bpha is committed to safeguarding your rights to confidentiality. We will ensure that we treat your personal information lawfully and correctly in accordance with your rights under the Data Protection Act 1998.

The Data Protection Act

The Data Protection Act 1998 is designed to protect your personal data and sets rules for processing this information. The Act states that those who record and use personal information must be open about how the information is used and must make sure it is handled properly, and information about you must be:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to countries outside the European Economic Area without adequate protection

By law, we are required to keep to these principles.

What information do you hold about me?

The information that we hold on our records is usually related to you as a resident. We only collect information that we genuinely need and once the information is no longer necessary it is securely disposed of. Types of information we hold may include:

  • Name
  • Address
  • Telephone numbers
  • Present, previous and forwarding addresses
  • Gender
  • Date of birth
  • Next of kin
  • Marital status and members of your household
  • Rent payment details
  • Bank details
  • Housing benefit
  • Employment details
  • National Insurance number
  • Health and care details and issues
  • Disabilities
  • Ethnicity, culture or religion
  • Anti-social behaviour, violence and criminal activities
  • Complaints

At times we may hold other information about you, but we only do this for specific purposes. We will try to keep your information accurate and up to date and not keep it for longer than is necessary. However, in some instances the law sets the length of time information has to be kept.

Why do you hold this information?

We keep this information so we can provide the services you need including repairs, maintenance, rents, transfers, sales and anything to do with your tenancy and property. This information helps us to:

  • Plan, develop and provide services
  • Assist residents who have told us about specific needs
  • Deal with your account(s), including payments, grants and benefits or run any other service we provide to you
  • Manage applications made by you
  • Provide a helpful and efficient response when customers ask for help and advice
  • Deal with complaints
  • Fulfil our legal obligations

A lot of this information is held on computer but we also keep information in paper filing systems and may share relevant information with our contracting partners, who share our confidentiality policy.

How do you look after my details?

Along with the Data Protection Act, it is bpha policy to not disclose the information you provide to any unauthorised person or organisation. However, if it is appropriate we will use the information to carry out our functions and services.

  • We will keep your information as up to date as possible – you can help by letting us know of any changes
  • We will not keep your information any longer than we need it
  • All records are kept securely
  • Interviews with residents are carried out in private
  • If you telephone our offices to ask about personal matters (including rent) we will ask you security questions to prove your identity
  • Information is only given to our staff and agencies on a need to know basis

Sometimes we may have to share information for legal reasons for example to the police, Benefits Agency and other landlords, or if it is related to anti-social behaviour, crime or fraud.

If you would like to authorise someone to access your personal data and act on your behalf, please complete a consent form in full and return to bpha. You can download the consent form at the bottom of this page. If you wish to withdraw this permission you must notify us in writing.

How are my details stored?

We will store your details securely using:

  • Filing cabinets kept in secure office accommodation
  • Secure computer systems. Any records held electronically will be protected by appropriate security arrangements that prevent unauthorised access

How can I find out what information you hold about me?

The Data Protection Act allows you to find out what information we hold about you and correct any mistakes.

If you would like to do this you can download the subject access request form at the bottom of this page or call us on 0330 100 0272 for a form. We will ask you to provide proof of identity before disclosing any information.

Complete the form in full and return it to:

Data Protection Officer
bpha Limited
Bedford Heights
Manton Lane
MK41 7BJ

We reserve the right to charge a £10 administration fee.

What will you send to me?

  • We will acknowledge receipt of your request. If we require further information or fees, we will request these before proceeding.
  • We will provide you with a copy of the information you have requested within 40 days of receiving your completed application and supporting documents. You may be invited to view the data at one of our offices if we are unable to send it.
  • In some circumstances we can refuse to disclose some information, if this is the case it will be explained to you.

Please note that your right to see certain information may be limited. For example, if it may affect a police investigation or a criminal prosecution then we are not permitted to disclose the information to you.

Can I appeal?

If you believe our records are inaccurate, you can write to us, asking for them to be amended.

If you believe we have unfairly withheld information or unfairly refused to amend our records, you can make a complaint using our standard complaints procedure.

Alternatively you can contact the Information Commissioner’s Office.

Related links

Please complete the consent form for access to personal data by a third party found here. If you would like to authorise someone to access your data and act on your behalf. If you wish to withdraw this permission, you must notify us in writing.

Use our subject access request form to make a request to find out what information we hold about you.

See also our website terms of use page.