Believing in accessibility for all

Privacy policy

We are committed to protecting your privacy and security. This policy explains how and why we use your personal data, to ensure you remain informed and in control of your information.

We will never sell your personal data, and if we share your personal data, it will only ever be with our partner organisations where necessary to provide services, and only then if we are certain that its privacy and security are guaranteed.

It’s important that you read the full policy to understand what information we hold, how we may use it, and what your rights are – but if you don’t have time to read it all now, here’s a quick summary:

  • we collect information that is either personal data (see section 3) or non-personal data (such as IP addresses, and website pages accessed)
  • we collect information about tenants, leaseholders, housing applicants and employees
  • we collect and use your personal data for several reasons, this depends on how you interact with us and we only collect the information that we need or that would be useful to us in providing the best possible service (see section 2)
  • we do our very best to keep personal information secure (see section 6)
  • we never sell your data and we will never share it with another company or charity for marketing purposes
  • we will not share your data, unless we are required by law or to organisations we work with where necessary to provide our services, and only then provided that the privacy and security of data is guaranteed (see section 4)
  • our website uses cookies – for more information check our cookies policy (see section 11)



1. Overview

We collect, hold and process personal information about our customers and employees to allow us to provide social housing accommodation and services.

We also process personal information using CCTV systems to monitor and collect visual images for the purpose of security and the prevention and detection of crime.

This privacy notice tells you what to expect when the organisation processes your personal information, how it is used, shared and secured.

Your privacy is important to us and we are therefore committed to handling your personal data in accordance with the provisions of the Data Protection Act 2018, General Data Protection Regulation 2016/679, and any subsequent changes to data protection legislation.

Data Controller: Wolverhampton Homes
Data Protection Registration Number:  Z9185149
Data Protection Officer: Nicky Devey
To access information held about you:

2. Why we process data

We collect and use your personal data for several reasons, this depends on how you interact with us.

Some of the reasons are things we must do by law/under our statutory obligations, such as:

  • allow us to submit data as required to national central public bodies i.e. HM Revenues and Customs, Health and Safety Executive
  • make sure we meet our statutory obligations including those related to diversity and equalities
  • crime prevention, national and local fraud initiatives, prosecution of offenders including the use of CCTV.
  • safeguarding vulnerable children and adults
  • where relevant Data Protection legislation allows us to process data (Data Protection Act 2018) (General Data Protection Regulation 2016/679)
  • corporate administration and all activities we are required to carry out as a data controller and public authority


Some of the reasons will be to provide a range of services to local people and businesses, which include:

  • letting, renting and leasing properties
  • administering waiting lists
  • administering housing and property grants
  • supporting and managing your tenancy
  • supporting and managing our employees, agents and contractors
  • update your customer record
  • maintaining our own accounts and records
  • supporting and managing our employees
  • carrying out health and public awareness campaigns
  • managing our property
  • administering the assessment and collection of taxes and other revenue including benefits and grants
  • licensing and regulatory activities
  • the provision of all non-commercial activities including estate management, concierge services
  • internal financial support and corporate functions
  • managing archived records for historical and research reasons
  • data matching under local and national fraud initiatives
  • understanding what we can do for you and informing you of other relevant services and benefits


Some of the reasons will be because you have signed up to receive a service the organisation offers or given your consent for us to use your details so that we can:

  • understand your needs to provide the services that you request
  • carry out surveys and getting your opinion on our services
  • undertake research

We may not be able to provide you with a product or service unless we have enough information, or your permission to use your information. We aim to keep your information accurate and up to date.

3. Categories of data we collect

We will need to collect your personal or special category data of a more sensitive nature, to deliver some of our services. This may be based on a legal requirement for us to provide a service, or it may be a service you have signed up for (consented to).

No more information will be collected than is required to deliver that service. Types of personal information we may collect about you may include:

  • personal details (name, date of birth)
  • identification numbers (e.g NHS number, National Insurance Number)
  • family details
  • lifestyle and social circumstances
  • goods and services
  • economic / financial details
  • employment and education details
  • housing needs
  • visual images, personal appearance and behaviour
  • CCTV images
  • Business activities
  • Case file information 
  • Birth/death data provided by/to the office of national statistics


Special categories of data (also known as sensitive personal information), that we may hold about you include:

  • physical or mental health details
  • social care needs 
  • racial or ethnic origin 
  • trade union membership 
  • political affiliation 
  • political opinions 
  • offences (including alleged offences) 
  • religious or other beliefs of a similar nature 
  • criminal proceedings, outcomes and sentences
  • genetic or biometric data
  • sex life or sexual orientation

Equalities information

We may use some information for statistical reasons about the population of the city and the take up of organisation services by various groups. This is to help comply with our legal obligations and to plan the provision of future services. This analysis will not identify individuals nor will it have impact an individual’s entitlement to organisation services and facilities. This could include:

