Privacy Policy

1.  Introduction

We want everyone who comes to us for support, donors, our suppliers, our staff, our volunteers and contacts in other organisations to feel confident about how any personal details they share will be looked after and used.

This policy provides information about what information is collected, how it is used and how we take care of it.

We will collect, store and use any information you provide in accordance with the Data Protection Act 1998 and General Data Protection Guidelines 2018 (GDPR). We will try to keep the data as accurate and up to date as possible and will not keep it longer than necessary. In some instances the law sets the length of time information has to be kept, but in most cases Bromley, Lewisham & Greenwich Mind will use its discretion to make sure we do not keep records for longer than necessary.

2.  Information We Collect About You

The core information we will collect will be personal data, some of this may be classed as special category data.

Personal Data

Under the Data Protection Act 1998, Personal Data is defined as data that identifies a living person and/or includes any expression of opinion about that person. Personal data we might collect from you may include basic details such as your name, date of birth, email address, postal address and telephone number. It might also include any information about you in our files relating to any of our services you may have been referred to or accessed.

Special Category Data

Certain data is classified as Special Category Data.  For example, racial or ethnic origin, religious or other beliefs of a similar nature, physical or mental health conditions and sexuality.  

3.  How We Use Your Information

We will use the information you provide us with to carry out our work, which will include, amongst others, the following purposes:

  • to plan and deliver services
  • to create an appropriate person centred support plan in line with your needs
  • to liaise effectively with other services for your benefit
  • to help protect you or others from abuse or harm
  • to help you arrange and receive services when needed
  • so that external regulators, inspectors and funders can check and audit our services and ensure they meet the required standards
  • so that we may review, audit and improve the quality of our services and increase their benefit to you and others
  • so that we can ensure our services are accessible to all parts of society
  • carrying out our responsibilities to staff and volunteers
  • contacting professionals at other agencies regarding referrals and services that we offer.

4.  Sharing of Information

We will share information with other organisations only where we have informed you we will do so, for example with partner organisation, where we are legally obliged to do so, such as HMRC, or where we have gained your consent to do so, such as your GP. Where this is the case, we will inform you.

In certain circumstances, there may be occasions where it is necessary to share information without your consent with other organisations in accordance with BLG Mind policies, common law and the Data Protection Act 1998 as appropriate. For example, in circumstances where disclosure is felt to be justified in the public interest e.g. to protect you or someone else from harm. In these circumstances, the information shared will always be kept to the minimum necessary. If it is not possible to comply with your wishes shown on the agreement our staff will explain what information must be shared and with whom.

5.  Compliance with General Data Protection Regulations (GDPR)

GDPR requires us to have a legal basis for holding your data which we need to communicate to you. For us, this will either be that we have a legitimate interest in holding the data or that we have your consent to hold the data. The privacy notice for each service and area of activity clarifies which this legal basis is.

6.  Security

Keeping your personal information safe is very important to us. We have implemented appropriate physical, technical and organisational measures to protect the information we have under our control from improper access, use, alteration, destruction and loss.

7.  Right to Access

You have a right to request a copy of the information that is held about you. This is known as a subject access request. This right means that, under the Data Protection Act, you can make a request for copies of the information held about you by the organisation.

Subject Access Requests must be made in writing to the Data Controller (email requests are acceptable) and there may be a fee involved.

Once you have satisfied the Data Controller of your identity and any administration fees have been paid the organisation has one month to provide you with the information.

Third party requests, i.e. from insurers or solicitors, must be accompanied by a consent form signed within the last 6 months.

8.  Our Website

This section of the policy explains how we secure and use data relating to the website, what information (referred to as ‘this website’) collects and how the organisation, Bromley, Lewisham & Greenwich Mind (referred to as ‘we’, ‘us’ and ‘our’) uses that information.

9.  Securing Your Connection to our Website

This website uses a SSL (Secure Sockets Layer) security certificate to encrypt and protect connections to and traffic on the website. When you are on this website, in the address bar of your web browser, you should see at least one of the following to confirm the secure connection to this website:

  • A padlock symbol
  • The text ‘https://; before the website address
  • The words ‘Secure’ or ‘Secure Connection’

It is up to the visitor to this website to ensure their computing devices and software are updated to the latest versions to maximise security.

10.     Cookies

This website uses cookies to:

  • help us monitor and understand how people use the website
  • identify returning or repeat visitors
  • manage the security of this website
  • manage people logging in our out of the website.

You can block these cookies using the appropriate desktop and mobile apps for your software and system.

11.     How Visitors use this Website

We use Google Analytics and page tagging techniques to understand how this website is used by visitors.

Find out more what information Google collects, how it uses and protects this information here. The link also provides information as to how you can opt-out of Google Analytics.

Google Analytics and this website can collect information such as:

  • visitor IP address, web browser, device(s) used
  • how people came to our website, time spent on web pages
  • whether a visitor is logged into a restricted part of the website
  • if a visitor has come to the website recently.

This information helps us:

  • make sure our website meets visitor and technological needs
  • know if we are providing information you need or find useful
  • make best use of our charity resources to promote what we do and support people who need our services.

12.     Contacting us via the Website

We can personally identify you if leave a comment, submit a form or click an email link when you use the website. This includes information such as your name, IP address, email address, telephone number and any other information you provide to us. We do try to keep the information we collect to the minimum needed to allow us to respond to your feedback, messages, comments or queries.

13.     Subscribing to Email Notifications, Newsletters and Updates

We offer email subscription to our newsletter, marketing and updates about our services.

We only ask for your first name and email address and you can unsubscribe at any time using the link at the bottom of the emails you receive. The information you provide to us will only be used for the above purposes and not sold or rented to any third party individuals, organisations or companies.

We do use a third party, MailerLite, to provide this service. The company provide a secure service compliant with relevant data protection legislation. In addition to sending the emails, they provide analysis for us such as click rates, open rates, sharing and forwarding of emails received from us. This helps make sure we are providing information that is relevant to people subscribing and measure the effectiveness of our marketing and communications. 

14.     Contact Us

If you would like to know more, or have any concerns about how your information is being processed, or would like to make a subject access request, please contact:

Data Controller
Bromley, Lewisham & Greenwich Mind
Anchor House, 5 Station Road, Orpington, Kent, BR6 0RZ
Tel: 01689 811222

15.     Right to lodge a complaint

If at any time you think there is a problem with the way that we are handling your data you have a right to complain to us through our normal complaints procedure, details of which can be found on our website, or by email to

You may also contact the Information Commissions Office directly at