Privacy Policy for Members

This statement confirms the commitment of the North East Retail Crime Partnership to protect your privacy and to process your personal information in a manner which meets the requirements of the General Data Protection Regulations and Data Protection Act 1998.

1. This document explains what the North East Retail Crime Partnership (NERCP) is, why it processes its Members’ personal data, and the lawful basis for that processing. It describes the kind of personal data about members that the NERCP is allowed to process, and what the NERCP can do with it.

2. Who are we and what we do
The North East Retail Crime Partnership is a not for profit organisation managed by registered charity Northumbria Coalition Against Crime. The NERCP works with businesses, police and other crime prevention agencies to help tackle crime and disorder.  The NERCP is a regional information and support network for members of the retail community and provides local services to all main local areas in the North East region, coordinating the activities of many Shopwatch schemes.

Contact Details

NERCP
Consett Police Station
Parliament Street
Consett
County Durham
DH8 5DL
Email address: info@nercp.org.uk
Tel: 0191 375 2751

3. The NERCP’s Data Controller is responsible for ensuring its compliance with the current Data Protection law and can be contacted using the above details. The NERCP is registered with the Information Commissioners Office under Northumbria Coalition Against Crime as a Charity, incorporating a Business Crime Reduction Partnership.

4. Purpose of processing personal data
The NERCP processes Members’ personal data for the following purposes:
a. to enable the efficient management of the NERCP; to manage the members of the NERCP including subscriptions where relevant; invitations to the NERCP’s events etc;
b. to defend the protect the NERCP in case of any Member’s non-compliance with the NERCP’s Protocols and Rules;
c. to enable the NERCP to communicate efficiently to its Members by sending alerts, news items and other information which are relevant to them.

5. Lawful basis of processing
The NERCP’s existing contract/agreement between itself and its Members requires that Members provide their name, business postal address, email address, and telephone number to the NERCP. This contract means that the NERCP’s lawful basis for processing Members’ personal data is ‘contract’ and therefore the NERCP can process Members’ personal data without their consent.

6. Categories and types of personal data processed
Name of a contact person/s, business name and location, postal and email addresses, telephone and other contact details will be processed;
No sensitive or ‘special category’ personal data (ethnicity, sexuality, religious beliefs etc) is processed by the NERCP.

7. Sources of personal data
The NERCP obtains Members’ personal data from existing contracts with Members;
Members may themselves update their personal data.

8. Recipients of Members’ personal data
The NCAC/NERCP Board of Directors, the Data Controller, authorised NERCP staff and formally contracted Data Processors may access Members’ personal data;
Members’ personal data will not be passed to any third party unless the member gives permission;
The Scheme will not transfer Members’ personal data outside the UK.

9. Data retention period
The NERCP will retain Members’ personal data only for as long as each Member remains a Member of the scheme; when a Member ceases to be a Member of the NERCP they must confirm this with the NERCP’s Steering Group as specified in the NERCP’s Protocols at which time all associated personal data will be irrevocably deleted.
In the case of submitted reports, the submitting Member’s email address only will continue to be associated with such reports for as long as the report is retained by the NERCP; this is required where a report may be used for evidential purposes in legal proceedings.

10. Members’ rights
Members can obtain a copy of all their personal data held by the NERCP; Members may access this at any time on the NERCP’s online or may be obtained on application to the Data Controller (see Contact Details above).
Members can correct any erroneous data at any time on the NERCP’s online system or may require the NERCP to correct any errors on their behalf.
At the conclusion of their Membership, Members’ personal data will be permanently deleted by the NERCP with the exception of email addresses associated with Incident reports (see Data Retention Period above) and may require the Data Controller to confirm such deletion.  Members have the right to complain about the NERCP to the Information Commissioners Office.

11. Disclaimer 
The North East Retail Crime Partnership seeks to ensure that all information on this website is accurate however, the NERCP and its employees cannot accept any responsibility or liability for any claim, loss or damage whatsoever from the use of any information within, or accessed through, this website.

