.
Our legitimate interests are:
- Furthering our charitable interests by marketing future services
- Performing effective internal administration
- Establishing, exercising or defending legal claims.
We use special categories of data to:
- Ensure the health and safety of individuals.
Who do we share your personal data with?
Your personal data is only accessed internally by the individuals and teams that need it to carry out the purposes above. Your data may also be shared with:
- Other services within KCC; including Youth Engagement Service, Social Care, Children’s Services
- Schools and other Learning settings.
- Other partners such as Ofsted, health, and the Police.
We may share your data with Kent County Council, who is the data controller for your personal data.
How long do we hold your information?
We will retain your data for 18 months after your last contact with us. Kent County Council will retain your data until you reach the age of 25.
The exception to this is information that has no bearing on the ongoing relationship with us, which will not be retained.
We do not envisage that any of your personal data will be transferred outside the European Economic Area.
We do not envisage that any decisions about you will be made by automated decision making.
How your information is used by KCC:
Our Children’s Centres and Youth Hubs/services work in an integrated way with other children’s services teams in KCC and with partner organisations to ensure we deliver the best possible outcomes for children, young people and families in Kent.
We collect and use your personal information to carry out tasks in the public interest. If we need to collect special category (sensitive) personal information, we rely upon reasons of substantial public interest (equality of opportunity or treatment).
We use your information to: Enable integrated working with other teams and organisations to ensure you receive the right support at the right time; plan and provide the most appropriate level of support to you and your family; and evaluate and quality assure the services we provide.
We may share your information with: Teams within Kent County Council working to improve outcomes for children and young people; commissioned providers of local authority services; schools; and partner organisations signed up to the Kent & Medway Information Sharing Agreement, where necessary, which may include health visitors, midwives, housing providers, Police, school nurses, doctors and mental health workers.
Your rights
You have the following rights regarding your data, under data protection legislation. We will respond to any requests under data protection law within one calendar month.
- The right to be informed – this privacy notice is our way of informing you how your data is used.
- The right of access – you can request a copy of all the information we hold about you to check that we are lawfully processing it.
- The right to rectification – you can request that we rectify information about you that is incorrect.
- The right to erasure – also known as the right to be forgotten. You can request that information about you is deleted.
- The right to restrict processing – you can request that we pause processing your data so we can verify the lawfulness of processing.
- The right to object – you can request that we stop processing your information if you feel that the processing is not lawful.
- The right to data portability – you can request that data is transferred to another party so it can be reused across services.
Where you have given consent for us to use your data for specific purposes, you have the right to withdraw this consent at any time. If you would like to exercise any of the above rights, please contact our data protection officer on the contact details above.
Further information
If you would like further information about how we manage your data, please see the privacy
notice for West Kent at https://www.westkent.org/privacy/ or by ringing 01732 749438.
The Information Commissioner’s Office (ICO) is the regulator for data protection in the UK. You have the right to make a complaint to the ICO if you feel that we have not complied with your data protection rights.
If you have a query or are dissatisfied with the outcome of your request, we encourage you to contact us in the first instance and we will consider your request in line with the UK GDPR. If you remain dissatisfied with our response in relation to your concern, you may contact the Information Commissioner’s Office who is the regulator for the UK GDPR, to make a formal complaint about how we have handled your personal data. If you decide to contact the ICO, please write to:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AFicocasework@ico.org.uk
Or complete the online form here https://ico.org.uk/global/contact-us/.
-
Garage customers
Garage Licensee Privacy Notice
Controller: West Kent Housing Association, 101 London Road, Sevenoaks, Kent. TN13 1AX
Data Protection Officer: Ms Aminat King, (01732 749438 | dataprotection@wkha.org.uk)
Introduction
This applies to all current and former garage licensees of West Kent. We collect and process personal information to manage our licence with you.
What types of information do we collect about you?
Information we collect from you
Information collected throughout your relationship with us
- Name
- Contact details
- Date of birth
- Payment details
- Financial details
- Verification documentation (including passport and driving licence)
- Proof of address
- Start and end dates of licence
- Information contained in garage application (including financial information and references)
- Information about the licence agreement
- Contact history
- Tenancy records (including repairs and anti-social behaviour)
- Termination records (including notices, recharges and court documents)
- Complaint records
We will ask for this information under the licence we hold with you. If you fail to provide personal information when requested, we may not be able to uphold the licence, we may not be able to comply with our legal obligations, and you may not be able to exercise your statutory or contractual rights.
