Protocol for Storing & Sharing Information on the H&F Housing Get Involved Hub
This guide is for residents and officers who use the Get involved Hub.
Purpose of the Hub
The purpose of the hub is to be a shared location for the storage of information, to share ideas, news and updates and to offer learning and development opportunities.
This guide focusses on the uploading and storage of information on the Hub.
Each service improvement group, forum, Tenants & Residents Association (TRA) and resident group has their own dedicated section of the Hub. Access to each of these sections is controlled by the Resident Involvement Team, so that only members of a specific improvement group or TRA can access their relevant pages. Users can request access to pages and a decision is then taken to allow access based on relevance and need.
The idea of the Hub is to provide a quick link to relevant documents, saving the need to trawl through endless emails or to keep lots of paper copies. Some examples by group are listed below:
Service Improvement Group of Forum
- Updated forward plan
- Meeting papers
- Presentations from meetings
- Updated forward plan
- Workshop brainstorming notes
- Agreed priorities for work areas
- Success stories
- Hall or room PLI insurance for the year
- Funding bid applications
- Work plan AGM minutes
- Audited accounts
- Other project documents (e.g. Ashcroft Square Ingka Group letters, FAQs etc..)
It is envisaged that when the Hub sections are used more fully it will aid the retention of relevant information and handover to a future Chair or committee and be a useful reference point for members to use as and when necessary
When the Hub was being developed, it was on the basis that the amount of personal data that was stored on the site would be kept to a minimum and that the amount of personal data that was provided was always decided by the individual it relates to. For example, there is an optional Profile page and when users register we only ask them for their name and email address and to create a user name. We don’t ask for phone numbers or addresses.
This principle of minimal personal details being stored on the Hub needs to be maintained in terms of the uploading and storage of documents, but we recognise for the site to be fully used there will need to be a level of discretion and judgement at all times. Some examples are below:
- Bank statement or insurance certificate may have the committee member’s name or address listed on the document. The person uploading this document must either be the person listed on the document, or have sought permission before uploading it
- Funding bid may have a named contact with address and contact details, or signatures at the end of the application. As above re permission
- Meeting minutes may have names and block/estate names for attendees.
What should not be uploaded to the Hub:
- Registration forms with multiple names, addresses and contact details
- Petitions with lists of signatures
- Bank statements for TRAs
- Photos of individuals
- Emails between individuals
We ask that users “self-police” and follow these guidelines. The site will be regularly moderated by the Resident Involvement Team
In line with guidance already in place, financial information will be stored for a period of 6 years on the Hub (Click here to view LBHF Data Protection and Information Sharing Protocol for Tenants & Residents Associations) . Non-financial information will be kept for as long as is necessary, but also not longer than 6 years.
This guidance will be reviewed periodically and updated where required.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Visitor comments may be checked through an automated spam detection service.
We respect your privacy and your right to confidentiality. And we’re committed to following the Data Protection Act.
We keep your private information secure. Only staff and third parties who are entitled to see the information, have access to it and they can only use it for the purposes stated.
Service providers are contracted to provide certain services on our behalf and where appropriate we have information-sharing protocols and agreements in place to protect your data.
We will do our best to keep information about you accurate and up-to-date, and would like you to do the same.
When we no longer need to keep information about you, we will dispose of it in a secure manner.
- to give you the best service by making sure we contact you when you need us to (for example, we will send our online account holders regular emails updating them on council services)
- to upgrade the systems we use to process your information
- to make sure that public (taxpayers’) money is spent wisely and efficiently
- to avoid people being paid money to which they are not entitled
- to avoid having to ask people to pay money back when it has been paid to them incorrectly
- to reduce fraud and for efficient law enforcement, regulation and licensing, criminal prosecutions and court proceedings.
It is important to us that we properly coordinate what we do for you. As a result, when you tell us that you are moving address or changing your name, we will try and make it as easy as we can for you. We will try to keep your name and address up to date in all our records.
Shared services, shared information
We share some services with Westminster and Kensington and Chelsea councils. To work effectively and give you a high standard of customer service, some of your personal information will be shared across the councils. The partnership will collect, use, share, protect and dispose of your personal data in full compliance with the Data Protection Act.
IP (internet protocol) addresses
We monitor the number of visitors to our website and collect IP addresses through our system of continuous review. However, we don’t use this information to identify individuals.
Use of personal information
You can find more information about how we use personal information in our entry in the Information Commissioner’s Office register of data controllers. We renew this annually and update it whenever we are going to use personal information in a new way. Our Registration Number is Z5124889.
We have strict security measures to prevent the alteration, loss or misuse of information on our computers. Our online payments are subject to the tightest security under our control.
If you would like to know more, including about how we look after your information, please see our information charter or contact the information management team (contact details can be found at the bottom of our data protection page).