Horizons Bristol is a part of Turning Point
Updated 13th January 2025
1. Introduction
Turning Point treats the privacy of our service users’ personal data seriously. This notice identifies for you some key information about data processing and sets out the type of data we collect from you, why we collect it and how we manage it. Managing data includes identifying the lawful basis for processing data, as well as how we gather, store, process, share, protect and ultimately destroy data.
Our responsibilities relating to data processing are set out by the General Data Protection Regulations (GDPR) and Data Protection Act (2018). In line with these provisions, data processing is overseen by our designated Data Protection Officer (DPO) whose principle duties are to inform, advise and monitor Turning Point’s compliance with the GDPR.
2. What is Personal and Sensitive Data?
Personal data means any information that may be used to identify you on its own or when combined with other information, will enable identification. Sensitive data is data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; data concerning health or sex life and sexual orientation. We may collect, use, store and transfer different kinds of personal and sensitive data about you which we have grouped together as follows:
a. Identity Data includes first name, last name, username or similar identifier, date of birth and gender and NHS number.
b. Contact Data includes your address, phone number and email address.
c. Health Data includes any information about your physical or mental health from how you use our Services.
d. Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our services available online.
e. Profile Data includes your username and password.
f. Usage Data includes information about how you use our services.
3. Why do we ask for your data?
Your personal data is required to effectively assess you for the appropriate options and treat you. In addition key data may be used to support our safeguarding / risk responsibilities and other statutory obligations. We also require your data to measure the effectiveness of the services we provide and how they can be improved. This uses aggregated statistics which do not identify you.
4. How do we obtain your data?
We use different methods to collect data from and about you, including through:
a. Direct interactions: You may give us any of the categories of data identified in section 2 by filling in forms or by corresponding with us by, phone, email or otherwise.
b. Automated technologies or interactions: As you interact with our services online, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.
c. Third Parties: We may receive your personal data from third parties who are referring you to our services. This is typically performed with your explicit consent but could be because there is a legal obligation that applies to the third party.
5. What do we do with your data?
All of the data gathered is processed to effectively assess you for our services and treat you accordingly. Our lawful reasons for processing data are detailed in the table below along with the type of data. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data