EnableAll is responsible for the personal data we collect from you and we are committed to complying with the General Data Protection Regulation (GDPR). We undertake to keep all information safe and secure.
When processing your information or your requests for information EnableAll will do so with honesty and respect.
We will work in partnership with you and the Information Commissioner in promoting good practice and transparency in the access and use of your personal information. We will regularly review your information and make necessary changes to the service and information handling process when you, the law or the Information Commissioner request such changes.
We will comply with GDPR and all other relevant legislation to ensure your personal information is protected and processed in accordance with the law.
All of the information you provide is made safe and secure in accordance with the GDPR.
The information will be used to update your records and will be securely stored on our computer and paper-based filing systems. Where necessary we will share relevant information with partners e.g. to assist them and you to make appointments and provide you with services you need.
We will share information in a secure manner to ensure your needs are met and to meet the health and safety obligations we have as an employer when delivering a service.
We will share relevant information with third parties where we are legally required to do so in line with GDPR. Some examples are:
• The prevention or detection of crime and fraud
• The apprehension or prosecution of offenders
• The assessment or collection of tax or duty owed to customs and excise
• In connection with legal proceedings
• In relation to the physical or mental health of an individual, where disclosure is required to protect them or others from serious harm
• For research and statistical purposes
• In order to carry out or contractual obligations
• In order that third parties can carry out our duties on our behalf
• To comply with the law
We hold personal and sensitive information about our service users, employees, board members, employment applicants and suppliers. All individuals have a right to privacy and EnableAll is committed to comply with GDPR to ensure that this is maintained at all times.
Our Privacy Notice demonstrates our commitment to the principles of GDPR. It aims to protect and promote the rights of individuals. Our policy is supported by our internal procedures and policies and ongoing employee training to ensure awareness and compliance with the legislation.
EnableAll will from time to time take part in National Fraud Initiatives; this will mean that we will share your information with other organisations, e.g. the Cabinet Office for the purpose of data matching exercises to assist in the prevention and detection of fraud. Depending on the circumstances, we may inform you when we are taking part in these schemes by giving you notice and notifying you what information will be shared and how it will be secured.
You may request a copy of the personal information we hold about you (Subject Access Request) at any time by contacting:
Data Protection Officer
All Subject Access Requests require proof of identity. Once this is verified, your request will be dealt with within the statutory 28 calendar day period.