top of page

General Data Protection Regulations 

 

The Benefit Advice Shop will ensure your personal data is:

  • Processed lawfully, fairly, and transparently.

  • Collected for specified, explicit, and legitimate purposes.

  • Adequate, relevant, and limited to what is necessary.

  • Accurate and kept up to date.

  • Retained only as long as necessary.

  • Processed securely and protected against unauthorised access, loss, or damage.

  • Managed in a way that demonstrates compliance with UK GDPR.

 

The information we may ask you to supply may include:

  • Name

  • Address

  • Telephone number

  • Email address

  • Date of birth

  • National Insurance number

  • Household details

  • Health and / or disability information

  • Ethnicity (where relevant)

  • Income and expenditure

  • Information relating to benefit entitlement / awards

  • Bank account information (where necessary)

 

The Benefit Advice Shop processes personal data under one or more of the following lawful bases:

  • Consent

  • Contract

  • Legal obligation

  • Vital interests

  • Public task

  • Legitimate interests

 

Your information may be used to:

  • Provide welfare rights advice and representation

  • Assist with benefit claims and appeals

  • Communicate with you

  • Liaise with government departments and other agencies

  • Maintain service user records

  • Monitor and improve services  

  • Meet legal and regulatory requirements

  • Apply for funding and produce anonymised statistical reports

 

Your personal information will only be shared:

  • With consent;

  • Where required by law;

  • To protect someone from serious harm;

  • With other organisations involved in providing support (with consent).

 

Information may be shared with:

  • The Department for Work and Pensions

  • Local authorities

  • Housing providers

  • The Tribunal Service

  • Health and social care organisations

  • Funders (using anonymised data)

 

The Benefit Advice Shop will:

  • Use password-protected systems

  • Restrict access to authorised personnel

  • Encrypt electronic records where appropriate

  • Store paper files securely

  • Provide regular staff training

  • Maintain procedures for reporting data breaches

 

Service users’ paper records will normally be retained for 3 years and electronic records 5 years after case closure. Records may be retained longer if there is a legal requirement, ongoing dispute or requested by the servicer user in writing.

When paper records are no longer required, they will be securely destroyed unless collected by the service user.

 

Service users have the right to:

  • Be informed about how their data is used

  • Access their personal data

  • Request correction of inaccurate data

  • Request erasure in all formats 

  • Restrict processing

  • Object to processing

  • Data portability (where applicable)

  • Complain to the regulator

 

Requests for the above should be submitted in writing to the Benefit Advice Shop Manager who is the Data Protection Lead. The Benefit Advice Shop will respond to a request within one month.

 

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, the Benefit Advice Shop may charge a reasonable fee if the request for access is clearly unfounded or excessive. Alternatively, the organisation may refuse to comply with the request in such circumstances.

 

Any actual or suspected data breach the Benefit Advice Shop will:

  • Investigate breaches promptly

  • Take steps to minimise harm

  • Notify affected individuals where required

  • Report serious breaches to the UK's data protection regulator, the Information Commissioner's Office

© BAShop. All rights reserved | Privacy Policy | 

bottom of page