Data Privacy and Protection
The General Data Protection Regulation (GDPR) comes into force on 25 May 2018. The Data Protection Act 2018 applies the same standards as the GDPR but amends it to better suit the requirements of the United Kingdom (UK).
This privacy statement sets out how we use data and protect any information that you give us when you use this website.
We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
We may change this policy from time to time by updating this page.
Who we are
Our contact details are:
Office and Administration 01206 367881
Information and Support Line 01206 769795
Address: CARA, PO box 548, Colchester CO1 1YP
Personal information submitted through this website is collected by CARA, and by the wider Essex Rape Crisis Partnership (Synergy Essex) of which CARA is a partner.
The online referral form uses SSL to encrypt the form data so it cannot be intercepted in transit when it is posted to the database. It uses the same system as the banks for data encryption. The Padlock symbol can be seen in the top left of the browser to show it is secure. The data is then stored in an encrypted database on a UK based Microsoft Azure database.
What we collect
We may collect the following information:
- your name
- your contact details such as email address
- specific enquiry details
- your computer's IP address.
Why we collect this information
We require this information to understand your needs and provide you with a service, and in particular for the following reasons:
- to be able to respond to your contact
- to provide services tailored to your needs
How long we keep this information
We retain this information until we have responded to your contact. If you engage with our service, we keep information for internal record keeping for no longer than 3 years.
All of the above information is kept on an encrypted secure system. It is pseudonymised after 2 years and anonymised after a further 3 years.
Data that is used to give examples of why our services are needed is always anonymised and not identifiable to an individual client. In this form it is not classed as personal data.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable procedures to safeguard and secure the information we collect online.
Controlling your personal information
You may choose to restrict the collection or use of your personal information if you have previously supplied personal data, or if you have previously agreed to us processing your personal information.
We will not sell, distribute or lease your personal information to third parties.
How to contact the Data Protection Officer (DPO)
If you wish to contact the CARA DPO to discuss any of the above please email firstname.lastname@example.org or write to us at: CARA, PO Box 548, Colchester CO1 1YP.
For a full explanation of your data rights, or in the event that you wish to lodge a complaint, please go to www.ico.org.uk. The Information Commissioner's Office (ICO) is the data privacy supervisory authority in the UK.
Under the GDPR (the EU General Data Protection Regulation), you have a number of specific rights with regards to your personal information. These include:
Right of access – if you want to know if we are storing or processing any personal data about you, you can contact us to find out. If this is the case, you may find out what purpose it is being stored for and request a copy of your data by contacting us. There is normally no charge for making a request, but if the number and frequency of requests is unreasonable we may charge an admin fee.
Right to correction - if you believe that any information we are holding on you is incorrect or incomplete, please contact us as soon as possible. We will promptly correct any information found to be incorrect.
Right to erasure – if you want us to remove your personal data from our records, you can request this by contacting us. We will remove the data as far as it is practically within our power, and where we are not legally obliged to retain it.
Right to object – if you no longer want us to process your data you can request this by contacting us.
Right to complain - if you are unhappy with how we are managing your personal data, you can lodge a complaint with the UK supervisory authority, the Information Commissioner's Office (ICO).
A cookie is a small file which asks permission to be placed on your computer's hard drive. Cookies help us see understand visitors to our website by tracking how you use our website, in a way that doesn't ever identify you personally.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages are useful and which are not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.