Triangle Mental Health Foundation Mutual Respect & Privacy Policy Version I.2 Updated 07-05-20

Mutual Respect

Missed late or cancelled appointments

Triangle Mental Health Foundation is committed to serving all of its clients impartially, aiming to provide a high-quality service to everyone who communicates with us. We constantly endeavour to manage our appointment system to minimise inconvenience to clients by being flexible when we can.

We appreciate that sometimes it’s difficult for clients to attend an appointment due to unforeseen circumstances such as illness. We understand that occasionally the appointment you booked may no longer be convenient. However, we ask that you give us 24-hours notice when cancelling or altering your appointment. Would you please ensure you call DSF during our opening hours Monday – Friday 10 – 4 pm?

Unable to attend an appointment

We aim to provide all our clients with the best possible service and to achieve this we need your cooperation. If you are unable to keep your appointment, please make every effort to cancel it by giving us 24 hours advance notice so that it may be offered to someone else. Non-attendance and cancellations at short notice without a valid reason deprive other clients of our services.

Late for your appointment

A common reason for DSF running late is that some clients do not attend appointments on time. Please note, you may not be seen if you are more than 15 minutes late for your appointment. This is to ensure we run our appointments on time.

Failure to attend your appointment

The first time a client fails to attend a booked appointment, they will be sent a (DNA) did not attend email or text. After two emails or texts for missed appointments, we will withdraw our services, and the client will not be offered any further appointments.

To avoid being sent DNA emails or text. Would you please ensure that you cancel or alter your appointment 24 hours before the appointment time? Any appointment cancelled after this time could count as DNA?

Unreasonable behaviour towards staff or clients

Clients displaying unreasonable behaviour towards staff or clients will be sent an email or text highlighting their behaviour, resulting in our services being withdrawn immediately. Unreasonable behaviour is any unwanted physical, verbal or non-verbal conduct that has the purpose or effect of violating a persons dignity or creating an intimidating, hostile, degrading, humiliating or offensive environment for them (the list is not exhaustive):

If you think the decision to withdraw services was unfair. You can write or email the trustees explaining the reasons you think it was unfair. Clients who have had services was drawn may re-apply in three months to resume their services. Reinstatement of services is at the discretion of the trustees.

Privacy Policy

1. Triangle Mental Health Foundation Privacy Policy

Triangle Mental Health Foundation (DSF) A Registered Charity England and Wales No:1177171. This privacy policy explains how Triangle Mental Health Foundation uses any personal information we collect about you.

2. Why we keep personal data:

We keep any personal data required to satisfy our legal obligations, fulfil any contractual obligations to you, pursue our legitimate interests of running our charity and members club, and deliver the charity’s CIO objects. If you provide your consent, we will also use your contact details to inform you about DSF news and events via our newsletters. You have the right to withdraw your consent at any time

3. Correction and access to your information:

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. You have the right to object to or restrict your data processing or erase your personal information. However, we will still need to keep or process some of your data if legally or contractually required. Such restrictions or erasure may adversely impact our ability to deliver services to you. You also have the right to request a copy of the information that we hold about you.

4. How to contact us:

You can email us at [email protected] or write to us at Data Protection Triangle Mental Health Foundation Trafalgar House, 5 Fitzalan Place Cardiff CF24 0ED

5. Changes to our privacy policy:

We keep our privacy policy under regular review, and we will place any updates on this web page. This privacy policy was last updated in May 2018.

6. Use of third party data processors:

Third-party data processors are used for specific processes (detailed below) to provide a more efficient or effective service. Where relevant, data is encrypted. The terms and conditions or contracts we have in place with these data processors specify they will keep your data safe and only use it in accordance with GDPR (General Data Protection Regulation) or that they are compliant with Data Protection Act 1998 and working towards GDPR.

7. How we keep your data secure:

1. We aim to be fully compliant with GDPR. We believe our systems to be secure. We have a firewall, password policies, malware and patching in place. We are in the process of obtaining cyber certification. If you use your credit card to donate to us, we pass your credit card details securely to our payment processing partners as part of the payment process, using SSL encryption.
2. Our card partners are and are authorised by the Financial Conduct Authority under the Payment Services Regulations 2009, and you can find out more here:

8. Complaints:

If you believe there is a problem with the way we are handling your personal information, please contact us at [email protected]. you also have the right to contact the Information Commissioner’s Office to complain.

9. Cookies:

1. Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
2. For further information about cookies, visit www.aboutcookies.org. You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

What personal data we keep

10. Online Diagnostic Questionnaire

Our commitment to protecting your privacy is paramount at Triangle Mental Health Foundation. The following privacy policy describes how we collect and use information about people who contact us or visit our website.

