Data Protection

Our Commitment to Data Protection and Your Privacy

At the Brighton Crime Reduction Partnership (BCRP), safeguarding personal data is at the heart of everything we do. We take data protection seriously and ensure that sensitive information is handled with the utmost care and security.

Data Security and the DISC System

Our DISC system is a vital tool used for crime prevention and reduction. It contains sensitive information about individuals who may pose a risk to the business community. Access to DISC is restricted to authorised users, and we are committed to protecting the privacy of individuals and businesses alike.

What You Need to Know About Data Use and Privacy

We want to remind everyone that information in DISC is classified as restricted and should never be shared or discussed outside of the authorised users and organisations. This includes both verbal and written communication regarding any data held within the system.

  • Data Access: Only authorised users have access to the DISC system, and it is for crime prevention and reduction purposes only.

  • Confidentiality: Any information within DISC should remain confidential and not be shared with individuals who are not authorised to view it. This especially includes not discussing the data with individuals who are named in DISC.

  • Requesting Data: If someone wishes to know what data we hold about them, they must contact BCRP directly to make a Subject Access Request. Our members should not share, show, or discuss this information under any circumstances.

Serious Consequences for Breaching Data Protection

We take all breaches of data protection seriously. Unauthorised sharing or discussing of information could result in significant consequences, including:

  • Loss of Access: Removal of access to the DISC system.

  • Suspension of Membership: Your membership with the BCRP may be permanently terminated.

  • Legal Action: Any serious breach may be reported to the Police, and legal action may be pursued under a variety of data protection legislation.

  • GDPR Compliance: We are fully committed to GDPR compliance to protect our members, the individuals named in the system, and the reputation of the BCRP.

Remember YOU are responsible for any use/ breach of data on your DISC account.

It is important to note that all information on DISC, including images, is protected by a unique identifier [security seeding] that links it to the account accessing it. This allows us to trace any improper sharing back to the responsible account.

The Risks of Using WhatsApp for Business Communication

At the Brighton Crime Reduction Partnership (BCRP), we understand the importance of secure and compliant communication when handling sensitive information. While platforms like WhatsApp are widely used, they are not designed to meet the data protection and accountability standards required under UK GDPR.

Why WhatsApp is Not Suitable for Business Communication

Using WhatsApp to share personal data, such as CCTV images or the names of individuals, can result in significant risks, including:

  • Data Breaches: Messages can be forwarded, accessed on lost or stolen devices, or exposed through hacking.

  • Lack of Control: Once shared, there is no way to track or control how the information is used or forwarded.

  • Policy Violations: Storing personal data on personal devices may breach your organisation’s or client’s data protection policies.

  • No Audit Trail: WhatsApp does not provide a reliable record of communication, making it unsuitable for regulated environments.

  • Contravention of WhatsApp T&Cs: the terms and conditions for using WhatsApp specifically prohibit commercial use.

Examples of Risky Practices

We are aware that some individuals routinely share sensitive information, such as CCTV images or names of individuals, through WhatsApp groups or private messages. These actions may contravene both GDPR requirements and company policies, exposing individuals and organisations to serious consequences.

The Information Commissioner has made it clear that the use of WhatsApp for the exchange of offender data is not compliant with UK GDPR legislation.

It’s vital to understand that storing or sharing personal data on personal devices without appropriate safeguards can:

  • Breach your company’s data protection policies.

  • Lead to loss of access to critical systems like DISC.

  • Result in legal or disciplinary action.

Secure Alternatives to WhatsApp

To ensure compliance and protect sensitive information, we encourage all members to use the following secure methods of communication:

  • BCRP Radio: A reliable way to share information in real time across the network.

  • DISC Instant Messaging Service: A GDPR-compliant tool for secure communication within the partnership.

  • DISC Reporting: Log and share reports securely while maintaining an auditable communication trail.

Our Commitment to Supporting You

If you are unsure about the best way to handle or share sensitive data, we are here to help. Please contact us for advice, guidance, or training on secure communication practices.

Thank you for working with us to maintain a secure, compliant, and professional approach to data protection.

We’re Here to Help

If you are ever unsure about how to handle sensitive data, how to use DISC, or what is considered appropriate sharing, we’re here to provide guidance. Please feel free to reach out for advice, training, or assistance with data security.

You can contact us through DISC, using the button below, or via email at info@bcrpbrighton.com.

Thank you for helping us protect data and maintain a secure environment for all.