Skip to main content

Website privacy statement

Cookies

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

Google Analytics – Our website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies to analyse website traffic and user behavior. The information generated by the cookies, including your IP address, is transmitted to and stored by Google. Google may use this information for the purpose of evaluating website usage, compiling reports on website activity, and providing other services relating to website activity and internet usage.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

We use your details for the following purposes: 

  • Google Analytics – Usage data shared with Google
  • Purchasing events / payments – Personal data, name, contact details used for processing payments
  • Zoho Campaigns sign up – Name and email used for promotional purposes

How long we retain your data

For users that register on our newsletter, we store the personal information in the database of Zoho Campaigns; a respected US-based email marketing content provider, who have their own stringent Data Processing Agreement

 

Data Protection Policy for the Red Brick Building

1. Introduction

1.1. Red Brick Building Centre Ltd (RBBC), and all its subsidiaries, records and stores personal information about investors, staff, volunteers, experts, customers and other individuals. Information that identifies a living individual is covered by the EU General Data Protection Act 2010 The purpose of the Act is to prevent harm to the individual in the first instance and, secondly, to respect the individual’s rights in relation to the collection, storage, usage and distribution of personal information.

1.2. Confidentiality is a key issue in data protection and this policy should be read together with the RBBCs Confidentiality Policy as the two are lined to work together/

2. Information Commissioner’s Office (ICO) registration

RBBC is registered with the ICO Data Protection Register.

3. Data Protection Principles

1. Anyone processing personal data must comply with the six principles of good practice, which state that data must be: Personal data must be processed fairly and lawfully and in a transparent manner.
2. Personal information must be collected for specified, explicit and legitimate purposes.
3. Personal data must be adequate, relevant and limited to what is necessary for the purpose.
4. Personal data must be accurate and up to date.
5. Personal data must not be kept longer than is necessary.
6. Personal information must be processed in a manner which ensures security of the personal data against unlawful processing, accidental loss, destruction or damage.

4. Personal Data

1. This policy applies to information relating to identifiable, living individuals even where it is technically outside the scope of the Data Protection Act.
2. Personal data covers both facts and opinions about the individual and can be any type of material, including text, photographs, video, or audio material.
3. The term ‘data’ includes any information held on computer or in a ‘relevant filing system’. That means any filing system structured in a way that ‘specific information relating to a particular individual is readily accessible’. Records intended to go onto a computer or into a filing system are also considered to be data – e.g., notes taken during an interview with a client.

5. Responsibilities and Sanctions

5.1. The Board of Directors has overall responsibility for ensuring that RBBC complies with its legal obligations.

5.2. The HR Manager is the Data Protection Officer, with the following responsibilities:

  • Briefing the Board of Directors on data protection responsibilities.
  • Reviewing data protection and related policies and procedures.
  • Advising workers on data protection issues.
  • Ensuring that data protection induction and training takes place.
  • Dealing with requests from individuals to see the data the RBB holds about them
  • Notification.
  • Assisting workers with issues concerning disclosures of personal data.

5.3 The Facilities Manager, Anthony is responsible for:

  • Ensuring all systems, services and equipment used for storing data meet acceptable security standards.
  • Performing regular checks and scans to ensure security hardware and software is functioning properly.
  • Evaluating any third-party services, the company is considering using to store or process data. For instance, cloud computing services.

5.4. All workers (staff and volunteers) must read, understand, and accept any policies and procedures that relate to the personal data they may handle in the course of their work.

5.5. Significant breaches of policy/procedure will be handled under RBBC’s disciplinary procedures and could result in criminal charges against individual staff members or Board members should any Data Protection Act case be brought against them.

6. Staff and Volunteer records

6.1. RBBC will follow the Information Commissioner’s Code of Practice on employment records.

6.2. Volunteer records will be treated as far as possible on the same principles as records of paid staff.

7. Board of Directors

7.1. The storage of, and destruction of data held by the RBBC Management Team and Board of Directors is regulated by this policy.

7.2. All Management Team members must sign a Confidentiality Agreement for Management Team Members, to comply with RBBC’s Data Protection Act Policy, IT Acceptable Use Policy and Equality and Diversity Policy.

7.3. The Management Team should ensure that all personal data about staff is held in a relevant filing system and subject to the Data Protection Act.

7.4. Personnel files will be kept in a locked filing cabinet at RBBC or on protected Pfile Electronic site. The HR Manager will hold the key to the cabinet and be responsible for allowing appropriate access.

8. Implementation

8.1. RBBC recognises that its priority under the Data Protection Act is to avoid causing harm to individuals. In general, this means:

  • Keeping information securely in the right hands, and
  • Holding excellent quality relevant information.

8.2. Secondly, the Act aims to ensure that the legitimate concerns of individuals about the way in which their data may be used are taken into account. In addition to being open & transparent, RBBC will give individuals as much choice as is possible & reasonable over what data is held and how it is used.

8.3. To implement this policy RBBC has procedures in place to cover:

  • Information security and risk management
  • Data collection and recording
  • Storing data
  • Destroying data
  • Taking personal data out of the office
  • Subject Access Requests
  • Disclosure of personal information
  • Data held in personal files
  • Data access
  • Personnel information records
  • Personnel file destruction

9. Review

9.1. These policies and procedures will be reviewed and updated, if necessary, every two years. A review of security and a risk assessment will be carried out annually by the Board of Directors.

Approved by the Board: Review date: October 2024