Privacy Notice for Victims and Survivors who report abuse within the Diocese

About this privacy notice

We encourage everyone to come forward and tell us if they have any information about abuse within the Diocese.

If you contact us to report abuse within the Diocese, we will listen to you. We understand that it can be difficult to tell us about abuse and that you may need to tell us sensitive information about yourself and others.

This privacy notice explains how we collect and use information about you if you report any abuse within the Diocese. We also have a general Privacy Notice for the Diocese which can be found at

About us

The Diocese of Clifton (we or us) is the organisation responsible for handling your personal information.

Everyone has rights with regard to how their personal information is handled by organisations. We are committed to ensuring that personal information is properly and securely managed in accordance with relevant data protection legislation. This is an important part of achieving trust and confidence between the Diocese and those with whom we interact.

The Diocese, under the name of Clifton Diocese is a company limited by guarantee, registered in England and Wales with number 10462076 and a registered charity with number 1170168. Our registered address is St Ambrose, North Road, Leigh Woods, Bristol, BS8 3PW. Details of how to contact us are set out below. We are also regulated by the Catholic Safeguarding Standards Agency (the CSSA), which is the professional standards body for safeguarding to which all Catholic dioceses and religious life groups in England and Wales are accountable.

What information will we collect about you?

Although you can contact us anonymously with any safeguarding issues, we will usually ask you to provide us with personal information in order for us to act on your report. This will typically include your name, contact details (such as a telephone number or email address) and any other information you wish to tell us that may be relevant to your report.

Depending on the circumstances, we may need to contact you again to ask you for more information. We will always do so sensitively.

As part of our investigations about your report, we may collect information from other sources, for example, from potential witnesses or other organisations. This may include personal information about you.

How we will use information about you?

We will use the personal information which you give to us in relation to any safeguarding concerns so that we can respond appropriately to your report and comply fully with our statutory obligations and with the requirements of the CSSA. This may include:

  • maintaining our own records of reports received;
  • responding to your report, including taking action against specific individuals where necessary; and
  • sharing information about your report with other organisations (see more below).

We may also use your personal information to contact you. This may be to give you updates, to seek additional information from you or to respond to any questions you may have asked us. If you specifically agree to it, we may also signpost you to other service providers who may be able to help you, such as counselling services.

We will also use the information you tell us, in an anonymous format, for audit and statistical purposes.

Who will we share your information with?

We understand that any information about abuse is very sensitive. We will ensure that any information you give us is handled sensitively and we will not share it unless either you have agreed to it or we have an obligation to share the information with others (as set out below). We are not able to keep all reports completely confidential because in certain circumstances we have legal duties to notify other authorities of such reports.

It is our policy to report all allegations of abuse to the statutory authorities, regardless of whether the abuse is reported to have occurred recently or in the past, and whether the accused person is living or deceased. Where the accused person has or has had a role working with children, the allegation will be referred to the relevant Local Authority Designated Officer (LADO) for safeguarding children.  Where a criminal offence may have taken place, the allegation will also be referred to the Police. This ensures that potential crimes are reported, and independent investigations can be undertaken in line with current safeguarding best practice.

There are lots of different Catholic bodies in Great Britain, including dioceses, religious orders and congregations, and charities. Sometimes reports of abuse are made to us which involve individuals for whom the Diocese is not responsible (for example, a religious sister). In such cases, we may need to share your information with the CSSA, the Religious Life Safeguarding Service (RLSS) and/or the Catholic organisation which is responsible for that individual, which may be based outside Great Britain.

As part of our procedures, we may appoint a person from outside the Diocese to investigate a report of abuse or to undertake an assessment, and to advise us on appropriate action to take. Where we do so, we will need to share some personal information with that person so they can carry out their investigation. We will inform you where this is the case.

We may also share information about your report, including your personal information, with the CSSA for the following purposes:

  • to receive professional safeguarding advice and guidance about your report;
  • to allow the CSSA to audit our safeguarding functions against professional standards; and
  • if you complain about how your report has been handled by us, in certain circumstances, to

allow the CSSA to investigate your complaint.

The CSSA will keep your information safe and secure, and only use it to fulfil its regulatory functions. More information about how the CSSA handles personal information can be found at

As the Diocese is a registered charity, we may need to share information concerning your report with the Charity Commission, which is the body responsible for regulating charities. If there is information which is relevant to our insurance, we may also need to share information with our insurers and/or brokers, the Catholic Insurance Service, whose privacy notice can be found at If you decide to make a claim for compensation, information may be shared with our legal advisors.

Other than as set out in this privacy notice, we will not share your personal information with anyone else unless there is a significant risk of harm or disclosure is required or permitted by law.

