Privacy Policy
Reflection Network Privacy Policy
Updated 28.3.22
Reflection Network takes the privacy of your information very seriously. This Privacy Policy is designed to tell you about our practices regarding the collection, use and disclosure of personal information which may be collected in person from you, obtained via the online form on our website, or collected through other means such as by email communication.
This notice is governed by the EU General Data Protection Regulation and UK GDPR (collectively referred to as the “GDPR”).
What personal data do we collect?
Contact information for donors who donate through the website, as well as any individuals who sign up to our mailing list (or ask or agree to receive information relating to our services) and our users generally who may contact us. This information may include names, email addresses, postal addresses, phone numbers and service preferences. We process this information when we communicate with you or provide services to you, on the basis of our legitimate interest in providing and operating our services.
A record of any correspondence or communication between you and Reflection Network. We process this information when we monitor our relationship with you and provide services to you, on the basis of our legitimate interest in providing our services and communicating with our partners and users.
Reflection Network will collect the above information from you directly but there may be occasions when we collect information from a third party. If we do obtain your personal data from a third party, your privacy rights under this notice are not affected and you are still able to exercise the rights contained within this notice.
This Privacy Policy also applies to personal data provided by our partner charities and their staff. When we process personal data of this nature we do so on the basis of our legitimate interest in providing and operating our services.
Data retention
Our current data retention policy is to delete or destroy (to the extent we are able to) personal data after a period of 7 years from the date you last used our services.
Sharing your information
Consultation
In the case of therapeutic work, Reflection Network seeks a monthly consultation with an external qualified therapist. The consultation process is to ensure best clinical practice. In order to protect your privacy, the consultant will not know you personally or professionally. If it is necessary to refer to any of your information in discussion with the consultant, a pseudonym will be used.
Emergencies
In the case of therapeutic work, if Reflection Network becomes aware that your health is in jeopardy (provided we have your consent), we may share your contact information with an emergency healthcare service (e.g. Mental Health Crisis Team). If we have become aware of your intent to cause harm to another person/organisation, the law may require that we inform an authority without seeking your permission. In such a situation, the law may require that I share your personal information without your knowledge (known as: whistle- blowing).
Your privacy rights
With respect to your personal data, you have the right to:
request that your personal data will not be processed
ask for a copy of any personal data that we have about you
request a correction of any errors in or update of the personal data that we have about you
request that your personal data will not be used to contact you for direct marketing purposes
request that your personal data will not be used for profiling purposes
request that your personal data will not be used to contact you at all
request that your personal data be transferred or exported to another organisation, or deleted from our records
at any time, withdraw any permission you have given us to process your personal data.
All requests or notifications in respect of your above rights may be emailed to us at the email address below. We will endeavour to comply with such requests as soon as possible but in any event we will comply within one month of receipt.
If personal data we hold about you is subject to a breach or unauthorised disclosure or access, we will report this to the Information Commissioner’s Office (ICO) and/or our data protection manager.
If a breach is likely to result in a risk to your data rights and freedoms, we will notify you as soon as possible.
Contact us
If at any time you would like to contact us with your views about our privacy practices, or with any enquiry or complaint relating to your personal information or how it is handled, please use the email address below.
Complaints
If we are unable to resolve any issues you may have or you would like to make a further complaint, you can contact the Information Commissioner’s Office by
visiting www.ico.org.uk/ for further assistance.