Why do we process your personal data?
We use your personal data to:
- Maintain and enforce the licence - including charging and collecting rent, investigating breaches of licence, and providing a repairs and maintenance service.
- Complying with our legal obligations - including the detection of fraud, safeguarding, and complying with equality and diversity legislation.
- Providing an effective garage management service - including keeping records of contact with customers, providing references to other landlords and complying with regulatory standards.
We will only process your personal information when the law allows us to. We believe you have a reasonable expectation, as our licencee, that we will process your personal data.
The lawful bases we rely on to use your personal data are:
- To uphold the licence we have with you
- To comply with our legal obligations
- To protect your vital interests, or to protect someone else's vital interests
- Where it is necessary for our legitimate interests
- Where you have given consent to the processing.
Our legitimate interests are:
- Pursuing our business by assisting customers with managing their licence and finances
- Pursuing our business by recovering money owed to us
- Protecting and maintaining our assets and garage stock
- Asking for opinions and feedback from our customers to improve our services
- Performing effective internal administration
- Protecting our confidential information
- Establishing, exercising or defending legal claims.
Who do we share your personal data with?
Your personal data is only accessed internally by the individuals and teams that need it to carry out the purposes above. For example, our Finance team use your payment details to charge you rent, and our iNHomes team use your records to check you are complying with the terms of your licence.
We may share your data with the following categories of organisations:
- Contractors providing services to West Kent, such as repairs and maintenance
- Public services such as the police
- Tracing agents
- ICT service providers
- Auditors
- Professional advisers, such as solicitors
- Regulators.
How do we keep personal information secure?
West Kent is committed to the data protection principles of collecting minimum personal data. Personal Data stored electronically is protected from unauthorised access and managed within a variety of IT software systems, which are designed to maintain a high level of security and confidentiality. We also implement security measures which protect your data from unauthorised modification, improper disclosure and unlawful destruction or accidental loss. In addition, our employees complete mandatory information security and data protection training at the start of their employment, and annually thereafter to reinforce responsibilities and requirements set out in our information security policies.
How long do we hold your information?
Most of your personal information will be retained for six years after your licence comes to an end. This includes records of rent payments, contact history with you and details of any breaches of licence.
The exception to this is information that has no bearing on the ongoing licence with us, which will not be retained.
We do not envisage that any of your personal data will be transferred outside the European Economic Area.
We do not envisage that any decisions about you will be made by automated decision making.
Your rights
You have the following rights regarding your data, under data protection legislation. We will respond to any requests under data protection law within one calendar month.
- The right to be informed – this privacy notice is our way of informing you how your data is used.
- The right of access – you can request a copy of all the information we hold about you to check that we are lawfully processing it.
- The right to rectification – you can request that we rectify information about you that is incorrect.
- The right to erasure – also known as the right to be forgotten. You can request that information about you is deleted.
- The right to restrict processing – you can request that we pause processing your data so we can verify the lawfulness of processing.
- The right to object – you can request that we stop processing your information if you feel that the processing is not lawful.
- The right to data portability – you can request that data is transferred to another party so it can be reused across services.
Where you have given consent for us to use your data for specific purposes, you have the right to withdraw this consent at any time. If you would like to exercise any of the above rights, please contact our data protection officer on the contact details above.
The Information Commissioner’s Office (ICO) is the regulator for data protection in the UK. You have the right to make a complaint to the ICO if you feel that we have not complied with your data protection rights.
If you have a query or are dissatisfied with the outcome of your request, we encourage you to contact us in the first instance and we will consider your request in line with the UK GDPR. If you remain dissatisfied with our response in relation to your concern, you may contact the Information Commissioner’s Office who is the regulator for the UK GDPR, to make a formal complaint about how we have handled your personal data. If you decide to contact the ICO, please write to:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AFicocasework@ico.org.uk
Or complete the online form here https://ico.org.uk/global/contact-us/.
