Privacy Policy

Orbit Group Ltd are the ‘controllers’ of the information (‘personal data’) that we collect about you, our ‘data subjects’, which means we are responsible for how your data is processed. The word ‘process’ covers what can be done with personal data, including collection, storage, use, sharing and deletion. This privacy policy explains why and how we process your personal data, and explains the rights you have, including amongst others, the right to access your data, and to object to the way it is processed. Please see the section on ‘Your rights as a data subject’ for more details on your rights and how to exercise them

Summary

Why? The main reason we need to process your data is so that we can offer you the best service available, whether you are a customer, colleague or anyone else that we work with.

What? We use your contact details, financial information and other personal information to provide you with our services, which sometimes involves sharing data with our trusted partners and contractors.

How? We handle your data carefully, and have appropriate controls in place to protect it from breaches. We also work to ensure that data is accurate and only kept as long as is necessary, and that we uphold your rights around how we handle your data.

Contact us

Our contact details are:

Address:

Orbit
Garden Court
Harry Weston Road
Binley Business Park
Binley
Coventry
CV3 2SU

Telephone number:0800 678 1221

If you have any queries about this policy or anything related to data protection, you can contact our Data Protection Officer (DPO) at Garden Court, Harry Weston Road, Binley Business Park, Binley, Coventry, CV3 2SU or informationgovernance@orbit.org.uk

Personal Data

‘Personal data’ is any information that relates to a living, identifiable person. This will usually include your name, address, contact details, and other information we collect as part of our relationship with you.

It can also include ‘special categories’ of data, which is the official term for information about a person’s race or ethnic origin, religious, political or other beliefs, physical or mental health, trade union membership, genetic or biometric data, sex life or sexual orientation.

The use of this type of data, and of information about criminal convictions and offences, is subject to strict legal controls.

We only process data if we need to for a specific purpose, as explained below. Most often, we collect your personal directly from you, through our contact with you.

How we store your data

Your personal data is held in both hard copy and electronic formats.

Electronic data, including emails, is stored on Orbit’s servers and on our software suppliers’ servers, which are located in the European Union.

Where we contract with a software supplier who stores data outside of the EU, only minimal data is processed, for example for carrying out feedback surveys, and we ensure appropriate safeguards are in place.

How long we keep your data

Information about how long we hold your data for can be found in our Data Retention Schedule. Some of our retention periods are based on legal requirements, and others are based on the practical reasons we need to keep the data for a certain period of time.

Once we reach the retention period, we will securely delete the relevant data, unless we are legally required to keep it longer, or there are legal reasons why we should keep it longer.

Your rights as a data subject

As a data subject, you have the following rights in relation to your personal data:

To be informed about how your data is handled;
To gain access to your personal data;
To have errors or inaccuracies in your data changed;
To have your personal data erased, in limited circumstances;
To object to the processing of your personal data for marketing purposes or when the processing is based on the public interest or other legitimate interests;
To restrict the processing of your personal data, in limited circumstances;
To obtain a copy of some of your data in a commonly used electronic form, in limited circumstances;
Rights around how you are affected by any profiling or automated decisions.

If you wish to exercise any of these rights, please contact us in writing or on the telephone.

For more information about these rights, please see the ICO’s website https://ico.org.uk/ or contact our Data Protection Officer (DPO) at Garden Court, Harry Weston Road, Binley Business Park, Binley, Coventry, CV3 2SU or informationgovernance@orbit.org.uk

Withdrawing consent

If we are relying on your consent to process your data, you may withdraw your consent at any time by contacting us.

Complaints to the Information Commissioner

You have a right to complain to the Information Commissioner's Office (ICO) about the way in which we process your personal data. You can make a complaint on the ICO’s website https://ico.org.uk/.

Your data and how and why we process it

Orbit processes your data so we can manage and support our relationship with you, comply with legal obligations, improve our services and achieve our legitimate business aims. The information below gives more details about the ways we process your data, including who we share data with, and the legal basis for each type of processing.

Processing Purpose

Legal basis for Processing

Applications

When you apply to live in, or buy, an Orbit home, we collect information directly from you and from relevant third parties, in order to assess your eligibility and suitability for the application you have made.

For rented customers we receive your contact details and housing need information from the Local Authority if you have been nominated by them and we take up references from former landlords.

Some decisions are made automatically about your eligibility, based on the answers you provide in your application, but you will always be given the opportunity to challenge the decision.