What personal data we collect, and how we use your data

Personal data collected can include names, date of birth, email address, postal address, telephone number details, current mental health symptoms being experienced. We can also collect your opinions about a service or an issue.

We will use your personal information to:

• Provide you with the services or information offered to you;
• Our helpline team collective sensitive personal data about you when you speak, email, or send instant messages. Triangle Mental Health Foundation will only share this data in exceptional circumstances, where legally required, such as where a child is at risk, or someone reports self-harm or a serious intention of harming themselves or someone else;
• Keep a record of our relationship with you;
• Ensure we know how you prefer to be contacted. We conduct an ‘opt-in only’ communication policy. This means that we will only send communications to those that have explicitly stated that they are happy for us to do so via their preferred channel(s) (email, phone or post);
• Understand how we can improve our services and information;
• With your consent, we may contact you to let you know about the progress we are making and ask for your views.
• We do not sell or share personal details to third parties for the purposes of marketing.
• Sharing your story. Some people choose to tell us about their experiences with mental health issues and care to help further their work. They may take on a role as an Ambassador or Media Volunteer, attend our patient-focused events or sit on our committees. This may include them sharing sensitive information related to their health and family life in addition to their biographical and contact information. We use some of the information provided, including gender, ethnicity, or the type of issue people experience, to target opportunities to get involved. We will also monitor the types of people involved to ensure that the views we hear represent all clients.

11. Club members

1. When you apply to be a member of the DS club, you provide your name, address, telephone number, email address and date of birth to us.
2. When you become a member of the club, we retain the above data. If you attend a pre-booked, ticketed event at the club, we are provided with your name and email address.

12. Donors

If you donate money to us, we keep your name, telephone number, address and email address.

13. Job/ volunteer applicants

1. If you apply for a position with DSF, you will need to provide us with your name, telephone number, address, email address and employment history.
2. If you are offered a position, we will also obtain a reference from previous or existing employer(s) and an employment agency where relevant. We may also require more details about your background in certain cases.

14. Employment DSF applicants

Suppose you apply for a place on a DSF programme or course. In that case, you or your referring agent provide us with your name, telephone number, address, email address, date of birth, copy of your ID documents and specific health, housing or other background information where applicable to you so that we can assess your eligibility for the programme or course.

15. Mentor applicants

If you apply to be a mentor with DSF, you will need to provide us with your name, telephone number, address and email address. If you already have a portable DBS certificate, you provide us with a copy and your certification number so that we do not have to re-apply.

16. Trustee applicants

1. If you apply to be a Trustee for DSF, you will need to provide us with your name, telephone number, address, email address and CV.
2. If we progress your application, we will also obtain references from individuals that you have nominated and a recruitment agency where relevant. We may also require more details about your background in some instances.

17. Contractors

If we enter into a contract for services with you, you must provide us with your name, telephone number, address, email address and bank account details.

18. All users – general information

We have CCTV at the premises for safety and insurance purposes.

19. How we keep your data

1. We store your data on our membership database to assess your eligibility and process your membership application. Some data may be stored on our email system if we enter into further communication with you.
2. We store your data on our membership database so that we can fulfil our contractual obligations to you. Some data may be stored on our email system if we enter into further communication with you. We store your name and contact details on our finance database so that we can maintain appropriate financial records.
3. We store your data on a temporary database so that we can provide a quality service to you. Some data may be stored on our email system if we enter into further communication with you.
4. We store your data on our venue hire database to fulfil our contractual obligations to you. Some data may be stored on our management and email systems to enter into further communication with you. We store your name and contact details on our finance database so that we can maintain appropriate financial records.
5. If you are on the guestlist for an event, your name will be held on that list so that you can attend the event. Otherwise, we store your details in a handwritten visitors’ book
6. We store your data on our donor base so that we can provide you with an annual progress report, if appropriate, and provide supporting information for audit purposes.
7. We store your name and contact details on our finance database so that we can maintain appropriate financial records.
8. We store your job or volunteer application documents, references, specific additional material obtained post-interview and any communication with you or relevant third parties on our email and management systems. We also keep hard copies of interview notes in locked filing cabinets. This information is only accessible by those individuals directly involved in the recruitment process.
9. We store your application documents, references, specific additional material obtained post-interview and any communication with you or relevant third parties on our database, email and management systems.
10. We store your application documents, references, specific additional material obtained post-interview and any communication with you or relevant third parties on our email and management systems. We also keep hard copies of interview notes in locked filing cabinets. This information is only accessible by those individuals directly involved in the trustee recruitment process.
11. If your application progresses to the Nominations Committee, your personal details will be included in the minutes of that meeting.
12. We store your name and contact details on our finance database and account details on the banking system so that we can fulfil our contractual obligations to you and maintain appropriate financial records. Some data may be stored on our email system if we enter into further communication with you. We may also store your data on a relevant database, depending on the nature of the contract.

