To operate as a housing business, RHP Group (which includes Co-op Homes (South) Ltd) must get, process and store personal information about our applicants for housing, tenants and customers. This Privacy Policy supports our Privacy Notice. It explains how RHP Group treats your personal details.
Personal information is information that relates to a living individual (data subject) that allows them to be identified. Personal data includes contact information about:
Certain types of personal information is categorised as 'sensitive". They might relate to
We usually only collect personal data so we can provide housing and management services, provide regulatory and legal returns and otherwise comply with our legal obligations (see Section 6 "How will we use your information?"
When you contact us you might need to provide:
We may also get your personal details from organisations you've dealt with in the past like councils and past landlords, We use this information so we can understand our customers and their needs better.
When we provide you with a housing service, we might gather information on :
You might also provide us with other information when you chat to us or our contractors.
We might gather the following information to improve our service:
If you ask for additional services from us:
If we need it to look after our employees, business or anyone else, we may hold information about your history, e.g. regarding credit, or offences.
We'll only request personal data that's relevant for delivering our services and meeting our legal obligations. If you feel any requests are inappropriate you can refuse, but this might mean that we're unable to carry out requested or essential work, like repairs. We may also obtain your personal details from organisations you have dealt with in the past, such as referral agencies, councils and past landlords.
Here's how we're committed to ensuring that your privacy is protected:
We're committed to storing your personal data securely. This means only Co-op Homes employees and contractors that need to see it can. We'll always it electronically if possible - but sometimes we'll need to keep a paper copy.
Our computer systems are secure and protected. Sometimes we also use computers which are owned or managed by our suppliers. Their computers will always be secure and protected too. Where we share your information with others in line with the legislation we will make sure that those third parties also have relevant security systems in place to make sure that your information is kept safely.
We'll only use your data where we have a legal reason to do so.
For example:
Information collected about you is used to:
If we need to use your personal data for any reason we'll always make sure that its in line with the law. For example, we may need to use your information if a crime's been committed or there are risks to the public or our employees, we might also have a legal duty to use your data in a certain way, for example though a court order.
We generally hold information contained in your tenancy file for 6 years after your tenancy ends. In some circumstances we may be required to hold some information for longer in order to comply with our legal obligations or to protect you or your interests, for example to defend or pursue legal claims.
If you would like further information on specific period please contact us.
Our employees are trained to handle your information correctly and protect your privacy. We aim to maintain high standards, adopt best practice for our record keeping and regularly check and report on how we are doing. Your information is never collected for direct marketing purposes, nor sold on to any third parties and not processed overseas. Sometimes RHP Group’s services may be provided by our business partners, in which case appropriate members of their staff will have access to your information in order to deliver these services to you.
Only employee are trained to handle your information properly and protect your privacy. Only RHP Group employees who have an operational need to see your data will be allowed to see it. We aim to maintain high standards, adopt best practice for record keeping and regularly check and report on how we're doing. Your information is never sold on to their parties or processed overseas.
Where appropriate, we may need to pass your personal data on to our service providers and contractors, for example those who:
Where we work closely with these contractors they must store your details securely, and use them only to undertake the work we have asked them to do. When the job is done they will securely dispose of the details in line with RHP Group’s procedures and relevant data protection legislation.
We also work closely with partners to help us provide you with services and support and may need to pass on your personal data to those organisations. For example:
We will ensure that when we're sharing your information, its appropriate, relevant and in line with the legislation. We have data-sharing agreements with a number of other organisations. They sign up to a code of how data will be exchanged and used.
In some circumstances, we need to share information in an emergency or because we have a legal or regulatory obligation to do so. For example:
From time to time we'll use credit agencies to make sure our records are up to date. We'll also use them for the prevention, detection and prosecution of crime, including social housing fraud and benefit fraud. This information won't be used for any inappropriate purposes.
Profiling is automated processing that's designed to evaluate an individual and analyse or predict characteristics such as:
We don't use profiling at RHP Group.
Effective as of 8th April 2022
Use of cookies
You can update and change your cookie preferences by using the preference centre.
Update preferences
A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting. More specifically, we use cookies and other tracking technologies for the following purposes:
Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you, which amount to a request for services, such as logging in or filling in forms. They protect your data from being accessed in an unauthorised way.