This processing is necessary for entering into a contract with us, including a tenancy agreement or a purchase contract. We need to know that you are eligible, and that you can afford a property, and/or sustain your tenancy, and we may need to offer you additional support as part of your tenancy.

CORE reporting

So that the Ministry of Housing, Communities and Local Government (MHCLG) can produce statistical information, we report information about our lettings and shared ownership sales via the CORE (Continuous Recording) system. The information provided does not include your name or full address, but it does contain special categories of data.

Please see the CORE website for more details.

The processing of this information by the MHCLG is necessary for the performance of a task in the public interest, and so far as the data includes special categories, the MHCLG states that the processing is necessary for reasons of substantial public interest.

Orbit customers

When you are an Orbit customer, we will collect information from our interactions with you, including any complaints or allegations that are made by you, or about you, and we process this information to allow us to manage our relationship with you, collect your rent, and provide you with tenancy or sales related services, and appropriate support services, and to manage any complaints or alleged ASB or similar issues.

This will involve sharing information with, and receiving information from, third parties:

Where crimes have been committed or alleged information is shared with the police and other agencies with investigative and prosecution powers;

We will share rent information with local authorities for the purposes of administration of benefits;

Where local authorities require information for council tax, we will confirm tenancy information to allow the correct tax to be paid.

We will also share information with debt collection agencies so they can collect debts on Orbit’s behalf.

Most of the information we collect and use as part of our ongoing interactions with you is necessary for the performance of your contract, and is linked to ensuring both you and Orbit are complying with the requirements of the contract.

We have a legal obligation to keep business and financial transaction records as appropriate.

We will offer you further support based on our legitimate interests to enable you to sustain your relationship (tenancy/shared ownership relationship) with us to the best of your ability.

If we contact you by email or text to let you know about our offer, we will do so based on your consent to that use of your email or text contact details.

If we refer you to an external agency for further support, we will do so only with your consent to pass your details onto them.

When we share information for the reasons explained, we will do so on the basis of the fact it is necessary for a task in the public interest (crime, benefits and tax payment) or for our legitimate interests of debt collection.

Insurance

If you are an Orbit insurance customer, we will process your information so we can provide you with a policy, and to manage any claims you make, which may involve sharing information with third parties about the circumstances in order to assess the claims.

This processing is necessary for the performance of your insurance contract. If it suspected that a claim is not legitimate, we will process information on the basis that it is necessary for us to protect our business from fraudulent claims, which is in our legitimate interests.

Help to Buy

Orbit manages the Help to Buy Midlands service, on behalf of Homes England, Please see the Help to Buy Midlands website for more details.

Most of this processing is on the basis that it is necessary for a contract, or entering into a contract, for shared ownership or an equity loan.

Contacts

For members of the public who are not customers but come into contact with Orbit in another way, such as to make an enquiry, complaint or allegation, we will collect information from our interactions with you, so that we can provide you with the information you have requested, or so we can investigate and handle any complaints or allegations.

We process this information on the basis that it is necessary for our legitimate interests of responding to your enquiry, complaint or allegation, as appropriate.

Recruitment

If you apply for a job with Orbit, we collect information about your suitability via our trusted recruitment partner organisations. Please see the Recruitment Privacy Policy for more details.

Most of this processing is on the basis that it is necessary for an employment contract, or entering into an employment contract, with Orbit.

Employees

We collect and process information about current and former employees as part of managing your relationship with Orbit.

Most of this processing is on the basis that it is necessary for managing your employment contract with Orbit.

CCTV

Orbit uses CCTV in its offices and in some of our housing/schemes for the safety and security of premises, colleagues, customers and any third parties. CCTV footage can be disclosed to those organisations acting on official authority, including the police.

We process data from CCTV for the purposes of our legitimate interest of protecting our premises and people.

Telephone calls

Phone calls to our main telephone number are recorded, so that we can monitor the quality and content of calls.

This processing is on the basis of our legitimate interest of providing good customer service, as well as protecting our colleagues and other people from any problems arising from ambiguity in phone call conversations.

Contractors

We work with external contractors who provide our customers with housing related services, for example repairs or asset maintenance, and we will share your contact details with these contractors so they can contact you to arrange appointments to provide the services.

Orbit’s suppliers of computer systems have access, which is controlled, to the data held on the systems, only as part of providing us with support.

We share information in the ways explained based on our legitimate interests of outsourcing the provision of some services and of providing appropriate computer systems, to enable us to run the business efficiently.

Work contacts

People we work with – organisations and companies – your contact details are personal data and we will treat it accordingly, using it only as part of our relationship with your organisation, whether we work in partnership or have a customer/supplier relationship.

