This privacy notice explains how Cymdeithas Caer Las (Caer Las) uses any personal information we collect about you when you engage with our support services.
Why we need your Personal Information
Caer Las receives money to pay for the services offered by our projects from funding or commissioning organisations (e.g. Supporting People). As part of this, we are required to collect and process certain information about you.
When you register with a Caer Las project, your personal information could be used for several purposes.
Examples of this information are:
Basic identifying information about you e.g. your name, address, National Insurance number, telephone number
Your current and past housing details
Information about your protected characteristics i.e. age, gender, disability, marital status, religion or belief and sexual orientation
Information about your next of kin, and dependents if this is relevant to the support we give you
Information about the support we give to you i.e. Case Notes, Support Plans, Risk Assessments
Details of any other agencies with whom you might be associated e.g. doctor’s surgery, solicitor.
Your medication / medical details if they are relevant to the support given
If relevant, your prior membership of Caer Las projects
Any other information which is relevant to the support offered by Caer Las
What we do with your information
We record information about our interactions with you
We use the data to measure your progress against your support plan
We use your anonymous data along with data from other people to measure our performance and the performance of our staff against our organisation’s stated targets
We use your data along with data from other people to return anonymous statistical information to our funders or commissioners (the organisations which provide the money to pay for the project’s services)
We will retain your information for as long as is required by the funder or commissioner of the project from which you receive services. This is generally three years following the last date of data entry.
Sharing your Personal Information
In some cases, your data may be shared with the funder or commissioner of the project from which you are receiving a service.
From time to time, Caer Las will need to share your data with another individual or agency on your behalf. You will need to give your consent for this each individual time it is needed.
Supporting People Programme: If the project from which you receive services is funded by the Supporting People Programme, your information may be shared the Local Authority and the Welsh Government as part of an audit. This may include your name and contact details, protected characteristics, support plans, monitoring notes, outcomes, consultation undertaken following review or monitoring visits, and complaints and POVA information
Care Inspectorate Wales: If you are joining our Willow Project, we have a legal obligation to allow Care Inspectorate Wales to inspect the personal information held in your file, for the purposes of ensuring that the project meets the legal requirements and obligations placed upon it.
Transferring your Personal Information
It is sometimes necessary to store your data outside of the European Union. Where this is the case, Caer Las will comply fully with the provisions of the General Data Protection Regulation and Data Protection Bill.
Access to your information and correction
You have the right to request a copy of the information we hold about you. If you would like a copy of some or all of your personal information, please email or write to us using the information in the “How to contact us” section below.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
If you believe that we have not handled your information correctly, you have the right to complain to the Information Commissioner’s Office. Please view the website www.ico.org.uk
Caer Las is committed to maintaining the security of your personal information. We are committed to reducing risks of human error, theft, fraud, and misuse of our IT facilities. We make staff aware of security policies and train our employees to implement them. Our staff are obligated to sign written confidentiality agreements, attend regular training on information protection, and comply with company policies concerning protection of confidential information. We are Cyber Essentials certified.
How to contact us
The Subject Access request Officer is: Mathew Morgan
Or write to
Subject Access Request Officer,
The Customs House,
Swansea. SA1 1RG