-
Website cookies
Cookies are small text files that are stored on your device when you visit our website. They allow the website to function properly, personalise some functions and analyse how people use our website.
Analytics cookies
These cookies allow us to track your behaviour while using our website. We use this data to see how visitors are navigating through the website, helping us improve the layout and design. They also let us know how many visits each page is getting.
We will not use these cookies unless you give us your consent. We will ask your consent the first time you visit our website and periodically after that. You can give or withdraw your consent at any time using the 'C' icon at the bottom right of the website.
Cookie name
Description
Duration
_ga
This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. 2 years _gid
This cookie is used to distinguish users and to store and update a unique value for each page visited. 24 hours
_gat
This cookie is used to throttle the request rate - limiting the collection of data on high traffic sites. 10 minutes
_hjid
This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behaviour in subsequent visits to the same site will be attributed to the same user ID. 365 days
_hjIncludedInSample
This cookie uniquely identifies a visitor during a single browser session and indicates they are included in an audience sample. 365 days
_hjAbsoluteSessionInProgress
The cookie is set so Hotjar can track the beginning of the user's journey for a total session count. It does not contain any identifiable information. 30 minutes
_ga_*
Google Analytics sets this cookie to store and count page views. 2 years
NID
NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, and to measure the effectiveness of ads. 6 months
Strictly necessary cookies
These cookies are crucial to the functioning of the website and cannot be switched off in our cookie settings.
We do not ask for consent for these cookies and they are used by default. You can block these cookies by changing your browser settings, but the website may not function as intended and some parts of the website may not work.
Cookie name
Description
Duration
ARRAffinity
This cookie is set by websites run on the Windows Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. Session
__atuvc
This cookie is associated with the AddThis social sharing widget which is commonly embedded in websites to enable visitors to share content with a range of networking and sharing platforms. It stores an updated page share count. 2 years
__atuvs
This cookie is associated with the AddThis social sharing widget which is commonly embedded in websites to enable visitors to share content with a range of networking and sharing platforms. This is believed to be a new cookie from AddThis which is not yet documented, but has been categorised on the assumption it serves a similar purpose to other cookies set by the service. 30 minutes
_ _cf_bm This cookie, used by Cloudfare, supports Cloudfare bot management Session ARRAffinitySameSite This cookie is set by Windows Azure Cloud, and is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session. Session Third party cookies
We embed videos from YouTube on our website. All of the Youtube videos on our website have been embedded with 'privacy-enhanced mode' turned on. This means we can use Youtube videos without using cookies that track viewing behaviour. For more information on the cookies that YouTube collects please visit Google's Privacy Policy.
Your rights
You have the following rights regarding your data, under data protection legislation. We will respond to any requests under data protection law within one calendar month.
- The right to be informed - this privacy notice is our way of informing you how your data is used.
- The right of access - you can request a copy of all the information we hold about you to check that we are lawfully processing it.
- The right to rectification - you can request that we rectify information about you that is incorrect.
- The right to erasure - also known as the right to be forgotten. You can request that information about you is deleted.
- The right to restrict processing - you can request that we pause processing your data so we can verify the lawfulness of processing.
- The right to object - you can request that we stop processing your information if you feel that the processing is not lawful.
- The right to data portability - you can request that data is transferred to another party so it can be reused across services.
Where you have given consent for us to use your personal data for specific purposes, you have the right to withdraw this consent at any time. If you would like to exercise any of the above rights, please contact our Data Protection Officer on the contact details above.
The Information Commissioner's Office (ICO) is the regulator for data protection in the UK. You have the right to make a complaint to the ICO if you feel that we have not complied with your data protection rights.
If you have a query or are dissatisfied with the outcome of your request, we encourage you to contact us in the first instance and we will consider your request in line with the UK GDPR. If you remain dissatisfied with our response in relation to your concern, you may contact the Information Commissioner’s Office who is the regulator for the UK GDPR, to make a formal complaint about how we have handled your personal data. If you decide to contact the ICO, please write to:
Information Commissioner's Office
Wycliffe House
Water Lane
Cheshire
SK9 5AF
icocasework@ico.org.uk
Or complete the online form here https://ico.org.uk/global/contact-us/.