the regenda group

Privacy Policy

The Regenda Group comprises Regenda Limited (trading as Regenda Homes) and its wholly owned subsidiaries, including: 

  • Redwing Living Limited
  • The Learning Foundry Limited
  • M&Y Maintenance & Construction Limited
  • Petrus Community Limited
  • Centre 56 Limited
  • Community Threads Limited
  • Ecogee Limited

This privacy notice tells you how and why Regenda Limited processes your personal information, and the rights you have.

We are committed to handling your information fairly, transparently and in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Data (Use and Access) Act 2025 (DUAA).

1. Personal data we collect
We collect information about you when you apply for a role, receive a conditional offer, enquire about our services, communicate with us or visit our website. This may include:

Personal data

  • Contact details (name, address, phone, email, online account username)
  • Interactions you have had with us and the services you may be interested in
  • Date of birth, age, gender, signature and national identifiers (e.g., NI number, passport)
  • Next of kin/ emergency contact details
  • Caring responsibilities
  • Employment history
  • Job application answers and any other information you wish to provide in support of your application.
  • Proof of your eligibility to work in the UK
  • Proof of your qualifications, if required.
  • DBS application to declare any unspent convictions, depending on the nature of the role you apply for.
  • Company details provided for job references and references once received.
  • Potential conflicts of interest
  • Financial information (bank details)
  • Website usage, IP address and device data

 

Special category data (where necessary)

  • Age
  • Gender
  • Marital status
  • Ethnicity
  • Religion
  • Sexual orientation
  • Disability, health and medical information
  • Socio-economic background

We only ask for this information to ensure that your needs are met, and for fairness, inclusivity and compliance with equality law. You do not have to provide it.

2. How we collect your information
We collect personal data from:

  • Application forms
  • Interactions with us via phone contact, emails and letters
  • CCTV and building security systems
  • Our website, portals and digital tools
  • Automated tools (e.g., sentiment analysis, web analytics)

We will always explain what information is required and why.

3. How we use your personal data
We use your information to:

  • To inform you about policy updates and reports
  • To request feedback and input for consultations and research projects
  • To update you on our latest products and services
  • To update you on new job opportunities
  • To discuss your job application or conditional offer

We use the following Artificial Intelligence (AI), analytics and automated tools:

  • Segmentation and profiling to understand service needs
  • Algorithmic tools to prioritise repairs or customer contact
  • Automated decision‑support systems used internally to allocate resources

We do not make fully automated decisions that produce legal or significant effects without human involvement.

Where AI or automated analysis is used, it is governed by our AI and Machine Learning Policy.

You have the right to:

  • Request human review
  • Ask for an explanation of how automated tools affected your case
  • Object to automated processing where legally permitted

 

4. Legal bases for processing
We rely on one or more of the following:

Contract
To fulfil and manage your employment contract.

Legal obligation
Where processing is required by law.

Legitimate interests
Including:

  • Process next of kin and emergency contact details
  • Operating CCTV for safety and crime prevention
  • Quality monitoring and staff training
  • Process data in accordance with the Speak up policy

We always balance legitimate interests against your rights.

Consent
Where required, such use of certain special category data and optional surveys or marketing communications.

You can withdraw consent at any time.

Vital interests
Protecting life or preventing serious harm.

Public interest / substantial public interest
Including safeguarding, preventing fraud, and equality monitoring.

Recognised legitimate interests
We may rely on this basis for:

  • Cybersecurity and system integrity – protecting our digital systems and preventing cyber threats
  • Crime prevention and detection
  • Safeguarding vulnerable individuals – where information is required to protect someone at risk
  • Disclosures to public bodies – where a public body (e.g., local authority, police, fire service) confirms it needs information to carry out its statutory public task
  • Responding to emergencies – such as fires, floods, structural hazards or risks to human welfare

 

5. Who we share your personal data with
We may share information with:

To deliver services

  • People services team
  • Your line manager and Managers in the business area which you work
  • Health and Safety Team, in order to maintain records regarding accidents or incident
  • IT services in order to provide you with an IT account, email address and access to relevant buildings and systems
  • The Governance Team in order to manage declarations and conflicts of interest.
  • The Speak Up Team when there is a serious concern of wrongdoing.


Where disclosure is required

  • Pension providers in order to enroll you into a pension scheme and ensure contributions are paid correctly
  • Regenda’s Occupational Health provider in order to ensure you are fit for work, and to provide care and support during your time working with us
  • The Disclosure and Barring Service (DBS) where we need to make criminal records check for certain roles
  • Suppliers and service providers to communicate with colleagues via SMS text messages on Regenda devices.
  • Industrial Training Board’s i.e. CITB to claim grant funding.
  • On occasion and where necessary, the police and other law enforcement agencies
  • On occasion and where necessary, appointed auditors and insurers

Data is only shared where necessary and subject to appropriate safeguards.

6. International transfers
Where data is processed outside the UK or EEA, we ensure:

  • A UK‑approved adequacy decision is in place, or
  • UK‑approved International Data Transfer Agreements or Standard Contractual Clauses (Article 46 UK GDPR) are used


7. How long we keep your data
Employment records are retained for 6 years after employment ends.  We only keep your information for as long as necessary to:

  • Deliver services
  • Meet legal and regulatory requirements
  • Defend legal claims

All information is securely disposed of when no longer required and some data may be anonymised for statistical purposes.

8. Protecting your personal data
We use organisational, technical and physical measures to safeguard data. These include:

  • Identity checks
  • Access controls
  • Encryption and secure systems
  • Incident and breach response procedures

No communication method is completely secure, but we take reasonable measures to reduce risk.

9. Cookies and website analytics
Our website uses cookies to:

  • Improve performance and user experience
  • Personalise content
  • Deliver relevant advertising
  • Understand user behaviour

Google Analytics and Google Signals may be used with your consent. No identifiable Google account data is shared with us.

You can change your cookie preferences at any time.

10. Your rights
You can ask us to:

  • Provide a copy of the personal data we hold (Subject Access Request)
  • Explain how your data is used
  • Correct or update inaccurate information
  • Delete your information (where applicable)
  • Restrict or object to processing
  • Transfer data to another organisation (where applicable)
  • Withdraw consent
  • Challenge automated decision‑making or request human intervention
  • Request explanation of algorithmic tools
  • Raise a complaint if you believe we have not met data protection standards, including fairness, transparency or data access rights

Data protection requests or queries can be made via the contact details below.

11. Contact us
Data Protection Team
The Regenda Group
The Foundry, 42 Henry Street, Liverpool, L1 5AY
Tel: 0151 703 3000
Email: dataprotection@regenda.org.uk

12. Information Commission
You can contact the Information Commission at:

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Telephone number: 0303 123 1113

Website: ico.org.uk

This privacy notice was last updated 22 April 2026

the regenda group
Follow us