Our legal basis for collecting, holding and using your information

Data protection law sets out various lawful bases (or ‘conditions’) which allow us to collect, hold and use your personal information.

Whenever we receive a report of abuse or information about any other safeguarding matter, we are under a legal obligation to make a record of the report, to take action in response to the report and, where appropriate, to share information about that report with statutory bodies such as the police. For the purposes of data protection law, our legal basis for collecting, using and sharing your information is therefore to comply with these legal obligations.

We will sometimes use your personal information based upon your consent. We will always tell you where this is the case and ask you to agree before we process your information. For example, we may ask you if you would like us to share your personal information with another organisation for the purpose of facilitating counselling or other support for you, or to put you in contact with other Catholic Church bodies e.g. The Survivor Advisory Panel.

Sometimes it is necessary for us to process your personal information for the purposes of our own legitimate interests. We will only do so where these interests are not overridden by the interests and fundamental rights or the freedoms of the individuals concerned. Although we are legally obliged to take action in response to most safeguarding reports made to us, that is not always the case. For instance, the nature of the issues you raise with us may mean that we are not required to investigate or keep records of our actions. Nevertheless, we believe that it is in the legitimate interests of the Diocese for us to do so. In our view, it is in the legitimate interests of the Diocese to ensure that all parishioners are kept safe and to look into any concerns raised.

We may also share your personal information with the CSSA as explained above on the basis of our legitimate interests. We believe it is in the legitimate interests of everyone within the Catholic Church for organisations such as ours to be subject to effective safeguarding regulation by an independent professional standards body.

Special categories of personal data

Data protection law recognises certain “special categories” of personal information, which are information revealing racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; genetic information; biometric information for uniquely identifying a person; information concerning health, and information concerning a person’s sex life or sexual orientation. It may be necessary to collect some information of this nature as part of your safeguarding report.

These special categories of personal information are considered to be particularly sensitive and so we will only collect and use this type of information in limited circumstances. This includes where we consider the collection and use of your information (including sharing your information with the CSSA) is necessary in the substantial public interest to prevent or detect unlawful acts or improper conduct and to comply with our legal obligations in relation to safeguarding, and where it is necessary for us to establish, exercise or defend legal claims. In some circumstances, we may ask you to give us your explicit consent to our further use of your information. We will tell you where that is the case.

Security and storage of your information

Your information will be kept securely by us and will only be accessible by those who need to know it (for example, safeguarding personnel).

We will keep your information for no longer than is necessary to meet our legal obligations. The exact length of time we will keep your information depends on the nature of the issues you raise with us. We adhere to the retention periods recommended by the CSSA. We may keep your information for longer than the CSSA’s recommended retention periods if it is necessary, e.g., for handling legal claims.

The procedures provide that safeguarding case files relating to allegations against individual members of the clergy will be held for 85 years from their date of birth or until their date of death, if later. At the end of that period, a summary record will be retained indefinitely. Files relating to individuals in other church roles will be held for 25 years from the date their role ceases, with a summary record retained indefinitely. Where you raise with us issues which are not about clergy or individuals in formal church roles, the retention period will be shorter.

Your rights

You have rights in respect of the personal information you provide to us. In particular, you have:

  1. The right to request a copy of some or all of the personal information that we hold about you.
  2. Where appropriate, the right to withdraw your consent to the Diocese processing your personal information.
  3. The right to ask that any inaccuracies in your personal information are corrected.
  4. The right to ask that we delete your personal information where there is no compelling reason for us to continue to process it.
  5. The right to object to our processing of your personal information, where we do so on the grounds of our legitimate interests (see above).

Many of the rights listed above are limited and only apply in certain defined circumstances and we may not be able to comply with your request. We will tell you if this is the case.

If you choose to make a request to us, we will aim to respond to you within one month. We will not charge a fee for dealing with your request.

If you are dissatisfied with how we are using your personal information or if you wish to complain about how we have handled a request, then please contact our Data Protection Officer (details below) and we will try to resolve any issues you may have.

You also have the right to complain to the Information Commissioner’s Office, which is the statutory regulator for data protection law. Details of how to complain to the ICO can be found at

Contact Details

If you have any questions about this Privacy Notice, require further information about how we protect your information or wish to exercise any of your rights, please contact our Data Protection Officer:

Alexander House, 160 Pennywell Road, Bristol, BS5 0TX, Tel: 0117 902 5598


If you wish to report abuse within the Diocese to us, please contact our Safeguarding Coordinator:

Alexander House, 160 Pennywell Road, Bristol, BS5 0TX, Tel: 0117 954 0993