Privacy Statement

How we process and store your data

Back to homepage

This Privacy Statement sets out the data processing practices carried out by Listen to Act. We retain and use personal data (information that relates to and identifies living people) to help us carry out our role as an independent charity that specialises in research and engagement.

We will always make sure that your information is protected and treated securely. Any information that you give will be held in accordance with:

  • Data Protection Act 1998

  • As of 25 May 2018, the new data protection legislation introduced under the General Data Protection Regulation (GDPR) and Data Protection Bill.


We also make our Information Asset Register available for people to read to give further clarity about how data relating to them is managed and kept secure. This includes our retention schedule and clear details about the lawful basis for storing and keeping personally identifiable information.

Information we collect

We collect personal information from visitors to this website through the use of online forms and every time you email us your details. We also collect feedback and views from people about the health and social care services that they access. In addition, we receive information about our own staff and people who apply to work for us.

  • Information about people who use our website

  • Information about people who share their experiences with us by other means

  • Information about our own staff and people applying to work for us

Security

We are strongly committed to data security and we take reasonable and appropriate steps to protect your personal information from unauthorised access, loss, misuse, alteration or corruption.

We have put in place physical, electronic, and managerial procedures to safeguard and secure the information you provide to us.

Only authorised employees and contractors under strict controls will have access to your personal information.

Information about people who use our website

Please note that this statement does not cover links within this website to other websites.

When you browse through the information on this website, it does not store or capture your personal information. We do log your IP address (as it is automatically recognised by the web server) but this is only so you can download this website onto your device rather than for any tracking purpose; it is not used for any other purpose.

We will only collect personal information provided by you, such as:

  • feedback from surveys and online forms

  • email addresses

  • preferred means of communication.

Cookies

Please be aware that some systems on our website require the use of cookies, but we will always state if this is the case. We will never collect and store information about you without your permission.

Cookies are small text files that are transferred to your computer or mobile when you visit a website or app. We use them to help us understand how people are using our services, so we can make them better.

Please be aware that some systems on our website require the use of cookies, however, where non-essential cookies are in use, we will only collect the information with your permission.

They improve your experience by:

  • Remembering settings and information (like the names of health or social care services you've searched for) so you don't have to keep re-entering them.

  • Helping us understand how people are using our website, so we can make your experience even better

  • Telling us if our emails have been read and if you find them useful

Types of cookies and how we use them:
 

First party cookies

First party cookies are our own. We control them and use them to provide information about the way you use our website.

Some parts of our website use javascript - a web language - to display content. If your web browser has javascript disabled, it helps us to know so that we can display the page to you in another way. This cookie allows our website to know if you have javascript enabled or not.

listentoact_cookiecontrol
This maintains the open/closed state of the "Cookie Control" dialog.

Third party cookies

Third party cookies are set by someone other than the owner of the Listen to Act site. For example, when you share a link from our website onto your social media platform, the platform may set a cookie on your browser.

We have no control over third-party cookies, you can turn them off but not via Listen to Act. You should check the other websites for more information about their cookies.

Functional, performance and advertising cookies

We also use functional, performance and advertising cookies to make your experience more enjoyable. If you don’t want to enable these cookies you can select ‘decline’ in the cookies banner.

We will only use this cookie type if you have agreed. 

How long do cookies last?

Some are erased when you close your website browser. Others stay longer and are saved onto your device when you come back. Some can be deleted by deleting your browser history.

Managing the cookies on your computer

You can restrict or block cookies set by our website and others by changing the settings in your browser. However, doing this may impact the way our website works for you in the future.

Visit the About Cookies website to find out more about restricting or blocking cookies in different browsers.

You can also learn more about cookies on the DirectGov website.

To find out more about information that we collect and how we use it, please continue reading.

How we will use your personal information

Personal information about you can be used for the following purposes:

  • in our day-to-day work;

  • to send you our newsletter where you have requested it;

  • to respond to any queries you may have;

  • to improve the quality and safety of community services

This may include any personal information that you choose to share with us, but we will treat this as confidential and protect it accordingly. We will never include your personal information in survey reports.

Signing up to our newsletter

We use a third-party supplier to provide our newsletter service called Mailchimp. By subscribing to this service you will be agreeing to them handling your data.

The third-party supplier handles the data purely to provide this service on our behalf. This supplier follows the requirements of the Data Protection Act 1998 in how they obtain, handle and process your information and will not make your data available to anyone other than Listen to Act.

Information about people who share their experiences with us by other means

There are a number of ways that we collect feedback from people about their experiences of using services. Our staff visit different institutions and settings as part of their role to evaluate how services are being delivered.

