Privacy and data protection statement

1. Privacy and Personal data

1.1 The City Bridge Trust is committed to protecting your privacy when you use any of our services. This Privacy Notice explains how we use information about you and how we protect your privacy.

1.2 City Bridge Trust is the funding arm of the charity Bridge House Estates. The sole corporate trustee of the Bridge House Estates is The City of London Corporation (City of London), PO Box 270, Guildhall, London, EC2P 2EJ.  The City of London Corporation is the registered data controller in respect of processing personal data, and is required under data protection legislation to notify you of the information contained in this privacy notice. The City of London’s Data Protection Officer is the Comptroller and City Solicitor, and can be contacted at the above address or by email at information.officer@cityoflondon.gov.uk.

1.3 When you register with any part of the Website, the City Bridge Trust will only ask for personal information relevant to the service or support you are requesting. This information will normally be restricted to names and email addresses, but in the event we enter into a funding relationship with your organisation this is likely to include names and national insurance numbers of post-holders who are being funded by the City Bridge Trust. We will not ask for special category data such as details of named individuals’ ethnicity, religion or medical history.

1.4 We will use your personal data to deliver the services and support you have requested from City Bridge Trust, and this is on the basis that we have your informed consent to do so.

1.5 If we have consent to use your personal information for any particular reason, you have the right to remove your consent at any time. If you want to remove your consent, please contact information.officer@cityoflondon.gov.uk and tell us which service you are using, so we can deal with your request.

1.6 We may on occasion share your personal data with other Departments within the City of London Corporation if this is a necessary part of delivering the services you have requested, or, in the case of a funding relationship, where we have concerns about the possible breach of the terms and conditions of our funding.

1.7 Personal data will be retained for the duration of the funding period, and will be evaluated periodically to determine whether it should continue to hold such data. Subject to any legal retention requirements, eg VAT regulations require appropriate financial records to be retained for six years, you may notify the City Bridge Trust if you do not wish data to be continually held by the City Bridge Trust.

1.8 Personal data will not usually be sent outside the UK, but if it is it will only be with partners who are delivering services on our behalf and who have signed privacy statements in place with City Bridge Trust. They will not use the data to market their own services to you.

Full details of the City of London Corporation’s privacy policy can be found here: www.cityoflondon.gov.uk/privacy

2. Statistics

2.1 The City Bridge Trust may provide aggregate statistics about traffic patterns and related site information on the Website and also provide statistics to Central Government, Government agencies and other public bodies, but these will not include any personally identifying information. Please note in particular that statistical records are maintained of pages visited by Users whether or not they have registered.

2.2 The City Bridge Trust may monitor user traffic on an aggregate basis in order to help it develop and improve the Website for the benefit of all Users.

3. Security

3.1 You are advised that the Internet is not a secure medium. The City Bridge Trust will use reasonable endeavours to keep your information confidential and store it on a secure server which is password protected and hidden behind a firewall from the outside world. Internal procedures cover the storage access and disclosure of your information. The City Bridge Trust will not sell or pass your information on to any third parties without first obtaining your consent.

4. Transmission and transfer of data outside the EU

4.1 Because the Internet infrastructure is global and it is not possible to predict the routes that information sent over the Internet will take, the information you provide may be transmitted temporarily via a route which takes it outside the European Economic Area (EEA) as it passes between you and the City Bridge Trust. By submitting your information you consent to such transmission.

The City Bridge Trust shall not transfer User data outside the EEA except where it is necessary to fulfil an order for goods or services placed by a User in a country or territory outside the EEA. The City Bridge Trust will only be storing the information supplied together with details of the activities you have undertaken with the City Bridge Trust and mailings that have been sent. You acknowledge that countries or territories outside the EEA do not provide the same level of data protection as the EEA. By submitting an order for goods or services with the City Bridge Trust you consent to such transfer

5. Disclosure

5.1 The City Bridge Trust may disclose personal information if required to do so by Law or in good faith believes it is required to do so by any order of the Courts or other competent body or agency or may do so to protect or defend the rights or property of the City Bridge Trust or to protect the personal safety of the City Bridge Trust’s employees or the public at large.

6. Links

6.1 The City Bridge Trust Website has links to other websites which will have different privacy, trading and use policies and conditions and you should familiarise yourself with the same.

7. Data protection

7.1 The City Bridge Trust uses all reasonable endeavours to comply with the Data Protection Act 1998 and the following principles:

(a) Personal data should be processed fairly and lawfully This means that individuals should not be deceived or misled into supplying information.

(b) Data should only be obtained for a specified purpose and should not be used for any other purpose.

(c) Personal data should be adequate relevant and not excessive in relation to its purpose.

(d) Personal data should be accurate and up to date where necessary.

(e) Personal data should not be kept longer than is needed for its intended purpose.

(f) Personal data should be processed in accordance with the rights of the individual which the information concerns.

(g) Appropriate measures should be taken against unlawful processing or destruction of records. Computer systems should have back up facilities and security provisions.

(h) Personal data should not be transferred outside the European Economic Area (the EU states plus Lichtenstein, Iceland and Norway).

See the City of London’s Access to Information Page which provides Users with guidance about their rights of access to information under the Freedom of Information Act 2000 and Data Protection Act 1998.

For more information on the Data Protection Act 1998, you can call (UK) 01625 545 700.

8. Cookies

8.1 A cookie is a small file which stores information that a website puts on your hard disk so that it can remember something about you at a later time. Typically, a cookie records your preferences when using a particular site.

View the City Bridge Trust’s guide to cookies.