Privacy Policy

  1. Introduction
    1. The Access Card and CredAbility are both operated by Nimbus: The Disability Consultancy Service Ltd Company Number 05969642
    2. We take your privacy and our responsibilities very seriously and this policy lays out what information we collect from you, why we collect it, how we use it and how we keep it safe.
  2. How we collect information about you
    1. The only source of capturing information about you is via your Access Card Application form.
    2. This will include information you submit from 3rd parties in the process of completing your application such as Dr’s reports
  3. What Personal Information we collect and why
    1. Medical Information
      1. We need the medical information you provide in your application so that we can make a decision on your entitlement to the card in line with the definition of a disabled person as outlined by the Equality Act (2010)
    2. Personal information
      1. If you have provided the appropriate consent we will use your Personal Information as follows:
        1. We will use this information to carefully select different offers and opportunities that might be of interest to you most often linked to CredAble Providers
        2. We will use the information to filter information to ensure that only the most relevant information is sent out
        3. For example – if you have indicated that you are a wheelchair user that’s interested in Live Music, we may send you information from Live Music promoters about an accessible music festival.
        4. Another example would be if you have indicated that you are looking for work we may send you job opportunities in your areas from employers who are CredAble Employers
        5. All mailings will come directly from us. We will not at any point pass on any contact details or personal details to any 3rd party for marketing purposes
        6. You will have the opportunity to unsubscribe from mailing via a link at the foot of the email or by making a request directly
  4. How information is shared
    1. No Personal or Medical information is shared with any 3rd party. Its only purpose is to inform our decision making except in the following circumstances:
      1. We are required to do so by Law
      2. It is shared in the process of presenting the Card to a provider
    2. Where you share your card details with an organisation (that has been granted permission to accept the card) we give them access to a system which is capable of verifying the information that you provide on the card.
      1. Sharing your card details with these providers is an act of consent to authorise them to view the digital version of your card
      2. This does not include any reference to medical information, only the symbols we have associated with your application
      3. This system will confirm or decline that the Card you have presented is valid and that the symbols are the ones which we have authorised.
      4. The system will also display a copy of the photo that you provided to us, only if the other details on the card are  accepted as valid
      5. This is to enable providers to process your needs remotely and prevent fraudulent use of the card
  5. How global information is used
    1. By ‘Global Information’ we mean an aggregated and anonymous view of our cardholder database
    2. Global Information contains no identifiable information about any individual card holder
    3. We aim to build some intelligence on what the makeup of disabled people in the UK looks like.
      1. This is to inform decision making bodies such as Government departments to take disabled people’s needs into account
    4. From time to time we will produce generalised statistics which summarises the information provided by groups of cardholders
      1. This will be to provide a localised picture of cardholder make up. This might be to inform a local authority of the numbers of disabled people who are actively looking for paid employment
    5. We will use this global information to target particular industries where the statistics show there might be demand for improving service delivery or introducing new services
      1. For example – an area may have a large number of disabled people interested in Live Music but there is a lack of accessible live music venues
    6. We will also share this Global Information with charities and Statutory Bodies like Local Authorities in order to be able to target support services for disabled people
  6. How information is stored
    1. All information is stored digitally on a secure server
    2. Any application forms received on paper are securely destroyed after entry onto the system
    3. All the data you provide is stored for the lifetime of your card, plus 3 months to allow time for renewal
      1. If you decide to leave the scheme at any point or your card expires and is not renewed all information will be securely and permanently deleted
  7. Data Protection
    1. Nimbus: The Disability Consultancy Service Ltd is the legal body operator of the Access Card, Company Number 05969642.
    2. Nimbus: The Disability Consultancy Service Ltd is registered with the Information Commissioner who is the Data Protection Regulator. Our Registration Number is ZA020704. Our Data Controller is The Managing Director of Nimbus Disability
    3. Under GDPR you have the right to request access to the information we store about you at any time.
      1. If you want to make a request please contact us
      2. We reserve the right to make a reasonable administration charge for Subject Access Requests which are unfounded, excessive, particularly if they are repetitive.
  8. Changes to Policy
    1. This policy may be subject to change from time to time.
    2. We will contact you to inform you of any material changes.
    3. You are encouraged to review the Privacy Policy from time to time via the website www.accesscard.org.uk