This processing is based on our legitimate interests of managing business relationships appropriately.

Surveys and feedback

In order to understand our customers’ experiences and improve our services and products, we will contact you at various “touch-points” during our relationship with you, and ask you to complete a survey and give us feedback, over email or text or over the telephone. We contract with specialist companies to carry out surveys on behalf of Orbit, which involves sending them your contact details and they gather your responses for us. You can opt out of this sort of contact if you prefer.

Orbit, and the specialist companies we work with, process data in order to ask for your feedback, based on our legitimate interests of improving our customer services and products.

Marketing

We will send you information that we think will be useful or of interest to you, about the services we provide, whether they are paid for services or free of charge. We will make decisions about what information so send based on your profile, for example your age if we are letting people know about age-related services like our over 55s schemes.

Orbit will send you hard copy marketing materials on the basis of our legitimate interests of increasing our customers’ knowledge of other relevant services and products.

We will only send you emails or texts (electronic direct marketing) with this type of information if we have your consent to do so. For commercial services or products, this includes where you have bought, or entered into negotiations with us, for a similar service or product. Every time we send an email or text you will have the option to unsubscribe from similar marketing messages.

Website

We collect information through this website, when you submit data through it, and through the use of Cookies. Please see the Cookies section for more details.

This information is processed for our legitimate interests of responding to any enquiries you make through the website, and of understanding the effectiveness of our website.

Cookies

Visiting our Website

When someone visits our website, we collect standard internet log information and details of visitor behaviour patterns, using Google analytics. We do this to find out things such as the number of visitors to the various parts of the site.

We do not make any attempt to find out the identities of those visiting our websites. We will not associate any data gathered from this site with any personally identifying information from any source.

What are Cookies

Cookies are text files placed on your computer by websites you visit. These are widely used to enable the websites to work properly (e.g. ensuring that the right personal information collected is attached to the individual who submitted it) when collecting information that you have provided to the Data Controller. You may delete and block cookies if you wish from this site, however, please be aware that this could affect the functioning of this website. If you would like further information relating to cookies and what they do and how to delete them, please visit www.aboutcookies.org or www.allaboutcookies.org.

How we use cookies

The table below explains the cookies we use and why. Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

Cookie	Name / Purpose	Type / Expiry	More Information
Website cookie acceptance	CookiesAccepted - This cookie is used to record if a user has accepted the use of cookies on the website		To withdraw your consent after accepting this cookie,. Find out how at www.aboutcookies.org
CFID	Linked information is the username. When a user logs in, maintains authentication state	Persist 2 hours	First party cookie
CFTOKEN		Persist 2 hours	First party cookie
JSESSIONID	SessionSession – determines the end of the session by a user		First party cookie
VOPECRA	Anonymous – remembers when a user has elected to accept cookies	Persist Never	First party cookie
Google Analytics	_utma _utmb _utmc _utmz These cookies are used to collect information about how visitors use our websites. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited	Persist 2 years 30 mins End of session 6 months	Click here for an overview of privacy at Google Third party cookie
Google Translate	googtransSession – stores your chosen language (if you decide to change if from English). This means that you do not have to select your chosen language every time that you load a new page	End of session	Click here for an overview of privacy at Google Third party cookie
Google Maps	PREF NID These cookies are used to remember Google maps preferences	Persist 6 months	Click here for an overview of privacy at Google Third party cookie

The table below explains some of the other cookies we use and why.

Name	Format	Expires	Reason
o-alert	Alphanumeric String	Session	Alert message to user
font-size	Alphanumeric String	6 months	Selected website font size
colour-theme	Alphanumeric String	6 months	Selected website theme
o-area	Alphanumeric String	10 years	Selected local area
contour_XXX	Alphanumeric String	1 month	Form submissions
pagesRatedCookie	Alphanumeric String	1 month	Page ratings
yourAuthCookie	Alphanumeric String	Session	Scheme locator search
yourAuthCookie	Alphanumeric String	Session	Protected area

Third party cookies

We sometimes embed video content and photos from websites such as YouTube and Flickr. Pages with this embedded content may present cookies from these websites. Similarly, when you use one of the share buttons on our website, a cookie may be set by the service you have chosen to share content through. You should check the relevant third party website for more information about these cookies.

Accepting cookies

For this site to function properly you will need to accept cookies. Please bear in mind that if you do not accept cookies, certain personalised features of this website cannot be provided to you.