Cookie Name |
Cookies Purpose |
Cookie type and duration |
OptanonConsent |
This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor. |
First-party persistent cookie, 365 days |
OptanonAlertBoxClosed |
This cookie is set by the cookie compliance solution from OneTrust It is set after visitors have seen a cookie information notice and in some cases only when they actively close the notice down. It enables the website not to show the message more than once to a user. The cookie has a one year lifespan and contains no personal information. |
First-party persistent cookie, 365 days |
ASP.NET_SessionId |
General purpose platform session cookie, used by sites written with Miscrosoft .NET based technologies. Usually used to maintain an anonymised user session by the server. |
First-party session cookie deleted after you quit your browser |
yourAuthCookie |
This is a cookie that is used as part of the login process to control access to content within the members area. and is removed on closing the browser. |
First-party session cookie deleted after you quit your browser |
__RequestVerificationToken |
This is an anti-forgery cookie set by web applications built using ASP.NET MVC technologies. It is designed to stop unauthorised posting of content to a website, known as Cross-Site Request Forgery. It holds no information about the user and is destroyed on closing the browser. |
First-party session cookie deleted after you quit your browser |
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous.
Cookie Name |
Cookies Purpose |
Cookie type and duration |
__utmz |
This is one of the four main cookies set by the Google Analytics service which enables website owners to track visitor behaviour measure of site performance. This cookie identifies the source of traffic to the site - so Google Analytics can tell site owners where visitors came from when arriving on the site. The cookie has a life span of 6 months and is updated every time data is sent to Google Analytics. |
First-party persistent cookie, 182 days |
_utmv######### |
Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics. |
First-party persistent cookie, Less than day |
__utmt |
This cookie is set by Google Analytics. According to their documentation it is used to throttle the request rate for the service - limiting the collection of data on high traffic sites. It expires after 10 minutes |
First-party persistent cookie, Less than day |
__utmb |
This is one of the four main cookies set by the Google Analytics service which enables website owners to track visitor behaviour and measure site performance. This cookie determines new sessions and visits and expires after 30 minutes. The cookie is updated every time data is sent to Google Analytics. Any activity by a user within the 30 minute life span will count as a single visit, even if the user leaves and then returns to the site. A return after 30 minutes will count as a new visit, but a returning visitor. |
First-party persistent cookie, Less than day |
__utmc |
This is one of the four main cookies set by the Google Analytics service which enables website owners to track visitor behaviour and measure site performance. It is not used in most sites but is set to enable interoperability with the older version of Google Analytics code known as Urchin. In this older versions this was used in combination with the __utmb cookie to identify new sessions/visits for returning visitors. |
First-party session cookie deleted after you quit your browser |
__utma |
This is one of the four main cookies set by the Google Analytics service which enables website owners to track visitor behaviour and measure site performance. This cookie lasts for 2 years by default and distinguishes between users and sessions. It it used to calculate new and returning visitor statistics. The cookie is updated every time data is sent to Google Analytics. The lifespan of the cookie can be customised by website owners. |
First-party persistent cookie, 729 days |
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Cookie Name |
Cookies Purpose |
Cookie type and duration |
vuid |
This domain is owned by Vimeo. The main business activity is: Video Hosting/Sharing |
Third Party persistent cookie, 729 days |
Other cookie like technologies
This site uses reCAPTCHA; reCAPTCHA protects a website from fraud and abuse.
reCAPTCHA uses advanced risk analysis engine and adaptive challenges to keep malicious software from engaging in abusive activities
Some of the information collected at this time of submission includes:
All cookies placed by Google over the last 6 months,
How many mouse clicks you've made on the screen (or touches if on a touch device),
The CSS information for that page,
The date,
The language your browser is set to,
Any plug-ins you have installed on the browser, and all Javascript objects
More information reCAPTCHA https://www.google.com/recaptcha/about/
Data Protection law gives you the following rights:
If you have any questions about how your information is used or want to let us know your information has changed please customer.services@rhp.org.uk or homes@coophomes.coop. If you want to see your information, or if you believe that it is not accurate, or if you want to make a complaint about the use of your information then contact:
The Data Protection Officer, RHP Group, 8 Waldegrave Road, Teddington, TW11 8GT email: customer.services@rhp.org.uk
If you're not happy with the way we deal with your query or complaint you can contact: The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Tel: 0303 123 1113; Fax: 01625 524 510; Email: casework@ico.org.uk ; Website: https://ico.org.uk/