Privacy Policy
A copy of our current privacy policy can be downloaded here.
​
Privacy Policy (effective from 25 May 2018)
​
A new data privacy law was introduced in the UK in May 2018. As a result, we are publishing a new Privacy Policy in respect of our services to make it easier for you to find out how we use and protect your information within ADHD Solutions CIC.
The Privacy Policy was effective from 25 May 2018, and updated as required, and you will be able to view it below or you can ask us to post a copy to you.
The Privacy Policy makes sure we continue to comply with privacy law and regulation. If we make changes to any of these in the future, we will update the effective date to let you know.
This privacy policy explains how we use any personal information we collect about you when you contact us by phone, email, letter, attend any of our events or when you our website. Where we ask you to provide us with any information by which you can be identified, you can be assured that it will only be used in accordance with this privacy statement, and in line with the General Data Protection Regulation (GDPR) 2018.
1. Who are we?
We are ADHD Solutions CIC, a voluntary sector organisation who’s charitable We provide help, support, family coaching and resources for children, young people and adults affected by ADHD and their families. We deliver up to date information about services available to adults / families plus resources and training about ADHD to other institutions / service providers in both the statutory and voluntary sectors. Any reference to “we” or “us” or “our” in this policy means ADHD Solutions CIC.
We are registered as a Community Interest Company registered number 5984267. Our registered office is ADHD Solutions CIC, St Gabriel’s Community Centre, Kerrysdale Avenue, Leicester, LE4 7GH.
We look after and are responsible for your data (i.e., the Data Controller). We use a number of external third parties who process your personal data on our behalf, these companies are referred to as ‘Processors’. Any Processors we use also have their own legal responsibility for handling your data.
If you have any questions, or want more details about how we use your personal information, you can ask us:
Email us:
Call us:
0116 261 0711
Write to us:
FAO Data Protection, ADHD Solutions CIC, St Gabriel’s Community Centre, Kerrysdale Avenue, Leicester, LE4 7GH
2. What personal data do we collect?
We collect the following types of personal data from any contact we have with you by telephone, letter, e-mail, our online contact forms, face-to-face and any other means. We may also access information about you that is already publicly available including:
​
-
Personal identifiers, contacts, and characteristics (for example, name, address contact details, date of birth, email addresses).
​
-
Diversity and equality information.
​
-
Diagnosis, Well-being and behavioural information.
​
-
Any other information you choose to volunteer to us from time to time.
Our company website is hosted by Wix. Wix provides us with the online platform that allows us to promote our services to you and allows you to contact us using a Contact Form. On submission of a completed Contact Form, your data may be stored through Wix data storage, databases and the general Wix applications. Wix stores your data on secure servers behind a firewall. When anyone visits our website, we also store information about the way you interact with our website using cookies. This helps us to make sure it is the best possible experience for you. For more information on this, please check out our Cookies Policy.
3. How do we use your data?
We use your information in various ways, such as to:
-
Provide you with the services you want and deal with any queries or complaints you may raise.
​
-
Keep our records accurate and up to date.
​
-
Create statistical information, market research, and analysis to better manage our business.
​
-
Comply with any legal and regulatory obligations we may have.
We will not use your personal information for specific purposes such as unsolicited marketing.
We will keep your personal information for as long as you have an active relationship with our organisation. After that relationship ends, we may keep your data for a reasonable period for one of these reasons:
-
To respond to any questions or complaints.
​
-
To show that we treated you fairly.
​
-
To maintain records according to rules that apply to us.
We may keep your data for longer if we cannot delete it for legal, regulatory, or technical reasons.
4. On what basis do we collect your data?
We need a lawful basis to collect and use your personal data under data protection law.
As a community interest organisation, we predominantly rely on ‘legitimate interest’. This means that personal data may be legally collected and processed if its use is fair and consistent and does not adversely impact the rights of the Data Subject (i.e., you).
When we use your personal information, we will always consider if it is fair and balanced to do so, and if it is within your reasonable expectations. We will balance your rights and our legitimate interests to make sure we use your personal information in ways that are not unduly intrusive or unfair.
For our future, current, and former employees we rely on ‘contractual obligation’ and ‘legal obligation’. This means that personal and sensitive data may be legally collected and processed to meet our obligations under HR expectations / regulations, the employer / employee contract, common law / statutory obligation (e.g., HMRC or DBS checks) etc. We may monitor staff in accordance with our policies relating to email, internet and communication systems and monitoring at work as detailed in the Employee Handbook and in accordance with the relevant data protection legislation.
5. When do we share your data?
We do not have any arrangements in place to share your personal information with others outside our organisation. However, information sharing is essential for effective safeguarding and promoting the welfare of children and young people, and vulnerable adults. GDPR and the Data Protection Act 2018 provides us with a framework to ensure that if your personal information is shared, it is done so appropriately.
Unless it is unsafe or inappropriate to do so, we will be open and honest with you (and / or your family where appropriate) from the outset about why, what, how, and with whom your information will, or could be shared, and seek your agreement. On the occasions where your information is shared. We will keep a record of our / your decision and the reasons for it.
6. What are your data rights?
By providing us with personal data, you have consented to us handling it for the purposes mentioned. If you would like to change the way we are able to contact you, you can simply email us with your details and your request.
You have the following rights under the UK data protection law. These rights include:
(i) Right to be Informed
You can ask for details of how we process your personal data, as covered by this Privacy Notice.
(ii) Right to Access your Personal Data
You can request a copy of the information we hold about you. There is no charge for this. Our process of compiling a subject access request does not include a review of any ongoing issues and does not form part of our complaints process.
(iii) Right to Rectification
You have the right to question any information we have about you that you think is wrong or incomplete. Please contact us if you want to do this. If you do, we will take reasonable steps to check its accuracy and correct it.
(iv) Right of Erasure
You can request the deletion or removal of personal data where there is no reason for its continued processing. This right is also known as the “Right to be Forgotten”.
(v) Right to Restrict Processing
You can request that no further processing of the personal data we have previously collected occurs.
(vi) Right to Object
You can object to further processing of the personal data we have previously collected.
(vii) Rights in relation to automated decision-making and profiling
We do not currently conduct any automated decision making, including profiling, as defined by UK Data Protection laws.
7. How do we keep your data safe?
We will take appropriate technical and organisational measures to prevent unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to personal data.
All personal data is held in secure systems with controlled access and subject to cyber security measures. We also apply strict physical security at our site.
All employees receive cyber security and data protection training relevant to their role.
We ensure that the personal information that you provide us is held on secure servers.