  • ethnic background
  • first language
  • gender
  • sexual orientation
  • age 

4. Who your data is shared with

To provide services

Your personal information may be shared with internal departments or with external partners and agencies, including charities involved in delivering services on our behalf which you have consented to using. They will only have access to your information on a need to know basis, and your privacy and the security of the information is assessed when a new sharing partner is identified. Examples are:

  • other local authorities
  • contractors and partner agencies
  • providers of goods and services
  • local and central government
  • ombudsman and regulatory authorities
  • licensing authorities
  • health bodies
  • partners that are part of national or regional improvement projects

We also share information with third party organisations such as insurers, solicitors who are acting on your behalf. This is usually done with your consent, unless there is a legal reason (as below) to share without your consent.

To comply with the law

We may also provide personal information to third parties, this may be in cases where it is necessary to do so, to comply with the law or where permitted under Data Protection legislation (Data Protection Act 2018) (General Data Protection Regulation 2016/679).

Examples of third parties who we may share your information include (but are not limited to):

  • health bodies (NHS Trusts, GPs)
  • the police
  • regulatory bodies such as the Department of Work and Pensions
  • Care Quality Commission
  • courts, prisons
  • other local authorities

We put agreements in place with partners we share with, to ensure we all protect your data properly and are only sharing the minimum amount of data we need to, to provide you with a service. Where we need to share sensitive or confidential information such as medical details, we will do so only with your permission or where we are legally required to. We may share information to prevent risk of harm to an individual, for example in the case of safeguarding.

The detection and prevention of fraud

We are required by law to protect our public funds.Therefore, we may use any of the information you provide to us for the prevention and detection of fraud or to comply with the law and to help with other legal duties including the collection of taxes, charges and other enforcement duties. As well as conducting our own ‘data matching’ we may also share your information with other public bodies. These include (but are not limited to):

  • City of Wolverhampton Council
  • the Audit Commission
  • Department for Work and Pensions
  • other local authorities
  • Her Majesty’s Revenue & Customs (HMRC)
  • national and local fraud initiatives
  • the Police
  • health bodies (NHS Trusts, GPs)

We may also share information with utility companies, credit reference agencies, insurers, service providers or contractors and partner organisations, where the sharing of information is necessary, proportionate and lawful.

We may share your data with third countries or international organisations, only where there is a legal reason to share, you have provided consent for us to share, and where there are appropriate safeguards in place to ensure the level of protection of your data is guaranteed.

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims, transactions, applications, taxes and payments to be identified.

Where a match is found it indicates that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out. Regardless of the outcome data matching helps to ensure records are up to date and accurate.

We participate in the Cabinet Office's National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud. We are required to provide particular sets of data to the Minister for the Cabinet Office for each exercise. The use of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under Part 6 of the Local Audit and Accountability Act 2014. Data matching by the Cabinet Office is subject to a Code of Practice.

View further information on the Cabinet Office's legal powers and the reasons why it matches particular information.

5. How we collect your data and from where

Face to face: 
We may keep a record of your contact in order to assist in the delivery and improvement of the services we provide to you and others. Any such records that include any personal information will be kept securely.

Telephone calls: 
Ordinarily we will inform you if we record or monitor any telephone calls you make to us. This is to increase your security, for our record keeping of the phone call and for training and quality purposes.

If you email us we may keep a record of your contact and your email address for our record keeping. We will not include any confidential information about you in any email we send to you unless sent securely or you have agreed to us contacting you with this information. We would also suggest that you keep the amount of confidential information you send to us via email to a minimum.

On paper:
You may complete assessment forms or request forms on paper that you send to us. You may write us letters and send these in on paper.

 You may complete online forms, make requests, or make online payments to us.

On systems:
We may log any information you provide to us on a computer system to help us keep track of your request, or any actions we need to complete. We may add your information to systems where we are required to by law.

HomeLINK App:
Your home may be fitted with these devices:

  • Fire and carbon monoxide alarms
  • Environmental sensors
  • The gateway

You can take control of your environment with the HomeLINK App. The app is quick and simple to set-up. Follow the steps here to get started.

The app will:

  • Help you keep rooms within the ideal temperature, humidity, and carbon dioxide ranges to prevent poor conditions from occurring
  • Give you tailored tips and advice that will help you to make your home healthier
  • Let you know if a room is at risk of developing damp and mould and what you can do to prevent it
  • Remind you to test your fire and carbon monoxide alarms to ensure your home is protected
  • Give your family, friends or carers secure access to your HomeLINK App if you need a helping hand

If you have any problems logging in or have any questions about the app or the devices within your home, please contact us for help and advice.