20. How long we keep your data and why

1. We may keep your data for up to seven months while the application process takes place. If your application is successful and you decide to join the club, please see the section below.
2. If you decide not to pursue your application, we keep your data for up to 3 months while you finalise your decision.
3. We keep your data on our membership database and email system throughout your membership and for up to seven months following your resignation in case you change your mind.
4. We keep your name and contact details on our financial database and any communications regarding your financial transactions with us for up to 6 years to be compliant with the Companies Act 2006.
5. We keep your data for up to three months after your access period expires so that we can follow up on your experience with you and so we do not have to ask you for these details again if you decide to join the club.
6. If you give your consent, we keep your data on our venue hire database and/or email system for a year after your booking so that we do not have to ask you for these details again when you re-book.
7. Guest lists are disposed of within a month of the event. Visitors’ books are kept for five years.
8. We keep your name and contact details on our donor base and financial database regarding your financial transactions with us and details of your tax status for up to 6 years to be compliant with Companies Act 2006 and HMRC GiftAid regulations. If you are also a member of the club, details of your donations are held on the membership database to claim GiftAid, where appropriate, more efficiently.
9. If you are not appointed, we may keep your recruitment documents for up to 6 months after an appointment has been made in case we want to approach you in relation to other opportunities or to provide feedback on the recruitment process. In certain cases, it may be necessary to retain documents for longer than this for legal purposes. If you are appointed, you will receive an employees’ privacy policy.
10. If you do not pursue your application or you are unsuccessful at the interview, we will delete your details from our system within one month of your (scheduled) interview date. In certain cases, it may be necessary to retain documents for longer than this for legal purposes. If you are successful, you will receive a participants’ privacy policy.
11. If you are not appointed, we may keep your recruitment documents for up to 6 months after an appointment has been made in case we want to approach you in relation to other opportunities or to provide feedback on the recruitment process. In certain cases, it may be necessary to retain documents for longer than this for legal purposes.
12. Nominations Committee minutes are kept for the duration of the charity and for ten years after its dissolution in compliance with the requirements of the Charity Commission and Companies Act 2006
13. We keep your name and contact details on our financial database and any communications regarding your financial transactions with us for up to 6 years to be compliant with the Companies Act 2006.
14. CCTV footage is kept for three months.

21. Who we share your data with and why

1. If you provide your consent to receive our newsletters, we share your data with a third party that manages our mailing lists.
2. When you pay via the website, your data is processed by a third party encrypted payment portal.
3. All transactions are made via the banking system.
4. We have a Cloud-based finance system.
5. If you provide your consent to receive our newsletters, we share your data with a third party that manages our mailing lists.
6. All public event bookings are made via a third-party data processor. They share your name and email with us so that we can ensure that you are allowed access to the event to comply with health and safety regulations and contact you if necessary.
7. If you provide your consent to receive our newsletters, we share your data with a third party that manages our mailing lists.
8. If you have made your donation via the DFS website, your personal data is encrypted and passed to a third-party donation platform for processing.
9. If your donation is made directly to the DSF and you have signed the Gift Aid declaration, we share your name and address with HMRC in accordance with Gift Aid legal requirements.
10. In some cases, employment agencies provide us with CVs and references containing personal details of applicants with us so that we can shortlist for interviews.
11. Previous and existing employers provide us with personal data regarding employment dates and, in certain cases, performance or other relevant information. We only seek references from a previous or existing employer if a job offer (subject to references) is made.
12. Referral agencies provide us with your personal details so that we can consider your application and assess your eligibility.
13. We use a cloud-based database.
14. If you provide your consent to receive our newsletters, we share your data with a third party that manages our mailing lists.
15. If required, we submit your personal details and ID to the Disclosure and Barring Service (DBS England and Wales) for verification in accordance with legal requirements.
16. Your referees provide us with personal data regarding, for example, your employment dates, your performance or other relevant information.
17. If you provide your consent to receive our newsletters, we share your data with a third party that manages our mailing lists.
18. We have a Cloud-based finance system.
19. It is our Health and Safety Policy that we have CCTV at the premises. If there is a criminal incident on the premises, we may need to share relevant CCTV footage with the police so that an investigation can be carried out and/or with our insurers so that we can claim for damages.

Thank you for supporting DSF.