Login Register

You are in:

Social housing tenants


Social Housing Tenants Privacy Notice

Southern Housing Group (the Group) is a registered Housing Association with the Regulator of Social Housing (the HCA) and is one of Southern England's largest Housing associations providing more than 27,000 homes for over 72,000 people. Whether it's traditional social housing, shared ownership, affordable rent, private market rent, or outright sales, we offer a range of services to communities across the South East of England.

We also work with our customers and in communities to provide activities, information, and advice that improve the neighbourhoods our customers live in and their individual lives.

Southern Housing Group is registered at Fleet House, 59-61 Clerkenwell Road, London EC1M 5LA.

Why do we process your personal data?

During the provision of our services to you, we will collect and process your personal data from time to time for specific purposes (these are called lawful bases). Southern Housing Group does so in order to:

  1. Assist in letting a home or property to you. (Lawful Basis: Contractual)
  2. Manage your tenancy agreement (Lawful Basis: Contractual)
  3. Provide property maintenance services, billing and collection of rent (Lawful Basis: Contractual)
  4. Help prevent fraud (Lawful Basis: Contractual, Legal Obligation)
  5. Conduct a yearly gas safety check (Lawful Basis: Contractual)
  6. Manage complaints, instances of anti-social behaviour and safeguarding issues. (Lawful Basis: Contractual)
  7. Conduct statutory safety checks (Lawful Basis: Legal Obligation)
  8. Monitor and identify your needs for support services. (Lawful Basis: Contractual)
  9. Facilitate tenancy transfers. (Lawful Basis: Contractual)
  10. Respond to MP enquiries (Lawful Basis: Contractual), public interest)
  11. Process insurance claims, and council enquiries. (Lawful Basis: Legal Obligation, Contractual
  12. Provide and assist in mutual exchanges (Lawful Basis: Contractual)
  13. Respond to request for a Sole to Joint Tenancy or Joint to Sole Tenancy  (Lawful Basis: Contractual)
  14. Perform customer satisfaction surveys in order to help improve our customer service. (Lawful Basis: Legitimate Interest)
  15. Consult with you about regeneration works. (Lawful Basis: Legitimate Interest)

The purpose of processing your personal information is to deliver contractual obligations, comply with UK Legal Obligations and is within our legitimate business interests to improve customer service, achieve our social objectives and improve living conditions for all our customers.

What types of personal data do we process?

We do not intend to hold more personal data than what we need to in order to perform the purposes outlined above. Personal data falls into three categories:

  • Personal data: information that can be used to identify you
  • Special category personal data: information that can be used to identify who you are, in terms of your preferences and history
  • Sensitive data: Information that is particularly sensitive, such as financial details, criminal history or information relating to children.

Such as the categories of personal data we process about you can include:

Personal Data

Special Category Personal Data

Sensitive Data
  • Name
  • Gender
  • Contact details, e.g. phone number, physical address, email address
  • Date of birth
  • Marriage and Divorce Certificates.
  • Family Details
  • Household members information
  • Curriculum Vitae (CV Information
  • First Language
  • Medical history, health information or mental health information.
  • Lifestyle information such as ethnicity, sexual orientation, religion or political views.
  • Passport information or other proof of right to work in the UK as well as immigration status
  • Photos, CCTV images or voice recordings.
  • Financial and financial planning information including benefit, debt information, bankruptcy national insurance number.
  • Employment status
  • Criminal history information CCJs or DBS checks
  • UDC alerts
  • Support needs
  • Safeguarding issues.

 

From time to time we may use other information which may be reasonably expected in order for us to provide our services.

Who do we share your personal data with?

