Lench’s Trust is committed to protecting your privacy and complying with the Data Protection Act 1998

This policy set out the basis by which we collect, use and disclose the personal data of our Employees, as well as your rights in respect of such Personal Data.

We may update this Privacy Notice from time to time and will publish an up to date copy of the Privacy Notice on the company website. www.lenchs-trust.co.uk


Why a Privacy Notice

Under the EU General Data Protection Regulation (GDPR) a privacy notice must be supplied to the individual at the time they provide you with their personal data. The GDPR says that the information you provide to people about how you process their personal data must be:

  • concise, transparent, intelligible and easily accessible;
  • written in clear and plain language;
  • free of charge.

The GDPR defines personal data as the following:

“Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”

“Special categories” of personal data (sensitive personal data) relate to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.


Why we collect Personal Data?

We collect and use residents information in compliance with Article 6(1) and Article 9(2)(b) of the General Data Protection Regulation (GDPR), as the collection and processing of data is necessary for the performance of the organisation’s duties as defined in the Object of the Charity and in the Letter of Appointment to the Beneficiaries of the Charity.


What type of Personal Data do we collect?

We may collect the following types of Personal Data

  • Personal information (such as name, national insurance number, contact details and Lasting Powers of Attorney )
  • Characteristics (such as ethnicity, language, nationality and country of birth)
  • Financial information (such as regular income, savings, outstanding debts and benefits)
  • Care Support Plans (including Do Not Resuscitate notices)
  • Care Plans (for residents receiving a personal care service from Lench's Trust)
  • Relevant medical information


Collecting residents’ information

Whilst the majority of the information you provide to us is mandatory, some of it is provided to us on a voluntary basis. In order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain information to us or if you have a choice in this.


Using the information we keep about you

We may use your personal data in the following ways:

  • to assess their suitability as beneficiaries of the charity;
  • to monitor the residents’ welfare and wellbeing;
  • to support their status as recipients of housing benefits and/or any other benefits;
  • to assess the quality of our services
  • to liaise with other agencies, especially social and health care, to help them maintain independent, meaningful lives and, if and when required, help them relocate in more suitable settings.


 Storing your Personal Data

Lench's Trust keeps information about you on computer systems and also sometimes on paper and we hold your records securely.

Your records will be retained for six years after the date of the last entry, after which they are safely destroyed.

There are strict controls on who can see your information. We will not share your data if you have advised us that you do not want it shared unless it is the only way we can make sure you stay safe and healthy or we are legally required to do so.

With your permission we may share information with:

  • The Housing Benefit office;
  • GPs and their primary care teams;
  • Social Services;
  • Safeguarding Teams;
  • The Care Quality Commission;
  • The police

Why we share information

We do not share information about the beneficiaries of the charity with anyone without consent unless the law and our policies allow us to do so.

We have robust processes in place to ensure the confidentiality of our data is maintained and there are stringent controls in place regarding access and use of the data. Decisions on whether we release data to third parties are subject to a strict approval process and based on a detailed assessment of:

  • who is requesting the data
  • the purpose for which it is required
  • the level and sensitivity of data requested
  • the arrangements in place to store and handle the data


European Economic Area

We will not share your information outside of the EEA for any reason


Your rights

Under data protection legislation you as “the resident” have the right to request access to the information that we hold about you at any time by contacting The Data Protection Officer – Mr Jean-Luc Priez, Head Office, William Lench Court,80 Ridgacre Road, Birmingham B32 2AQ, or by email to: [email protected]


 You also have the right to:

  • object to processing of personal data that is likely to cause, or is causing, damage or distress
  • in certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • claim compensation for damages caused by a breach of the Data Protection regulations


If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at https://ico.org.uk/concerns/


If you would like to discuss anything in this privacy notice, please contact the Chief Executive as detailed above.



The security of your Personal Data is very important to us.

We will ensure that we have in place appropriate technical and organizational measures to prevent unauthorized or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to personal Data.


How to make a complaint


If you are unhappy with the way in which your personal data has been processed you may in the first instance contact the Chief Executive using the contact details above.


If you remain dissatisfied then you have the right to apply directly to the Information Commissioner for a decision. The Information Commissioner can be contacted at: -

Information Commissioner’s Office
Wycliffe House,
Water Lane,