Get started with the HomeLINK App

From other sources:

We may receive information about you from other organisations or agencies such as:

  • City of Wolverhampton Council
  • educators, examining bodies
  • Ofsted, Ombudsman and regulatory authorities
  • providers of goods and services
  • local and central government (e.g. Department of Work and Pensions, HMRC)
  • licensing authorities
  • partners that are part of national or regional improvement projects
  • health bodies (NHS Trusts, GPs)
  • the Police
  • Care Quality Commission
  • courts, prisons
  • other local authorities
  • the Audit Commission

We will receive information about you either for a legal reason or because you have asked for your information to be shared with us. Information can be provided to us by any of the other formats described in this section. We may add this information to our systems to record and hold it as part of your record with us.

Department for Energy Security and Net Zero (DESNZ) - Privacy Policy

DESNZ processes your personal data to support the delivery and administration of the Social Housing Decarbonisation Fund Wave 2.2.

Read DESNZ's privacy notice

6. How your data is used

Information which you have provided to us will be stored securely. It will be used for the purposes stated when the information was collected, and not reused for different purposes or sold on to others.

Your data will be placed on an appropriate system, such as Information Management Systems that hold data about you and your tenancy and Electronic Records Management Systems that hold copies of your scanned tenancy and identification documents. These are used to provide or administrate our services. We may cross reference this data between systems to keep your information as accurate and up to date as possible in line with data protection best practice.

Some areas of the organisation that use your personal data have very specific reasons for doing so. Some of our departments may ask you to complete assessments that result in an automated decision being made about you or could be seen as profiling. You can ask us to explain the outcomes of any automated decisions made about you. 

7. Our responsibilities

Everyone working for us has a legal duty to keep information about you confidential and secure, for specific purposes and only for as long as necessary. Legislation and best practice guidance that we abide by is:

  • Data Protection Act 2018/General Data Protection Regulation 2016/679
  • Human Rights Act
  • Caldicott Principles relating to confidentiality
  • British Standard and International Standard (BS/ISO) 15489-Records Management
  • Lord Chancellors Code of Practice on Records Management 

Each of the departments within our organisation may have additional specific pieces of law or guidance they must follow which have an impact on recording or using the information we hold. For example, guidance from professional bodies on record keeping for social workers.

Where we share information with other bodies or agencies, we will ensure the confidentiality and security of your data. This will normally be done by having a contract and confidentiality clauses in place. We also carry out data privacy impact assessment each time we start a new project, to help us build in security and privacy to protect your information.

We will keep your information in line with legislation and guidance on records retention periods. We will not keep your information longer than it is needed. We will dispose of paper records or delete any electronic personal information in a secure way.

We do not share your data with private companies, unless they have a contract with us to provide a service on behalf of us. For example, a company who will conduct a survey on our behalf can only use the data we give them for our survey and they must delete it after the work has been done.

8. Your data rights

Under the Data Protection Act 2018/General Data Protection Regulation 2016/679 you have rights of how your personal and special category (known as sensitive) information is used. Please see the Information Commissioners Office guidance.

  • you have the right to be informed of how we are processing your data. This Privacy Notice explains this in detail
  • you have the right to ask for incorrect data to be rectified
  • you have right to request the deletion or removal of personal data where there is no reason for its continued processing
  • where you have signed up to an organisation’s service which relies on your consent alone (i.e the services is not covered by a statutory duty) you have the right to withdraw your consent
  • the right of access to your data (from 25th May free of charge). All requests for access must be made in writing to the organisation, contact details are below


Information Governance Team
City of Wolverhampton Council
Civic Centre
St Peter's Square

Telephone: 01902 554498

9. Access to non-personal organisation data

We routinely publish sets of non-personal data we hold. You may find what you are looking for on the disclosure log:

If you have a different question you can make a request for non-personal information which Wolverhampton Homes may hold as part of their work under the Freedom of Information Act 2000 or the Environmental Information Regulations 2004.

10. How to raise a complaint about information

If you have a complaint in relation to a request to see a copy of your records or a freedom of information (FOI) request, please contact us in the first instance to request an internal review of our response.

  • for data protection complaints, you can use the contact details from the 'how to access information held about you' section
  • for FOI complaints, you can use the contact details from the 'how to ask about other information held by the organisation' section

If you follow this procedure and are still not happy, you may wish to contact the Information Commissioner's Office:

The Information Commissioner's Office
Wycliffe House

Telephone: 08456 306060


11. How we use cookies

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Please take a look at our Cookie Policy for more information.

12. Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

13. Other

We collect and process personal data relating to our job applicants and employees to manage the employment relationship. We are committed to being transparent about how we collect and use data and to meeting our data protection obligations. For more information about our applicant and privacy notices, please select from the links below.