Privacy policy for Drive webchat for professionals

Why we value your privacy

Your privacy is very important to us. The Drive Partnership wants everyone who comes to us for information and support, to feel confident and comfortable with how any personal information they share with us will be retained after contact or how the data is used. This Privacy Policy sets out how the project will collect, use and store your personal information, we will only collect the minimum of requirements, however this includes information that identifies or could identify you. This information will never be used other than  the reason for which you shared it with us. It will not be shared with any third parties, unless required by law.

The Privacy Policy will be in force for the duration of the project and is subject to change so please remember to check back from time to time. This is version 1.1,  last updated on the 28th of May 2020. Where it is felt necessary to make any changes to this Privacy Policy, we will make this clear on our website.

We are committed to treating you with respect and openness in line with GDPR guidance.

  1.     Who we are
  2.     How we collect information about you
  3.     Information we collect and why we use it
  4.     Legal basis for using your information
  5.     Sharing your Information
  6.     Keeping your information safe
  7.     How long we hold your information for
  8.     Your rights
  9.     Cookies
  10.     Monitoring
  1. Who we are


The Drive Project are committed to protecting your personal information and making every effort to ensure that your personal information is processed in a fair, open and transparent manner.
Drive is a “data controller” for the purposes of the Data Protection Act 1998 and the EU General Data Protection Regulation 2018 and the Data Protection & Electronic Communications Regulation 2019 (UK GDPR). This means that we are responsible for, and control the processing of your personal information.

  • How we collect information about you


The information that you provide is acted upon by project in a confidential manner. The project wants to make sure you receive the most relevant guidance in the context of your enquiry, be it through visiting our website or receiving support and information via our webchat function. The project wants to make sure you receive the  most effective response and will collect information from you in the following ways:

When you interact with us directly: This would be if you register with us for support via the webchat, , ask a question about our services, or otherwise provide us with your personal information. This includes when you have a webchat via phone, visit our website, or get in touch through the post.

When you visit our website: Like most website operators the project will gather general information usually of a non-personally identifying nature, which might include which pages you visit most often, and which services or information is of most interest to you. The website also collects potentially personally identifying information like Internet Protocol (IP) addresses for logged in users and for those users making enquires via the webchat function. This information is visible to our administrators of the website. The Website also uses “cookies” to help our site run effectively. We use this information to personalise the way our website is presented when you visit to make improvements and to ensure we provide the best service and experience for you. You will be asked to consent to use of these cookies when you first access the site. Respect’s websites, with the drawback that certain features of Respect’s websites may not function properly without the aid of cookies

3. Information we collect and why we use it

Personal Information
Personal information we collect includes details such as your name, email address, business address, telephone number, as well as information you provide in any communications between us. You will have given us this information whilst using the webchat function or by any of the other ways to interact with us. When we store information in our own systems, only the people who need it have access. Individual employees have access to only what they need to do their job.

We will mainly use this information:
• To provide the services that you have requested.
• To update you with administrative messages about the services you have accessed

• To keep a record of your relationship with us and advice offered.

If you do not provide this information, we will not be able to provide the services you have requested.

Sensitive Personal Information
If you share your personal experience or the experiences of a third party service user, we may also collect this sensitive information. If you provide us with any Sensitive Personal Information by webchat, telephone, email or by other means, we will treat that information with extra care and confidentiality and always in accordance with this Privacy Policy and all relevant data protection legislation.

A special note about the Sensitive Personal Information we hold

If in consultation sensitive information is disclosed, under Data Protection Law the project recognises that some categories of personal information are more sensitive. Sensitive Personal Information can include information about a person’s health, race, ethnic origin, political opinions, sex life, sexual orientation or religious beliefs. This will be treated in line with the Privacy Policy.

We will only use this information:
• For the purposes of dealing with your enquiry, quality monitoring or evaluating the services we provide. The project is time limited and it is our intention to clearly outline our retention policy.
• We will not pass on your details to anyone else without your permission except in exceptional circumstances. Examples of this, but not limited to, include practice concerns about reporting serious self-harm or posing a threat to others or children contacting us and sharing serious issues such as physical abuse or exploitation that are not being acted upon.

4. Legal basis for using your information


There are lawful reasons that allow us to process your personal information and one of those is called ‘legitimate interests’. This means that the reason that we are processing information is because there is a legitimate interest for the project and its remit to process your information to help us to achieve our vision of ensuring that professionals are assisted in managing high harm perpetrator’s ensuring victims also receive both support and respect.

