National Communities Resource Centre Privacy Notice

The National Communities Resource Centre (NCRC) is part of the Regenda Group and provides training for tenants, residents and front-line staff.

This privacy notice tells you what to expect when NCRC collects your personal information.

This privacy notice will tell you:

1. The data we collect and how we do this
2. How we use your personal data
3. Legal bases for data processing
4. Who we share your personal data with
5. How your personal data is sent outside of the UK and European Economic Area
6. How long we keep your personal data 
7. Protecting your personal data
8. Cookies
9. The choices and rights you have when it comes to your personal data
10. Getting in touch with us
11. Information Commissioners Office

The data we collect and how we do this

We collect personal information to keep you updated on events and services and to ask for your thoughts and feedback.  This typically includes collecting the following information:

• Name, job title, email address, geographical region, organisation address, telephone number.
• Interactions you have had with us, such as attending an event.
• Financial information as part of your registration, booking or donation.
• Using the information above, we keep a record of the types of future events we think you may be interested in.

How we use your personal data

We collect your personal information to manage events and may contact you to:

• Promote events
• To inform you about policy updates and reports
• To request feedback and input for consultations and research projects
• To update you on our latest products and services.

Legal Bases for data processing

NCRC will use one or more of the following reasons to lawfully process your information:

• Contract: It is necessary for managing your contract with NCRC
• Legal Requirement: It is required by law.
• Legitimate Interest: It is in the legitimate interest of NCRC or a third party. It is in our interest to:
• Communicate with you to keep you updated on our services.
• Retain and process next of kin and emergency contact details.
• Carry out customer surveys with a third party to help us improve services to you.
• Operate CCTV in and around some of our offices.
• Consent: You have given your explicit consent.

If you wish to withdraw your consent at any time, please contact dataprotection@regenda.org.uk 

• Vital Interest: On very rare occasions we may use or share data about you to protect you or someone else.
• Public interest: We might use data in order to pursue something that’s of key interest to what’s called the ‘substantial public interest’. This would always be in accordance with the Data Protection Act 2018. These interests cover things like the safeguarding of people at risk and safeguarding the economic wellbeing of certain people.

Who we share your personal data with

We will not share your personal information without your consent or allowed to do so by law in the following circumstances:

• Safeguarding
• Prevention or detection of crime
• Apprehension or prosecution of offenders
• Assessment or collection of tax or duty owed to customs and excise
• in connection with legal proceedings
• Public health
• To comply with the law.

We won’t share your personal information with anyone who claims to represent you unless we are satisfied that you have appointed them, or they act in some recognised official capacity.

Contracted partner

NCRC works with a contracted partner, The London School of Economics (LSE), to promote, develop and run some of its training and residential programmes. LSE therefore has access to your data as part of these programmes. LSE’s own privacy statement can be viewed at https://www.lse.ac.uk/lse-information/privacy-policy

How your personal data is sent outside of the UK and European Economic Area

We (or a third party who we share personal data with) might host, store, and handle that personal data outside of the European Economic Area (EEA). Some of our customer service work is done outside the EEA, to make sure we operate as easily as possible. This means that we’ll send your personal data to suppliers based outside the EEA.

When we send data outside of the EEA, we make sure that all the right safeguards have been put in place to protect your personal data.

This means that we’ll:

• Make sure the country where your personal data will be handled has been deemed “adequate” by the Information Commissioner’s Office (“ICO”) in accordance with the UK GDPR.
• Include standard data protection clauses (approved by the ICO for transferring personal data outside the UK and EEA) in our contracts with those third parties – these are the clauses approved under Article 46.2 of the UK GDPR.

How long do we keep your personal data

We keep your personal data for no longer than is necessary. This means that when we don’t need it anymore, we delete it. The length of time we keep it all depends on why we’re using it and/or what we need to do to comply with applicable laws and to establish, exercise, or defend our legal rights.

In some circumstances, we might anonymise your personal data (so that it can no longer be associated with you) and use this indefinitely, without further notice.

Protecting your personal data

We follow strict security procedures to protect your personal data. This includes following certain guidelines (for example, checking your identity when you phone us).

Whilst we take appropriate technical and organisational measures and have in place physical and electronic procedures necessary to safeguard the personal data that you provide to us, no transmission to or from us by post, email, phone, SMS or over the internet can ever be guaranteed as entirely secure. Communications over the web are not secure and as such, we cannot accept any liability or responsibility for any unauthorised access or loss of personal data.

We also have procedures in place to deal with any suspected data security breach. We’ll notify you and any applicable regulator of a suspected data security breach where we’re legally required to do so.

Cookies

The NCRC website uses cookies. Cookies are small text files placed on your web browser, computer or mobile device when you visit any website. They are used to make websites work and improve user experience.

You can control cookies through the settings of your web browser. To find out more, visit www.aboutcookies.org or www.allaboutcookies.org

When you visit our websites, you’ll be presented with a cookie banner. It lets you choose whether to accept the use of cookies on our site or not.

How do we use cookies?

We use information supplied by cookies to help us:

• Analyse your use of our websites to provide you with a more personalised online user experience.
• Improve our website by displaying content that is most relevant to individual visitors.
• Advertise NCRC products on other websites, based on your visits to our sites.
• Ensure you receive advertising from us that is relevant to you and your interests.
• Remember certain personal preferences, such as your language setting and preferred configurations.

For instance, depending on your cookie choices, we may use information about your devices and your online interactions to provide, analyse and improve our services. This may include personalising content or advertising for you.

Google Analytics

The Regenda Group uses Google Signals, which is a feature of Google Analytics and provides insights into users’ cross-device behaviour.  Google Signals installs cookies on visitors’ devices when visitors are signed into their Google Account and have turned on Ads Personalisation.

Google Analytics collects data from the sites and apps visited from consenting users Google Accounts.  Google Analytics uses aggregated data, and no identifying personal data is shared. 

This includes information on age, gender and the interests of website visitors to help give us a clearer picture of website visitors, to track performance of marketing campaigns and to help create more effective ads based on users interests and preferences.

To find out how Google processes your information visit  Privacy Policy – Privacy & Terms – Google 

The choices and rights you have, when it comes to your personal data

Our contact details are in section 10, and you can always get in touch to ask that we:

• Give you further details about how we process your personal data
• Give you a copy of any personal data we hold about you
• Withdraw your consent for a way that we’re using your data (where we need your consent legally to use your personal information)
• Consider any valid objection you have to us processing your personal data (including the right to object to processing where we’re relying on our interests as a legal basis for processing)
• Update or delete personal data that we have about you
• Restrict the way that we process your personal data
• Consider any valid request to transfer your personal data to a third-party provider of services

Getting in touch with us 

If you’ve got any questions about data protection, or you’re not happy with how we’ve handled your data, please contact us via:

Address: Data Protection, The Regenda Group, The Foundry, 42 Henry Street, Liverpool, L1 5AY

Tel: 0151 703 3000

Email: dataprotection@regenda.org.uk

Information Commissioner’s Office (ICO)

If you’re not happy or you think our processing of your data doesn’t comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO):

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Telephone number: 0303 123 1113

Website: ico.org.uk

 Date: 29/05/2024