Victim First is committed to protecting the privacy of website visitors.
What information do we collect?
We may collect, store and use the following kinds of personal data:
- any personal information that you choose to send to us when requesting support via email, data that we might collect through the volunteer interest form on our website and data sent through the webchat function.
Specific detail of each processing activating is provided below:
- make our website work as you’d expect
- improve the speed/security of the site
- allow you to share pages with social networks like Facebook and Twitter
- store answers from surveys that we may ask you to fill in from time to time
- continuously improve the website for you
In addition, we may disclose information about you:
- to the extent that we are required to do so by law
- in connection with any legal proceedings or prospective legal proceedings
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
- to prevent harm to you or another person
Data Processing through Website/Webchat functionality:
Here we will outline the nature of the processing: how we will collect, use, store and delete data, where the source of the data is captured, and aim to outline whether we would be sharing data with anyone, in both the website and webchat function.
Webchat: Collection of Data – the provision of this function will remain anonymised unless the service user specifically requests to share the personal details. You will have sole control of how much information you may wish to share through the webchat function, and can exercise your rights afforded to you under the GDPR i.e. right to access, right to rectification, right to erasure etc., easily by contacting firstname.lastname@example.org or by contacting the DPO directly DPO@catch-22.org.uk.
Any chats that will require follow up or containing information that will assist the case manager in putting together a support plan can be stored (Live chat has 256 encryption built in) on a secure server and only accessible by registered Catch22 team members at Victim First. Chats currently are only accessible to administrators to the service (namely the Head and Deputy Head of Service, Senior Caseworkers and Data analyst). Data is currently set to automatically delete after 365 days, we can change this at any time, with a view to amend to a minimum of 3 months. Manual deletions can take place at any time. Once a case manager is able to transfer the details of the chat, (if the service user wishes to proceed with support) to the secure CMS Niche system, the chat will be deleted. The only other data we want to capture beyond this would be anonymised number of chats, who dealt with the call, peak chat times and two customer satisfaction survey questions to ascertain ease of use of the chat service and age group demographics. This will be for evaluation and traffic gauging of the service and how many calls each staff member deal with, in the form of a basic report.
The webchat provider, Click4 Assistance – As a UK based company with data center’s in London conforming to ISO 9001 and 27001 standards, Click4Assistance adheres to the stringent regulations laid out by the FCA for data storage, Data Protection Act 2018 and PCI compliance.
The source of the data – will be within the chat itself and service users advised to not use this service to relay personal details, rather encouraged to call or email the case manager. Click to access the Click4 Assistance Privacy Notice.
We would not be sharing data with anyone, beyond the figures from the basic reports mentioned above if requested by the webchat contract owner (Leicestershire OPCC).
Security of your personal data
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure and firewall protected servers. As data transmission over the internet is inherently insecure, we cannot guarantee the security of data sent over the internet.
Where information is held on our behalf by data processors, we will ensure, to the best of our ability, that they hold your information securely and in line with data protection legislation.
- right to access
- right to erasure
- right to object
- right to rectification
- right to be informed
- right to restrict processing
- right to data portability
- rights in relation to automated decision making and profiling
- right to lodge a complaint with the Information Commissioners Office (ICO) – https://ico.org.uk/concerns 0303 123 1113
- For further information on your rights, please visit the website below: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
Victim First, Leicestershire Police Force Headquarters, St Johns, Enderby, Leicester, LE19 2BX
Victim First is a service delivered by Catch22. Catch22’s data protection registration number is Z1473239.
Please see below Victim First Privacy Notice: