Privacy policy

Last updated - 15 May 2018

Your privacy is important to us, which is why we only collect the information we need from you and your household in order to provide you with our services. We take great care to ensure the information we collect is kept confidential and handled responsibly and in accordance with legal requirements.


By continuing to use this website you accept the use of ‘cookies’. Read our cookie policy for information.

Who are we?

Where we refer to 'we', 'us' or 'our' in this policy, this refers to Notting Hill Genesis (NHG).

The information we collect

Personal data

This is information that can identify an individual e.g. name, address, date of birth.

Sensitive data

This is personal information such as: the racial or ethnic origin of the data subject, their political opinions, their religious beliefs or other beliefs of a similar nature among others.

How we collect information

When we ask you for information we will:

  • Tell you why we need it and how it will be used
  • Collect only as much as we need to provide our services
  • Take steps to ensure it is accurate and up-to-date
  • Make sure we don’t keep it longer than is necessary
  • Keep it secure and confidential – so that it is only seen by those members of staff who need it to do their job

In return we ask you to:

  • Give us accurate information
  • Tell us as soon as possible of any changes in your circumstances

Why we collect this information

We use your personal data in various areas of work, including:

  • Management of homes
  • Collection of rents, other sums and receipt of benefits
  • Maintenance/repair of homes
  • Regulatory purposes e.g. requirements of the Regulator of Social Housing research
  • Legal proceedings
  • Ensuring health and safety of staff
  • Seeking to meet health and safety and other special needs of resident
  • Prevention of crime and crime reduction including potential fraud cases
  • Equal opportunities monitoring
  • Research

Sensitive personal data is normally only held if you or someone authorised by you (e.g. a doctor or social worker, or someone living with you) has given us the data.

Typically we hold and process such data in connection with managing your housing arrangements in order to meet your needs. We have notified the Information Commissioner in detail of the purposes for which it uses data and what it does with the data.

Our legal requirements

We must comply with data protection legislation and guidelines. The principles we must comply with say that information about you must be:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate
  • Not kept longer than necessary
  • Processed in line with your rights
  • Safe and secure
  • Not transferred to countries without sufficient protection

For more information visit:

ICO Principles

Data Protection Act

Who we share this information with

Generally only our staff has access to your personal information, however, in some cases we share it with our business partners, such as:

  • Contractors and managing agents
  • Local authorities
  • Legal advisors
  • Police and fire service
  • Government departments
  • Welfare advisors
  • Medical professionals
  • Other housing associations
  • National Fraud Initiative credit agencies (Rental Exchange project)*
  • Surveying agencies (who only act on our behalf)*

*Contact us to opt out, or for more information.

We always make sure the organisations understand that the information must be used for the reasons we have specified and must be kept safe and secure.

These organisations are also bound by contractual data sharing agreements.

Why we share your information:

  • Legal requirements
  • Research purposes
  • To provide services to our tenants
  • To maintain accuracy

We may sometimes be required to share information by law, without your consent, on the grounds of:

  • Crime prevention or detection
  • Taxation/fraud reasons (including housing fraud with local authorities)

(Section 29 - Data protection Act)

In any other instances your personal information will not be shared with any other third parties, unless your explicit consent has been granted.

Accuracy of your information

We endeavour to keep our records up to date. However, if any of your personal details change (e.g. telephone number, contact information), please let us know and we will ensure our systems are corrected.

Make a complaint

As with all NHG services, if you aren’t happy with the way we have used your data you are entitled to submit a complaint.

Control of your personal information

The Data Protection Act is in place to protect your privacy. You have a number of rights under the legislation, one of which is that you may ask to see the information we hold on you by filling out a ‘Subject Access Request’.

You can contact your housing officer or property management officer or write to the address below to submit a request or understand more about this process:

Subject Access Request
Notting Hill Genesis
Bruce Kenrick House
2 Killick Street
N1 9FL

Please note:

  • There are limits to the volume of data we can provide>
  • We require a £10 processing fee
  • We have 20 working days to complete the request
  • We can withhold or conceal data if it reveals information on another individual

Merger of Notting Hill Housing and Genesis Housing

On the day Noting Hill Housing and Genesis merged, we registered with the Information Commissioners Office (ICO) as Notting Hill Genesis (ICO number: ZA337113 - expires 3 April 2019). This does not affect any personal information we held for our customers

Changes to Data Protection

Currently, the Data Protection Act 1998 is what looks after your personal data. However, due to the digital era expanding into more aspects of our lives, these laws are changing in May 2018, and being replaced with General Data Protection Regulations (GDPR).

These changes will strengthen the individual’s data protection rights, ensuring that companies using your data will do so with due care and taking into consideration the potential risks.

GDPR will achieve this by giving individuals greater control over their personal information and creating uniformity across the EU. Stricter rules for gathering and storing sensitive data will be introduced, and the Information Commissioner’s Office (ICO) will be given greater powers to ensure these laws are adhered to.