WhistleblowersUK Privacy Notice
AT A GLANCE:
· What information is being collected?
We collect contact information to enable us to communicate with a client and other personal information that is relevant to their case so that we can best support them.
· Who is collecting it?
The information will be collected by members of the organisation.
· How is it collected?
Through its website using the online Initial Contact form provided, by other means such as Twitter or email and in person.
The data collected by using the online Initial Contact form is saved in a spreadsheet kept secure by Google Suite and only accessible by password currently known only be the Data Controller and his deputy.
You have the right to see the data we hold and to have it deleted whenever you want. We will only share this information if we have your consent.
· Why is it being collected?
To enable WhistleblowersUK to support its clients.
· How will it be used?
It will be used to aid communication and to prepare a case to support the client.
· Who will it be shared with?
It will be shared with others, such as lawyers, only with the purpose of progressing the case and with the permission of the data subject.
1. General principles
1.1. WhistleblowersUK recognises that employees, volunteers and Board Members gain information about individuals and organisations during the course of their work or activities. In most cases such information will not be stated as confidential and colleagues may have to exercise common sense and discretion in identifying whether information is expected to be confidential. This policy aims to give guidance but if in doubt, seek advice from the Chief Executive.
1.2. Colleagues are able to share information with other colleagues in order to discuss issues and seek advice.
1.3. Colleagues must not exchange personal information or comments (gossip) about individuals with whom they have a professional relationship other than when relevant for progressing their case.
1.4. It is not appropriate to discuss a person’s sexuality (e.g. ‘outing’ a gay person) without their prior consent.
1.5. Colleagues should avoid talking about organisations or individuals in social settings.
1.6. Information given to staff members or volunteers acting on behalf of WhistleblowersUK is considered to be given to WhistleblowersUK as an agency rather than to the individual staff/Board member or volunteer. In order to give the best possible service to users of WhistleblowersUK services, it is sometimes desirable to share information with other colleagues in the organisation.
1.7. Constructive liaison with other agencies is sometimes essential if individuals and groups are to be offered an effective service by WhistleblowersUK. However, confidential matters must not be discussed outside of WhistleblowersUK without the prior permission of the individual or organisation.
1.8. Where there is a legal duty on WhistleblowersUK to disclose information, the person to whom the confidentiality is owed will be informed that disclosure has or will be made.
2. Why information is held
2.1. The personal information of people we are helping held by WhistleblowersUK is used to support that work.
2.2. Information may be kept to enable WhistleblowersUK to understand the history and activities of Whistleblowers in order to deliver the most appropriate services.
2.3. WhistleblowersUK has a role in putting people in touch with legal, media, voluntary and community organisations and keeps personal contact details which are passed on to any enquirer, only with the express permission of the person involved.
2.4. Information about ethnicity and disability of users is only kept for the purposes of monitoring our equal opportunities policy.
3. Access to information
3.1. Information is confidential to WhistleblowersUK as an organisation but may be passed to colleagues, line managers or Board Members to ensure the best quality service for users.
3.2. Where information is sensitive, i.e. it involves disputes or legal issues, it will be confidential to the individual dealing with the case and the Chief Executive. Such information should be clearly labelled ‘Confidential’ and should state the names of the colleagues entitled to access the information and the name of the individual or group who may request access to the information.
3.3. Colleagues will not withhold information from the Chief Executive.
3.4. Users may have sight of WhistleblowersUK records held in their name. The request may be made by email, letter or telephone call. Once the request is verified the information will be supplied. must be in writing to the Chief Executive giving 14 days’ notice and be signed by the individual, or in the case of an organisation’s records, by the Chairman of the Board. Sensitive information as outlined in para 3.2 will only be made available to the person or organisation named on the file.
3.5. When photocopying or working on confidential documents, colleagues must ensure they are not seen by people in passing. This also applies to information on computer screens.
4. Storing information
4.1. WhistleblowersUK keeps non-confidential information using paper files and computers. Confidential information is maintained with an appropriate level of security, in accordance with the Data Protection Act and this policy, which will adequately protect information about individuals that is held in the systems.
4.2. Information about volunteers and other individuals will also be kept in line with the Data Protection Act.
4.3. Employees’ and volunteers’ personnel information will be kept in filing cabinets and will be accessible to the Chief Executive or to those who are entitled to see it as part of their duties.
4.4. In an emergency situation, the Chief Executive may authorise access to files by other people.
5. Deleting information
5.1 WhistleblowersUK will delete personal information at the request of the person concerned. All that is needed is a verified request via. letter, email or telephone call.
The correspondence address is 250 Hills Road, Cambridge, CB2 8QE.
6. Duty to disclose information
6.1. There is a legal duty to disclose some information including that relating to drug trafficking, money laundering, acts of terrorism and treason.
6.2. In addition, a colleague believing an illegal act has taken place, or that a service user is at risk of harming themselves or others, they must report this to the Chief Executive who will report it to the appropriate authorities.
6.3. Service users will be informed of this disclosure.
7. Breach of confidentiality
7.1. Employees who are dissatisfied with the conduct or actions of other colleagues or WhistleblowersUK should raise this with the Chief Executive or Chairman of the Board using the grievance procedure, if necessary, and not discuss their dissatisfaction outside of WhistleblowersUK.
7.2. Colleagues accessing unauthorised files or breaching confidentially will face disciplinary action. Ex-employees, volunteers and Broad Members breaching confidentiality may face legal action.
Review date: May 2019