NERCP Website
Cookies
In order to give you an enhanced user experience, NERCP use ‘cookies’ on its website. These cookies recognise your computer and its previous visits to the NERCP website which can speed up the service NERCP offer. This therefore, allows NERCP to achieve the above.
 
In your internet browser you can prevent cookies from being used which may result in a reduced service and user experience on the NERCP website.
 
Unless you modify your website browser, this information that is collected can be used to identify your computer. Visit the sections within your website browser help guides for instructions on how to change these settings

Other Websites
The NERCP website contains links to other websites where NERCP are not in control or responsible for the privacy policies, practices and / or the content of these websites which are linked to the NERCP website


 Privacy Policy for Offenders


This statement confirms the commitment of the North East Retail Crime Partnership (NERCP) and explains why the scheme processes the personal data of specific individuals (offenders) and the lawful basis for that processing. It describes the kind of information about Offenders that the scheme processes.  It describes the kind of information about Offenders that the scheme processes and what it does with that information.

1. Who are we and what we do
The North East Retail Crime Partnership is a not for profit organisation managed by registered charity Northumbria Coalition Against Crime. The NERCP works with businesses, police and other crime prevention agencies to help tackle crime and disorder.  The NERCP is a regional information and support network for members of the retail community and provides local services to all main local areas in the North East region, coordinating the activities of many Shopwatch schemes.

Contact Details

NERCP
Consett Police Station
Parliament Street
Consett
County Durham 
DH8 5DL
Email address: info@nercp.org.uk
Tel: 0191 375 2751

2. The NERCP’s Data Controller is responsible for ensuring its compliance with current Data Protection law and can be contacted at the above address, email address or telephone number. The NERCP is registered with the Information Commissioners Office under Northumbria Coalition Against Crime as a Charity, incorporating a Business Crime Reduction Partnership.

3. Purpose of processing personal data
The NERCP processes Offenders’ personal data for the purposes of the ‘prevention and detection of crime and the apprehension and prosecution of offenders’. Members of the NERCP have the right to protect their property, staff and customers from crime and disorder and to exclude from their premises any individuals who are proven threats to their property, staff or customers. The NERCP processes Offenders’ personal data to inform Members of an offender’s modus operandi, to collate intelligence on criminal activity within the area of the BCRP’s operation and to contribute to legal proceedings against Offenders where appropriate.

4. Types of processing
The NERCP undertakes the following types of processing of personal data of Offenders:
(a) Data collection; see Sources of personal data below;
(b) Data storage; storage of Offenders’ data in a facility independently certified as secure to a high standard;
(c) Data retention; see Data Retention period below;
(d) Data collation; associating individual Offenders with multiple incidents, and with other Offenders;
(e) Data sharing; as defined in Recipients, or categories of recipients, of personal data below;
(f) Data deletion; see Data Retention period below;
(g) Data analysis; of de-personalised data for historical comparisons etc.

5. Lawful basis of processing
The NERCP’s  Members’ ‘legitimate interests’ provides the lawful basis on which it may process specific items of Offenders’ personal data for specific purposes without Offenders’ consent. The NERCP has assessed the impact of its processing on Offenders’ rights and freedoms, has balanced these with its Members’ own rights, and has concluded that its Members’ rights prevail over Offenders’ rights in this specific matter. Therefore, for the purposes to inform Members of an offender’s modus operandi, to collate intelligence on criminal activity within the area of the NERCP’s operation and to contribute to legal proceedings against Offenders where appropriate, Members’ legitimate interests constitute the NERCP’s lawful basis for processing Offenders’ personal data without requiring consent.