Where personally identifiable information is collected we will ensure that we have your consent to keep it and we will be clear on how we intend to use your information. We will aim to anonymise information where we can but there may be instances where this is not possible in order to make change happen on your behalf. There may be exceptional circumstances where we can and will keep the data without consent but we must have a lawful basis for doing so, such as for safeguarding purposes.

We ensure that where consent is required it will be freely given, used only for agreed specific and unambiguous purposes and that you are well informed about how the information will be kept. This includes where it will be stored, details on security and for how long it will be kept. We will comply with current data protection legislation at all times.

Personal information may be collected with your consent through:

  • Our website

  • When we receive feedback by phone, focus groups or surveys


Personal data received from other sources

On occasion we will receive information from the families, friends and carers of people who use services. We use this data to inform providers and commissioners to help them deliver services that work for you.

Where it is practically possible, we will make sure that we have your consent to use information that is about you. We will only process your personal data where there is a lawful basis to do so under current data protection legislation.

Publishing information

In most circumstances we anonymise our data to ensure that a person cannot be identified, unless this has been otherwise agreed and consent has been given.

Information about our own staff and people applying to work with us

We need to process personal data about our own staff (and people applying to work for us) so that we can carry out our role and meet our legal and contractual responsibilities as an employer.
 

The personal data that we process includes information about racial or ethnic origin, religion, disability, gender and sexuality. We use this information to check we are promoting and ensuring diversity in our workforce and to make sure we are complying with equalities legislation.

Our employees decide whether or not to share this monitoring data with us, and can choose to withdraw their consent for this at any time. Employees who wish to withdraw their consent for us to process this data can let us know.

Other personal data that we are required to process includes information on qualifications and experience, pay and performance, contact details and bank details.

We check that people who work for us are fit and suitable for their roles. 

People joining Listen to Act will be asked to complete a ‘declaration of interests’ form to identify any services with which they have close links (for example, because they have previously worked there or because the service is run by a close relative) or any other issues which could cause a perceived conflict of interest. Staff are regularly asked to update these forms.

We have a legal obligation to comply with the Freedom of Information Act 2000 and this may include the requirement to disclose some information about our employees – especially those in senior or public facing roles. We also publish some information about our staff, including the names and work contact details of people in some roles.

How we share information with other organisations

We only share personal information with other organisations where it is lawful to so and in accordance with our Information Governance Policy. Information is shared in order to fulfil our remit which is to pass on your experiences of care to help improve them on your behalf.

We work with the Care Quality Commission (CQC), local commissioners, NHS Improvement, the voluntary sector, and local authorities to make this happen. We can also engage external suppliers to process personal information on our behalf.

We will only disclose your personal information where we have your consent to do so, or where there is another very good reason to make the disclosure ­– for example, we may disclose information to CQC or a local authority where we think it is necessary to do so in order to protect a vulnerable person from abuse or harm. Any such disclosure will be made in accordance with the requirements of the current data protection legislation.

Wherever possible, we will ensure that any information that we share or disclose is anonymised, so as to ensure that you cannot be identified from it.

We sometimes use other organisations to process personal data on our behalf. Where we do this, those companies are required to follow the same rules and information security requirements as us, outlined in a Data Processing Contract. They are not permitted to use reuse the data for other purposes.

Retention and disposal of personal data

We publish a retention and disposal schedule, which explains how long we keep different types of records and documents for, including records and documents containing personal data. Personal data is deleted or securely destroyed at the end of its retention period.

Your rights

Your right to access information about you

If you think we may hold personal data relating to you and want to see it please write to hello@listentoact.org

Correcting or deleting your personal data

If you know that we are holding your personal data and believe that it may be wrong, or if you want it to be deleted or for us to stop using it, you have a right to request that it can be deleted or amended.

Please make your objection in writing to hello@listentoact.org

Or send it by post to:

37 Chapel Street
London
NW1 5DP

Complaints about how we look after or use your information

If you feel that we have not met our responsibilities under data protection legislation, you have a right to request an independent assessment from the Information Commissioner’s Office (ICO). You can find details on their website.

Our contact details and key roles

Listen to Act is data controller for all of the personal data that you provide us with. Any issues relating to the processing of personal data by or on behalf of Listen to Act may be addressed to:

37 Chapel Street
London
NW1 5DP

Telephone: 07563 248 677

Email: hello@listentoact.org

Listen to Act has not yet designated a Data Protection Officer under Article 37 of the GDPR.

Last updated August 2023.