Privacy Policy


1. Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the Data Protection, Privacy and Electronic Communications Regulation 2019 (UK GDPR) and the Data Protection Act 2018 (DPA).

2. Who are we?

The Dash Charity is a member of the Women’s Aid Federation for England (WAFE). Dash is also a company limited by guarantee. We have been providing safe emergency accommodation in Slough and Windsor & Maidenhead for women and their children escaping Domestic Abuse (DA) for over 40 years.

We have been commissioned to provide a range of Domestic Abuse services under contract to RBWM Council. Our services currently comprise places of refuge for women and children who have experienced or are at risk of DA, a community-based advocacy service with helplines for victims and professionals, development programmes and training and a volunteer programme.  We work collaboratively with local and regional agencies and other relevant organisations to achieve our aims and strategic objectives.

3. What personal data do we collect from you and where do we collect it from?

Personal information is any information that can be used to identify you. We will only ever collect the information we need to fulfil our purposes.

We collect information from:

  • referral forms into our organisation in order for us to support you
  • referral from Multi-Agency Panels overseeing the response to you in regards to either Safeguarding, Safety or Risk
  • Through the application process for recruiting our staff and volunteers

Sensitive /special categories of data: Data Protection regulations recognise that certain categories of data are sensitive. They include: racial or ethnic origin, political opinion, religious or philosophical beliefs, health or sexual orientation. We do not collect sensitive data unless there is a clear reason for doing so, but we do collect as a matter of course to help inform the support that you require when it is shared in the above ways.

 Children’s data: The Data Protection regulations recognise the importance of protecting children’s data. This is important to us at Dash. Where we collect data for children under 13 (within our Children and Young People’s Service in the refuge) we will ask the permission of parents or guardians.  For those children over 13 we will seek permission from them direct.

4. How do we process your personal data?

We use your personal data for the following purposes: –

  • To enable us to provide a service to you and your children if you are experiencing Domestic Abuse.
  • To fundraise and promote the interests of the charity;
  • To manage our employees and volunteers;
  • To maintain our own accounts and records (including the processing of gift aid applications);
  • To have measures in place to keep you safe and secure

5. What is the legal basis for processing your personal data?

We rely on a variety of legal bases for processing personal data depending on the purpose of the activity/service being undertaken.

 (a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose. – this covers all our work as all our clients give us consent to hold their data when we start working with them

(b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.  – this covers our short term work

(c) Vital interests: The processing is necessary to protect vital interests of the data subject. For example, subjects who are unable to make decisions in the best interests of their health. – Safeguarding and high risk clients

We use compliance with a legal obligation as the basis of processing for any legally required activities such as HMRC’s requests for information in response to gift aid audits.  We use contracts as a basis for many of our obligations under employment, social security or social protection law for our staff.

 We follow the following code of practice:

  • Code of Practise for Surveillance Cameras and Personal Information ICO
  • Fundraising Code of Practise

6. Sharing your personal data

We never share your data for other organisations to use for their own purposes.   We share information with your consent, with other agencies involved in your support.  We may share information with other agencies if we feel that your safety or the safety of your children is at risk (vital interests)

 We do share data where we are under a legal obligation to do so (for example Gift Aid audits by HMRC).

 Within Dash, your personal data will be treated as strictly confidential and will only be shared with other members of staff of volunteers to carry out a service to you.  All those who have access to your data, go through a robust recruitment process, are enhanced DBS checked and have on-going training in regard to confidentiality and data security.  All information in regards to our clients who use our service are stored on a secure database provided by Oasis called On-Track.

7. How do we store your Personal data and keep it safe?

Due to the nature of our work and the high importance we place on safety and security, the Trustee’s of Dash comply with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.   

8. How long do we keep your personal data?

We keep data in accordance with the guidance in regard to how long we keep information and have in place a Retention Policy and Guidelines (copy can be requested from Dash).

Where your information is no longer required we will ensure that it is disposed of in a secure manner.

9. Your rights and your personal data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: –

  • The right to request a copy of your personal data which Dash holds about you;
  • The right to request that Dash corrects any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary for Dash to retain such data;
  • The right to withdraw your consent to the processing at any time
  • The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability),
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data, (where applicable)
  • The right to lodge a complaint with the Information Commissioners Office.

In some circumstances, The DASH Charity will be unable to uphold and acknowledge some of the rights listed and in accordance with the Data Protection Act 2018 such as;

  • The right to be informed;
  • The right of access;
  • The right to be forgotten; and
  • Complying with the principles

10. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

11. Transferring data outside of the UK

Where data is transferred from the UK to an EEA Country or to a third country, [We] will ensure such transfers are protected by suitable and appropriate safeguards such as Standard Contractual Clauses (SCCs). Where necessary and subject to an assessment of risk, the use of such SCCs will be on a case by case basis. 

12. Contact Details

To exercise all relevant rights, queries or complaints, please in the first instance contact our Data Protection Officer: Kiran Pathak, Finance & Governance,

 You can contact the Information Commissioners Office on 0303 123 1113 or via email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.