How we use your personal information

The Hillcrest Group is committed to protecting your personal information. The Hillcrest Group is made up of Hillcrest Housing Association Ltd, Gowrie Care Ltd, Hillcrest Enterprises Ltd, Northern Housing Company Ltd, Hillcrest Maintenance Services Ltd, Leith Links NHT 2011 Llp and Cair Scotland Ltd.


Each member of the Group is a data controller for the purposes of the Data Protection Act 1998 and is registered as a data controller with the Information Commissioner’s Office (ICO).


This statement tells you what to expect when we collect personal information. It applies to information we collect about tenants, customers and people who use our services and their families.


The information we collect

Information is collected by the member of the Group. We collect information about you from the following sources (this is not an exhaustive list):

  • applications and other forms;
  • your transactions, requests and experiences with us (this can include, but is not limited to, speaking with a member of the housing department or the customer services team);
  • third party organisations we work in partnership with, for example the local authority; and
  • our surveys and your feedback.


Personal information may include, but is not limited to, your name, address, date of birth, email, telephone number, financial and welfare information and your image, for example, on CCTV.


If there are changes to your personal information or circumstances, it is important you tell us so we can update your information.


How we will use your information

Your personal information will enable us to:

  • support and manage your tenancy;
  • provide you with care and support;
  • safeguard individuals;
  • safeguard and maintain our property;
  • improve our understanding of our customers and their needs;
  • administer, support, improve and develop our services to ensure our service to you is as good as it can be;
  • support strategic development;
  • recover any money owed;
  • detect and prevent fraud and other criminal activity;
  • investigate a complaint; and
  • keep our records up to date and accurate.


We will contact you for your views on our services and to notify you of changes or developments to our services and the use of your information. We may also use your information to let you know about other Group services which may be of interest to you.


We carry out surveys and request feedback on services we provide. Information may be analysed to monitor performance and improve service delivery. The information derived from this analysis may be published or shared with other organisations or individuals in an anonymised format.


We do not sell or share your information with external organisations for marketing.


How we hold your personal information

We receive information directly from you and from partner organisations which is held on an electronic and paper record.


The information we disclose

Each member of the Group is prohibited by the Data Protection Act 1998 from disclosing personal data except when it’s necessary, when the law requires it or when we have your consent. The following describes some of the ways your information may be disclosed:

  • when you provide information to the Group you may not be sharing this with one member of the Group alone. Some services are provided jointly with a partner organisation. In order for us to provide this joint service it is necessary for us to share your information with those partners;
  • information may be accessed, given to or used by relevant staff within the Group;
  • information may be given to contractors we employ; and
  • we reserve the right to disclose any information you provide to us where required to do so by law, or to comply with a regulatory obligation, or to assist in any investigation into a complaint or welfare issues, or alleged illegal or criminal conduct.


How we safeguard your information

We maintain physical, electronic and procedural security measures to ensure that your personal information is treated responsibly, to protect your information from access by unauthorised persons and to protect against unlawful processing, accidental loss, damage and destruction. 


How you can access your information

Under the Data Protection Act 1998, you are entitled to request access to the information we hold about you. If you wish to do this, please email or write to:

Information Governance Adviser

Hillcrest Group of Companies

1 Explorer Road



For further information please see the ICO’s guidance on requesting your personal information -