Whenever we process your Personal Information under the ‘legitimate interest’ lawful basis we make sure that we take into account your rights and interests and will not process your personal information if we feel that there is an imbalance.

By contacting our service we also recognise the ‘implicit’ consent with you to engage any safeguarding or statutory duty compliance requirements due to the risks posed of high harm perpetrators.

Some examples of where we have a legitimate interest to process your Personal information are where we use your personal information for data analytics, conducting research to better understand who use our services, improving our services, for our legal purposes (for example, dealing with complaints and claims), or for complying with guidance from the Charity Commission.

5. Sharing your Information
The personal information we collect about you will only be used by our paid staff. Personal data may also be visible to IT support staff in the process of fixing technical errors.

We will never sell or share your personal information with organisations so that they can contact you for any marketing activities. Nor do we sell any information about your web browsing activity.

Contractors employed by the project for infrastructure purposes including to service equipment etc. are required to comply with Data Protection Laws and we ensure that they have appropriate controls in place to secure your information.

Legal disclosure:

We may disclose your information if required to do so by law (for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority); or, in order to enforce our conditions and other agreements. Where appropriate, we will inform you.

6. Keeping your information safe


The security of your information is taken very seriously. We’ve implemented appropriate physical, technical and organisational measures to protect the personal information we have under our control, both on and off-line, from improper access, use, alteration, destruction and loss.

The project will store your chat transcript or email advice request within a closed case management system; this is kept in line with Drives retention Policy to comply with Safeguarding Insurance Regulations. The information is stored on an online system run by Respect.

As with any technology unfortunately, the transmission of information using the internet is not completely secure. The project has taken all necessary requirements with firewalls etc, we store passwords via encrypted password platform. Although we do our best to protect your personal information sent to us this way, we cannot guarantee the security of data transmitted to our site.

Our website may contain links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. This privacy statement does not cover the information practices of those websites.

7. How long we hold your information for
We only keep it as long as is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations.

Any information relating to safeguarding maybe required by our insurers to be retained in accordance with our insurance policy. Please request details if required.

8. Your rights


You have various rights in respect of the personal information we hold about you – you can make a subject access request and details are available here: and are set out in more detail below. If you wish to exercise any of these rights or make a complaint, you can do so by contacting ?

You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office, https://ico.org.uk/concerns 

• Access to your personal information: You have the right to request access to a copy of the personal information that we hold about you, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making. You can make a request for access free of charge. Please make all requests for access in writing and provide us with evidence of your identity.

• Right to object: You can object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. Please contact us as noted above, providing details of your objection.

• Consent: If you have given us your consent to use personal information, you can withdraw your consent at any time.

• Rectification: You can ask us to change or complete any inaccurate or incomplete personal information held about you.

• Erasure: You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.

• Portability: You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.

• Restriction: You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.

• No automated-decision making: Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless you have given us your consent, it is necessary for a contract between you and us or is otherwise permitted by law. You also have certain rights to challenge decisions made about you. We do not currently carry out any automated decision-making.

Please note, In accordance with the Data Protection Act 2018, we may not be able to uphold all of these rights in all circumstances.

9. Cookies
‘Cookie’ is a name for a small file, usually of letters and numbers, which is downloaded onto your device, like your computer, mobile phone or tablet when you visit a website.

They let websites recognise your device, so that the sites can work more effectively, and also gather information about how you use the site. A cookie, by itself, can’t be used to identify you.

How do we use cookies?
We use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you come to our website and also allows us to improve the user experience.

The cookies we use
We use the categorisation set out by the International Chamber of Commerce in their 

UK Cookie Guide.

No cookies, please
You can opt out of all our cookies (except the strictly necessary ones).
But, if you choose to refuse all cookies, our website may not function for you as we would like it to.
If you have any questions about how we use cookies, please contact us.

10. Monitoring
Your communications with our teams (including by telephone or email) may be monitored and/or recorded for training, quality control and compliance purposes to ensure that we continuously improve our customer service standards.

To find out more about this policy and how we look after your personal information, contact our team on info@driveproject.org.uk.

Changes to the policy

If we change the contents of this policy, those changes will become effective the moment we publish them on our website.