6. Categories and types of personal data processed
a. Offender’s name and image and any relevant information about the nature of his/her activities; the purpose of this processing is to enable Members to identify Offenders in order to submit reports about them and to provide information about them which may be necessary to protect the property and personal safety of Members and their staff, customers etc. This data may be shared among Members and other agencies that have a legitimate interest.
b. Offenders’ postal addresses; the purpose of this processing is to enable NERCP to identify further links to retail crime. Such data will not be shared with Members except for the purposes of civil recovery or any legal proceedings.
c. Information and evidence about incidents in which an Offender has been involved; the purpose of this processing is to enable the NERCP to inform Members of an offender’s modus operandi, to collate intelligence on criminal activity within the area of the NERCP’s operation and to defend its legal rights against any claim or suit by an Offender or other party. Such data may be shared with Members.
d. For the purposes of identification, some sensitive or ‘special category’ personal data may be processed by the NERCP e.g. ethnicity and for the safety and protection of our members, some medical conditions where the condition has symptoms that would render the Offender a danger to our Members. The dissemination of this information to our Members will not be widespread or general in nature but rather targeted to those most likely to be affected.

7. Offenders’ personal data may be collected or provided to the NERCP from:
a. Offenders who may voluntarily offer information about themselves;
b. Members who may submit reports about incidents in which Offenders have been involved. They may also send relevant ‘intelligence’ about Offenders, for example they may provide a name when asked to identify an unidentified CCTV image;
c. Police or other public agencies may provide Offenders’ personal data under a formal Information Sharing Agreement.
d. Social media platforms where such information is in the public realm by virtue of being displayed, without privacy controls, on a publicly accessible platform.

8. Recipients, or categories of recipients, of personal data:
The following types of individuals may have access to the NERCP data, including the personal data of Offenders:
a. Members who are property owners, agents or their employees working within the operational area of the NERCP who share the same legitimate interests
b. Employees and officers of public agencies involved in the prevention and detection of crime, such as police, whose lawful basis for processing your data is their public task;
c. Data Controllers of other organisations, similar to the NERCP, in neighbouring areas if there is evidence that an Offender has participated, or is likely to participate, in any threat or damage to property, staff and customers in areas outside the NERCP’s area of operation.

9. The NERCP will not transfer Offenders’ data outside the UK.

10. Data retention period
When an Offender is reported by a Member for participating in any threat or damage to any Member’s property, staff or customers, their name, date of birth and image together with any relevant information of offences or offending behaviour may be shared among Members for 12 months. If no further report is submitted during that period, the Offender’s data will be withdrawn from Members at the expiry of that period. It will be retained for a further 12 months in the NERCP’s database (which can only be accessed by the Data Controller and authorised personnel) after which time, if no further incidents are reported, it will be permanently deleted.

11. Offenders’ rights
a. Every Offenders has the right to obtain a copy of all the personal data which the NERP holds about them; to do so the Offender must contact the Data Controller (see contact details above); the Offender may be required to provide proof of their identity. In any case the NERCP will respond to the request within 30 days and provide full documentation to demonstrate compliance with Data Protection law.
If, when an Offender accesses their personal data, any of it is deemed by the Offender to be incorrect, unnecessary or disproportionate, the Offender can require the NERCP to correct it. Offenders do not have the right to require the NERCP to delete correct, necessary or proportionate information.
b. Offenders have the right to complain about the BCRP to the Information Commissioners Office; Offenders can submit a complaint on the ICO’s website.

NERCP Website
Cookies
In order to give you an enhanced user experience, NERCP use ‘cookies’ on its website. These cookies recognise your computer and its previous visits to the NERCP website which can speed up the service NERCP offer. This therefore, allows NERCP to achieve the above.
 
In your internet browser you can prevent cookies from being used which may result in a reduced service and user experience on the NERCP website.
 
Unless you modify your website browser, this information that is collected can be used to identify your computer. Visit the sections within your website browser help guides for instructions on how to change these settings

Other Websites
The NERCP website contains links to other websites where NERCP are not in control or responsible for the privacy policies, practices and / or the content of these websites which are linked to the NERCP website