We are now open for Browsing & Click & Collect!

Exaireo Reuse - Privacy policy

 Exaireo Trust Logo

The Exaireo Trust (Exaireo) Privacy Notice



The Exaireo Trust (charity no. 1125402) is committed to protecting your privacy and security, and ensuring that all aspects of the General Data Protection Regulations (GDPR) are complied with. This privacy notice explains how and why we use your personal data, to ensure you are informed and in control of your information.  

This privacy notice applies to anyone that Exaireo has contact with, including current and previous residents, those who apply for housing but for whatever reason do not become residents, employees, past employees, job applicants, volunteers, the general public and other professionals.

We have determined that Exaireo does not require a Data Protection Officer due to the low volumes of data being processed. In the absence of a Data Protection Officer, the HR manager has been nominated as the person responsible for the implementation and ongoing adherence to GDPR.   

If there are any questions concerning this policy, these can be addressed to the HR Manager, The Exaireo Trust, Unit 4, Weldon Road Industrial Estate, Loughborough, LE11 5RN or by email to info@exaireo.org.


     2. ABOUT US

 In this policy, wherever you see the words ‘Exaireo’, ‘we’, ‘us’ or ‘our’ it refers to The Exaireo Trust.



Personal data you provide

We collect data about you in the course of our work. This includes information at the beginning of, and during our relationship. For example: personal details, medical history, offending history, emergency contact details, financial information.

Information we generate

During the course of our relationship, we generate additional information. These include but are not limited to key work session notes, supervision notes, discliplinary records, sickness records, referrals to other agencies.

Information from third parties

From time to time we will receive information about individuals from third parties. This includes but is not limited to information from the probation service, or in relation to housing benefit and/or unemployment benefits. 

Sensitive personal data

We collect and store sensitive personal information (this includes racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, health information and information concerning a person’s sexual life or sexual orientation) concerning our residents and employees (as appropriate). We will take extra care with this information, to ensure that your privacy rights are protected.

Accidents and incidents 

If an accident or incident occurs on our property, we will keep a record of the incident (which may include both personal and sensitive personal data). We will also share this information with statutory bodies as required.



We only ever use your personal data where it is necessary in order to:

  • Enter into, or perform a contract with you;
  • Comply with a legal duty;
  • Protect our legitimate interests;
  • Protect our lawful interests, providing that your rights don’t override these.

We have determined that the personal data we hold is used in order to protect the legitimate interests of you and us, and to comply with our legal duty. In all cases, we will only use your information for the reason it was collected.

Internal analysis

We carry out analysis on data collected from residents, to determine the length of time residents stay with us, and the reasons for their leaving. This helps us to better plan and take action where required. 



We will never sell your data. We may share your data with other professionals, when it is in your vital interests to do so or it is our lawful duty to (this includes but is not limited to HMRC, borough councils, DWP, payroll processors).



We employ different measures to keep your data safe, and to prevent any unauthorised access to, or disclosure of, your information. 

Electronic data is held on secure devices or our secure server (accessible by staff, and with different access levels based on job roles).  Hard copy information is stored in files, which are in turn stored in rooms/cupboards which are locked when not in use. Access to office space by non-staff members is only permitted where there is a staff member present. Archive records are stored in a secure location, which is kept locked at all times (saving when access to the information is required).


Some of our premises have CCTV and you may be recorded when you visit the premises. CCTV is there to aid security and to protect us and you and your possessions. CCTV will only be viewed when necessary (eg for reasons for security, or to detect or prevent unauthorised activity).

Data breaches

In the unlikely event that there is a data breach (this is where your personal information is disclosed to another party in error), we will notify both you and the Information Commissioners Office (ICO) without delay and within a maximum of 72 hours from when we become aware of the breach.



Where we store electronic data

Our operations are based solely in the UK, and we store all data within the European Union (EU). It is possible that organisations which provide services to us may transfer data outside of the EU and EEA (European Economic Area) for example through their cloud storage; however such transfers will be subject to sufficient data protections.

How long we store information

Under GDPR, we are required to make sure that we use and store information for only as long as it is necessary, and only for the purposes it was collected for. We have determined that information concerning past, current or future Exaireo residents will be held for a period of 12 months for those who do not become residents, and for 36 months for residents unless there is a compelling reason for us store it for longer. Information concerning all other people will be stored for a period of 36 months. Financial information will be kept for a period of seven years. All such periods will start from the date of last contact, with the period being reset if contact is subsequently made. 

We will regularly review both the information we keep, and the length of time we keep it for.



We want to ensure that you remain in control of your personal data. Included in this is ensuring that you are aware of your legal rights, which are:

  • The right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold (known as a subject access request);
  • The right to have your data erased (although this will not apply in certain cases – for example when we have a lawful duty to use the information);
  • The right to have inaccurate data rectified;
  • The right to object to your data being used for marketing (we will never do this); and
  • Where possible, you have the right to see personal data which you have provided us with

Please remember that there may be times when our legal duty and your vital interests supersede these rights, in which case we will let you know at the time of any request.


      9. COOKIES

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

We use the following cookies to optimize your experience on our Site and to provide our services.

Cookies Necessary for the Functioning of the Store

Name Function
_ab Used in connection with access to admin.
_secure_session_id Used in connection with navigation through a storefront.
cart Used in connection with shopping cart.
cart_sig Used in connection with checkout.
cart_ts Used in connection with checkout.
checkout_token Used in connection with checkout.
secret Used in connection with checkout.
secure_customer_sig Used in connection with customer login.
storefront_digest Used in connection with customer login.
_shopify_u Used to facilitate updating customer account information.

Reporting and Analytics

Name Function
_tracking_consent Tracking preferences.
_landing_page Track landing pages
_orig_referrer Track landing pages
_s Shopify analytics.
_shopify_fs Shopify analytics.
_shopify_s Shopify analytics.
_shopify_sa_p Shopify analytics relating to marketing & referrals.
_shopify_sa_t Shopify analytics relating to marketing & referrals.
_shopify_y Shopify analytics.
_y Shopify analytics.


The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.


    10. CHANGES

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.


    11. CONTACT

Should you have any query regarding your data, please contact Exaireo using the details at the top of this policy. If you are unhappy with our response, you can contact the UK Information Commissioners Office (ICO) which regulates Data Protection in the UK. Contact details can be found at www.ico.org.uk


Back to Policies


Click to View All Furniture  Link to Home Page  Link to View Available Furniture