Data Protection Policy

This policy shows how we will meet our obligations under the Data Protection Act 1998 (DPA) and how we deal with confidentiality of personal data. 


This policy is applied using the following principles:

  • we will hold and process personal data about individuals in accordance with current Data Protection law
  • we will tell our tenants and others who receive our service how their personal data is used and the circumstances in which we may share it with other organisations
  • sharing of personal data with other organisations will be controlled by Horizon, as data controller, and bound by the terms of our registration as a data controller, by statutory obligations and by agreements or protocols with partner orgnisations or other agencies
  • all employees, Board members and volunteers understand and are bound to treat personal data as confidential


We implement the policy by:

setting out clear procedures for staff, Board members and others with whom we work (for example contractors, consultants, suppliers) in relation to data collection, access to data by individuals, disclosure and disposal of data.


We acknowledge the Data Protection Act 1998 (DPA) and will act within this legislation at all times.

This policy was approved by the Horizon Board in May 2017.