Barbican Association

BA ASB Reporter Privacy Policy

The Barbican Association (BA) is committed to ensuring data security and the fair and transparent processing of your data. This privacy policy sets out how we will treat the personal data which you provide to us in compliance with the Data Protection Act 2018.
This privacy policy contains important information on how and why we collect, store, use and share personal data, your rights in relation to your personal data and how to contact us if you have any concerns about how we process your data.
Where we have omitted ways in which your data could be collected, processed or shared, we will not do so without your express written permission. In that case all use of your data will be in extension to this policy.
What personal data do we collect?
Personal data, or personal information, means any information about you which could be used to identify you.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
  • Identity Data includes your title, first name, last name or moniker;
  • Contact Data includes address, email address and telephone number;
  • Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
How we collect your personal data
We only collect information about you through direct interactions. You may give us your identity and contact data by filling in the form.
How we use your personal data
We ask you to supply us with personal data so that we can:
  • Verify submitted Anti-Social Behaviour Reports (ASBR);
  • Contact you regarding ASBR;
  • Link ASBR from you.
We may also process your personal data if required by law, including responding to requests by government or law enforcement agencies or for the prevention or crime or fraud.
Who we share your personal data with?
We may share your personal data within the officers of the Barbican Estate Office and officers of the City of London Police.
We take all reasonable steps to ensure that everyone we share your information with protects your personal data and are aware of their information security obligations. We limit access to your personal data to those who have a need to know it.
How long will we keep your personal data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Where we store your personal data and how it's protected?
We take reasonable steps to protect your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
In addition, we limit access to your personal data to those officers and committee members who have a need to know it.
They will only use your personal data in regard to ASBR, and they are subject to a duty of confidentiality. We will notify you and the relevant Regulator(s) such as the ICO of a suspected data security breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure and although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to the ASB Reporter website; any transmission is at your own risk. Once we have received your personal data, we will use strict protocols and security features to try to prevent unauthorised access.
Your rights
We may ask you for proof of identity when making a request to exercise any of these rights. We do this to ensure we only disclose information when we know we are dealing with the right person.
We will not charge you for any of these requests unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before we proceed with your request.
We will respond to all valid requests within 30 days. It may however take us longer if the request is particularly complicated or you have made several requests. We will always let you know if we think a response will take longer than one month. To speed up our response, we may ask you to provide more detail about what you want to receive or are concerned about.
We may not always be able to do what you have asked, for example, if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.
The right to be informed
You can ask us what data we hold on you and what we do with it.
The Right of Access / Data Subject Access Request (DSAR)
You can ask us to provide you with a copy of your personal data that we hold about you by contacting us at Please note that the BA will not provide copies of any emails sent to or received from yourself as you already have received this information. We also will not provide any internal emails or documents that may contain your name unless the information contained in the email is:
  • significantly biographical with regards to you as the data subject and/or;
  • you as the data subject were the focus of attention in the document.
We may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person or if your request is manifestly unfounded or excessive.
Correcting Personal Information / Right of Rectification
You can ask us to correct any information about you which is incorrect. We will be happy to correct such information but may need to verify the accuracy of it first.
Right to Erasure / Right to Be Forgotten
You can ask us to:
  • erase your personal information if you think we no longer need to use it for the purpose we collected it from you;
  • erase your personal information if you have either withheld your consent to use your information (if we originally asked for your consent to use your information), or exercised your right to object to further legitimate use of your information, where we have used it unlawfully or where we are subject to a legal obligation to erase your personal information.
We may not always be able to comply with your request, for example, if we need to keep using your personal information in order to comply with our legal obligations or where we need to use it to establish, exercise or defend legal claims.
Right to Restrict Processing / Withdrawing Consent
Where we have asked for your consent to use your personal information, you will always have the right to withdraw your consent. We will still hold your details on our databases but will not contact you.
Requesting a transfer of personal information / Data Portability
You can ask us to:
  • provide your personal information to you in a structured, commonly used, and machine-readable format;
  • or you can ask to have it transferred directly to another data controller (i.e. another organisation).
Third party requests
We accept third party requests from individuals such as friends, relatives, solicitors or from persons who have power of attorney where:
  • we have a letter from the data subject stating that they want a named person to make these changes on their behalf;
  • we are given evidence of power of attorney;
  • the data subject and third party call together (either by being in the same room at the same time) or by a three-way call with the BA.
Contact and complaints
If you would like to contact us about the use of your personal data, or exercising your personal rights then please email us at for any requests to stop processing your data or for any Subject Access Requests.
Your right to complain
If you believe that your data protection rights have been breached and we have been unable to resolve your concern, you have the right to report your concern to your local data protection supervisory authority. In the UK this is the Information Commissioner’s Office (ICO) and you can raise your concerns by going to
We do ask that you please attempt to resolve any issue with us before contacting the ICO.
Review and monitoring
We will review this privacy notice regularly, in line with our quality standards and regulatory criteria.