Privacy Policy

On 25th May 2018, one of the biggest changes to UK data privacy law came into effect. The General Data Protection Regulation (or GDPR for short) was a really positive step towards people having more control over how their data is used and how they are contacted. The changes also help to better protect your personal data. We have updated our privacy policy to reflect these changes. ASNEW is committed to data security and the fair and transparent processing of personal data. This Policy sets out how ASNEW treats personal data. Please read this Policy carefully as it contains important information on who we are, how and why we collect and store, your personal data, your rights in relation to your personal data, how to contact us, and how to contact supervisory authorities in the event that you would like to report a concern about the way in which we process your personal data.

Who we are

ASNEW provides an independent, confidential, free, equitable and accessible advocacy service to the people of North East Wales working to the Advocacy Charter and through the Advocacy Quality Mark Standards which has been recently retained.

ASNEW has charitable status: Registered Charity No 1110143 and is a Company Limited by Guarantee No 4707548 registered in England /Wales 2003

What personal data do we collect?

So that we can offer you the best possible service we need to collect some information about you.

Information such as your name and address, your date of birth, telephone numbers and any information relevant to your advocacy issue.

If you have benefit/employment issues we may need your national insurance number, or any other information that is identified.

We will ensure that any personal data we process is accurate, adequate, relevant and not excessive, and used for the purpose for which it was obtained.

How long will we keep your personal data?

In order to collect the anonymised statistics that are required by our funders, the records we hold will be retained for 18 months following closure on our secure cloud-based case work management system.

How is personal data protected?

We take all reasonable steps to ensure that ASNEW protects your personal data and are aware of their information security obligations. We operate a secure cloud based bespoke case work management system which is fully GDPR compliant, or with paper information which will be kept in a locked filing cabinet. We limit access to your personal data to those who have a genuine need to know within the organisation and not share it with anyone else unless you ask us to, or we are required to by the law.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

The only exception to when we would breach someone’s information is fully explained in Advocacy Services North East Wales Confidentiality Policy.

Statutory Advocacy

Where ASNEW provides statutory advocacy services pertaining to the Mental Capacity Act and Mental Health Act there is a legal framework surrounding these services for which client information cannot be deleted and must be retained for six years.

Your rights

Under the GDPR, you have various rights with respect to our use of your personal data:

Right to Access

ASNEW puts the people that use their service at the heart of everything they do.

You have the right to request a copy of the personal data that we hold about you by contacting us at the email below. Please include with your request information that will enable us to verify your identity. Your records belong to you and you can request to see them at any time, your advocate can support you to access your information.

Please note that there are exceptions to this right. We may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person, if we are legally prevented from disclosing such information, or if there is no basis for your request, or if it is excessive.

Right to rectification

We aim to keep your personal data accurate and complete. We encourage you to contact us using the contact details provided below to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date.

Right to erasure

You have the right to request the deletion of your personal data where, for example, the personal data is no longer necessary for the purposes for which it was collected, where you withdraw your consent to processing, where there is no overriding legitimate interest for us to continue to process your personal data, or your personal data has been unlawfully processed. If you would like to request that your personal data is erased, please contact us using the contact details provided below.

Right to object

In certain circumstances, you have the right to object to the processing of your personal data where, for example, your personal data is being processed on the basis of legitimate interests and there is no overriding legitimate interest for us to continue to process your personal data. If you would like to object to the processing of your personal data, please contact us using the contact details provided below.

Right to restrict processing

In certain circumstances, you have the right to request that we restrict the further processing of your personal data. This right arises where, for example, you have queried the accuracy of the personal data we hold about you and we are verifying the information, you have objected to processing based on legitimate interests and we are considering whether there are any overriding legitimate interests, or the processing is unlawful and you elect that processing is restricted rather than deleted. Please contact us using the contact details provided below.

Right to data portability

In certain circumstances, you have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format. This right arises where you have provided your personal data to us, the processing is based on consent, and processing is carried out by automated means. If you would like to request make such request, please contact us using the contact details provided below.

Please note that the GDPR sets out exceptions to these rights. If we are unable to comply with your request due to an exception we will explain this to you in our response.

Complaints

If you believe that your data protection rights may have been breached, and we have been unable to resolve your concern, you may lodge a complaint the applicable supervisory authority or to seek a remedy through the courts. Please visit https://ico.org.uk/concerns/ for more information on how to report a concern to the UK Information Commissioner’s Office.

Changes to this Policy

Any changes we may make to our Policy in the future will be put on our website

Contact Us

If you have any queries about this Policy, the way in which Advocacy Services North East Wales processes personal data, or about exercising any of your rights, you can contact us at:

01352 759332 and ask for Data Privacy Manager
email dpo@asnew.org.uk
or write to us at ASNEW, First Floor, Suite 3, Broncoed House, Broncoed Business Park, Wrexham Road, Mold, CH7 1HP.

Get in touch
with us

If you want to learn more
about ASNEW services,
or for
general enquiries and referrals
please call or email.

01352 759332  
advocacy@asnew.org.uk


If for any reason you feel unable to
call or email, you can
text us on
07507 207 394 to request that
we contact you.

We don’t have the facility to
text back at the moment
(we’re working on this),
but we
can call or email – let us know
your preference.