Last updated 22 May 2018
If you are under 18, please seek permission from a parent or guardian before giving personal information to anyone online.
If you do not agree to this policy, please do not give us your information.
We obtain information through our interactions with you and try to be clear when we are doing so. We may also obtain your information through third parties and from public sources. Below, we have tried to list as clearly as possible how your information is obtained from each of these sources.
You have the right to request that your information not be used at any point. To do so, please contact us at firstname.lastname@example.org. For more information on your rights, please view the ‘Your rights’ section below.
We may obtain information from you through your interactions with us such as when you are:
Certain types of personal information (e.g. health, race, religious beliefs, etc.) are in a special category under data protection laws, because they are considered to be more sensitive. We only collect this type of information if there is a clear reason for us to do so, (e.g. to provide appropriate facilities or support). We will also collect this type of information if you make it public or volunteer it to us (e.g. you tell us while we are supporting you during a client session). Wherever it is practical for us to do so, we will let you know why we are collecting this information and for what purpose.
Clients receiving support from our service are asked to provide us information through our ‘About You’ and ‘Feedback’ forms. The information is anonymized and used to help us better understand how our client service is being used and how we can make it better.
We do not actively collect information from children (under 18s) nor are our events aimed at children, however our supporters are of all ages. Where appropriate, we will ask a parent or guardian for consent prior to collecting their child’s information. Children can only fundraise or partake in an event to benefit the PSU with a parent or guardian.
We do not actively collect and/or use information about your device (e.g. IP address, type of device, etc.) but depending on your device settings, it may be made available to us. Contact your device manufacturer or operating system provider for more information on what information is made available.
Please note, our Applicant Privacy Notice can be found in our Jobs webpage, and our Volunteer Privacy Notice can be found on our Court volunteer application webpage. Staff should speak to their HR team for a copy of our Privacy Notice for staff.
We will use your personal information to administer our website, applications, contact databases, client service and marketing material. Examples include:
At any point, you can let us know how you would like to be contacted and what information you would like to receive, as well as update your communication preferences and opt out of communications, by completing our online Staying in touch form, or emailing email@example.com.
Most of the time, we will obtain your permission for processing your information, but occasionally we may need to process your personal data without your consent. This will only be done when it is in our legitimate interest, it is legal for us to do so, and it will not infringe your legitimate interest, rights, and/or freedoms.
The safety and security of your personal information is important to us and we try to implement the safeguards needed to protect it, ensure it is accurate, and keep it up to date such as:
Unfortunately no matter what safety measure are implemented, information sent via the internet can never be guaranteed to be fully secure. Even though we do our best to ensure your personal information is safe, we cannot guarantee that the information you provide online or via email is fully secure. Information you send via internet is therefore sent at your own risk.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required to do so by law or for regulatory reasons.
General information may be shared with partners in order to aid our research, with personal identifying information removed (e.g. we may share the total number of attendees to an event or the number of clients completing a survey).
Some of our suppliers may run their operations outside the EU where they are not subject to the same data protection regulations. Where this is the case, we will take steps to confirm they provide an adequate level of protection in line with UK data protection law.
We aim to hold your information for only as long as necessary for the relevant activity (e.g. donation information will be kept for six years in alignment with auditing requirements).
If you opt-out of communications, we normally keep the minimal amount of personal information needed to ensure your request is carried out (e.g. name, email, and address). If you ask us to completely remove all of your information, we will do our best to carry out your request, but may not be able to if we were unable to keep the information required to track your request.
If your personal details change, please help us to keep your information up to date by notifying us at firstname.lastname@example.org.
For any personal information of yours that we hold, you have the right to request:
You also have the following rights under GDPR regulation, more information on these can be found on the ICO’s (Information Commissioner’s Office) guidance:
We may require proof of identity prior to fulfilling your request, and we will respect your requests unless we are unable to do so for legal reasons (e.g. inability to delete donation information for auditing reasons). If we are legally unable to carry out your requests, we will notify you along with the reason(s) why. For more details regarding exceptions to your rights, please view the ICO’s guidance.
Complaints regarding our processing of your personal data can be made to the ICO, however we would appreciate the opportunity to address any issues you have with the way we process your data and can be contacted at email@example.com. If you are still unhappy after we have had the chance to discuss your complaint, you have the right to contact the ICO at any time.