In order to provide our services, from time to time we may share your data with third parties such as Utility Companies, Local Authorities, Social Services, Debt Collection Agencies, Benefit Agencies, Repairs Contractors and Sub-Contractors (e.g Wates Living Group, United Living, TSG, K&T), Health Care Providers (e.g. Occupational Therapists, GP Services), Previous Landlords (e.g. Hyde Housing, Clarion, Catalyst, Private Landlords, Local Authority Housing), Emergency Services (Ambulance Services, Fire Brigade and Police), Estate Agents (e.g. Rightmove, HomeSwapper), Employment Check Services (e.g. Rentshield), Insurance and Claims Control Companies (e.g. Alphatec, Zurich, ZM Insurance, AJGH insurance portal), Data Warehouses (e.g. Iron Mountain), Information Technology Support Services (e.g Microsoft, Boomi, ActiveHousing, Mobysoft) and any other company or organisation who you would reasonably expect us to get information from. 

Most information we hold will be collected from you directly, however we may from time to time collect information from third parties such GPs, social workers, members of your family, courts, police, social services, mental health teams, neighbours, members of the public, schools, employers, the National Anti-Fraud Network and other agencies.

We analyse information about the services and information we provide. We may also use information for other purposes, which we would describe to you at the point when we collect the information.

Automated Decision Making and Profiling

Southern Housing Group utilises a piece of Software called RentSense in order to help us prioritise customers in need of support with arrears. RentSense is a piece of algorithmic prioritisation software provided by Mobysoft, a UK based software designer.

The Group sends data to Mobysoft for processing by RentSense, and as such the Group is the Data Controller, and Mobysoft the Data Processor.

While RentSense will help us create profiles for those in need of support, the Group does not believe that these profiles, or the use of RentSense, will have a legal or significantly similar effect on you as a customer.

How do you protect my data?

We take our data protection responsibilities seriously and want to keep you informed about how we use your data. As such:

  • The Group maintains policies and procedures to ensure information is secure when stored and used internally, or when sharing data with a third party, including our information security policy, data breach procedure, and procurement and contracting procedures.
  • Personal data is only shared with other organisations or agencies under appropriate contractual arrangements, or with an individual’s consent, unless there are exceptional circumstances.
  • The Group requires third parties to have adequate organisational and technological security measures in place to ensure data integrity and confidentiality.
  • The Group regularly trains all employees in their responsibilities in relation to data protection and security of data, to ensure high levels of awareness and understanding amongst staff.
  • The Group verifies the identity of all customers and their designated representatives when they contact us.
  • The Group has a clear procedure to follow if a data breach is suspected or occurs, which ensures the appropriate steps to notify the ICO, inform the data subject and work to manage the consequences of any breach take place in a timely way.
  • Wherever possible we use anonymised data (where you can no longer be identified as an individual). In this instance, the data no longer falls within the scope of UK GDPR (2021) and the DPA (2018).

Unless otherwise stated, data is held for a minimum period of time and will be subject to review. We will hold the information in accordance with the Group’s data standard retention schedule.

Your rights in relation to your data

The UK GDPR outlines certain rights that individuals have in relation to how companies process their personal data. These Individual’s rights are:

  • You have the right to access your personal data. You may request a copy of the personal data we hold that relates to you verbally or in writing.
  • If information we hold about you is incorrect or misleading, you may request that the information be corrected.
  • You have the right to be informed about the collection and use of your personal data
  • You may request us to delete personal data relating to you, in certain circumstances where your data does not restrict us from meeting our legal obligationsYou may request restriction of processing in certain circumstances.
  • You may object to us processing your data.
  • You have the right to request your personal data transmitted directly from us to another Controller, where technically feasible.
  • You have the right to request human review of any automated decisions made about you (including profiling), if said decision or profiling will have legal or similarly impactful effects on you.

When data is anonymised and you are no longer identifiable as an individual, the data no longer falls within the scope of the UK GDPR and Data Protection Act.

To get in touch about these requests, please contact data.protection@shgroup.org.uk. We endeavour to deal with your request without undue delay, and usually within one month. Please note that we may keep a record of your communications to help us resolve any issues that you raise.

Questions about the way we use your personal data or the way in which we respond to your request to exercise your data protection rights, can be sent to the SHG Data Protection Officer at data.protection@shgroup.org.uk.  You also have the right to lodge a complaint with a supervisory authority, such as the Information Commissioner at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.