Vulnerable Policies:

Elements from GDPR missing where you have to gain consent from the customer to store the sensitive date. Please see below statement you can add to your policy:

Any information gathered will be processed in line with GDPR and the Data Protection Act 2018. Where necessary, explicit consent will be obtained from a customer to enable us to process the details of their vulnerability accordingly. Customers will also be fully informed of how we will process this information.
We will always:
– Ask for a customer’s explicit consent in order to record, store or process the details of their vulnerability, where it is necessary and appropriate to do so
– Clearly explain to the customer why we need to record, store or process the details of their vulnerability
– Clearly explain to the customer who the details of their vulnerability will be shared with

Typically, we would only look to process the details of a customer’s vulnerability where we may need to tailor our approach during our communications with them, or when we are entering their home for the purposes of a sales consultation or installation. We would therefore only share the details of the vulnerability with the relevant staff and representatives.