Privacy Policy
How we collect, use, and protect your personal information
Effective date: January 2025 (Version 1.0)
Who We Are
Beacon Pathways Limited is the data controller responsible for your personal data. We are committed to protecting your privacy and being transparent about how we use your information.
Contact: hello@beaconpathways.co.uk
About This Policy
This privacy policy explains how Beacon Pathways Limited ("we", "us", or "our") collects, uses, stores, and shares your personal data when you use our website, contact us, or engage with our supported accommodation services.
This policy applies to all visitors to our website, prospective and current residents, referral partners, local authorities, and anyone who contacts us.
This policy should be read alongside our Cookie Policy and Policies & Governance page.
Information We Collect
We collect personal data through various means depending on how you interact with us:
Information You Provide Directly
- •Contact details: Name, email address, phone number when you contact us or make a referral
- •Professional information: Job title, organisation name for referral partners and local authority contacts
- •Referral information: Details provided in referral forms about prospective residents
- •Correspondence: Any information you include in emails, messages, or enquiry forms
Information Collected Automatically
- •Technical data: IP address, browser type, operating system, device information
- •Usage data: Pages visited, time spent on pages, links clicked, referring website
- •Cookie information: See our Cookie Policy for details
How We Use Your Information
We use personal data for the following purposes:
- •Responding to enquiries: To reply to your questions, referrals, and partnership requests
- •Processing referrals: To assess suitability and arrange supported accommodation placements
- •Service delivery: To provide and manage our supported accommodation services
- •Maintaining relationships: To communicate with referral partners and local authorities
- •Improving our services: To understand how our website is used and enhance user experience
- •Legal and regulatory: To comply with legal obligations and regulatory requirements
Legal Basis for Processing
Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Responding to your enquiries | Legitimate interests (to respond to communications) |
| Processing referrals | Contract performance; Legitimate interests |
| Service delivery | Contract performance |
| Analytics and website improvement | Consent (for non-essential cookies) |
| Legal and regulatory compliance | Legal obligation |
Where we rely on legitimate interests, we have conducted a balancing test to ensure your rights and freedoms are not overridden. You can request details of this assessment by contacting us.
Who We Share Your Data With
We may share your personal data with:
- •Local authorities: For referral processing and service coordination
- •Healthcare providers: Where necessary for resident welfare and support
- •Service providers: IT, hosting, and analytics providers who help us operate (under strict data processing agreements)
- •Professional advisers: Lawyers, accountants, and auditors where legally required
- •Regulatory bodies: Where required by law or to protect individuals from harm
We do not sell your personal data to third parties.
International Data Transfers
Your personal data is primarily stored and processed within the United Kingdom. Where we use service providers based outside the UK (for example, cloud hosting or analytics services), we ensure appropriate safeguards are in place:
- •Transfers to countries with UK adequacy decisions (including the EEA)
- •Standard Contractual Clauses (SCCs) approved by the ICO
- •The UK International Data Transfer Agreement (IDTA) where applicable
You can request information about the safeguards in place for specific transfers by contacting us.
How Long We Keep Your Data
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:
| Data Type | Retention Period |
|---|---|
| Enquiry correspondence | 2 years from last contact |
| Unsuccessful referrals | 1 year from decision |
| Resident records | 7 years after tenancy ends |
| Safeguarding records | As required by law (up to 75 years) |
| Partner contact details | Duration of relationship + 2 years |
| Website analytics | 26 months (anonymised) |
Your Rights
Under UK GDPR, you have the following rights regarding your personal data:
- •Right of access: Request a copy of the personal data we hold about you
- •Right to rectification: Request correction of inaccurate or incomplete data
- •Right to erasure: Request deletion of your data in certain circumstances
- •Right to restrict processing: Request that we limit how we use your data
- •Right to data portability: Request a copy of your data in a machine-readable format
- •Right to object: Object to processing based on legitimate interests
- •Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time
How to Exercise Your Rights
To exercise any of your rights, please contact us at hello@beaconpathways.co.uk. We will respond to your request within one month. In complex cases, we may extend this by a further two months, but we will inform you if this is necessary.
We may need to verify your identity before processing your request. There is usually no fee for exercising your rights, although we may charge a reasonable fee for manifestly unfounded or excessive requests.
If you are not satisfied with how we handle your request, you have the right to complain to the Information Commissioner's Office (ICO). Visit ico.org.uk or call their helpline on 0303 123 1113.
Data Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These include:
- •Encryption of data in transit (HTTPS/TLS)
- •Secure access controls and authentication
- •Regular security assessments and updates
- •Staff training on data protection
- •Data processing agreements with third-party providers
Cookies and Tracking Technologies
We use cookies and similar technologies on our website. For detailed information about what cookies we use, why, and how to manage your preferences, please see our Cookie Policy.
Children's Privacy
Our website is not directed at children under 16 years of age. We do not knowingly collect personal data from children through this website. Where we provide services to young people aged 16-17, we obtain appropriate consents and safeguards as required by law.
Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on this page with an updated version number and effective date.
For significant changes that affect how we process your data, we will provide prominent notice on our website or contact you directly where appropriate.
Contact Us
If you have any questions about this privacy policy or how we handle your personal data, please contact us or email hello@beaconpathways.co.uk.
Data Controller
Beacon Pathways Limited
Suite 2a, 6th Floor Cobalt Square
83-85 Hagley Road
Birmingham, England
B16 8QG
Email: hello@beaconpathways.co.uk
Phone: 0121 514 8886