At Bendrigg we take your personal information, security and communication preferences seriously. We aim to be clear when we collect your data and not do anything you wouldn’t reasonably expect.
Developing a better understanding of our visitors and supporters through their personal data allows us to make better decisions, fundraise and market more efficiently and, ultimately, helps us to achieve our charitable objective. We have made improvements to this policy to make it more understandable to our visitors and supporters.
Where do we collect information from?
- When you give it to us DIRECTLY
- When you give it to us INDIRECTLY: e.g. group leaders who have received
information from parents or carers of the participants
- When you give permission to OTHER ORGANISATIONS to share or it is available publicly
- Information available publicly – newspaper articles, social media and other websites
- When you visit our Website including cookies
What personal data do we collect and how do we use it?
a) Personal data collected
We collect data from our staff, trustees, volunteers, participants and our supporters and donors. We usually collect:
- Name, Contact details, Date of birth, Bank or Credit Card details
- Where it is appropriate or necessary we may also ask our visitors and staff for
information relating to your health
- We may also collect data and record any correspondence we have with you.
b) How we use it
- To provide the appropriate courses and care for our visiting groups
- To administrate bookings and donations
- To keep a record of your relationship with us
- To ensure we know how you prefer to be contacted
- To see how we can improve our services
- To help with our marketing and fundraising
- To use your information and your experience with us to create a case study.
Your explicit permission will be gained before we do this.
We include information of how you can opt out when we send you marketing or fundraising material.
We will only contact you if we believe you have a legitimate interest in Bendrigg Trust. However, if you do not wish to be contacted by us please email to firstname.lastname@example.org or call us on 01539 723766.
How do we manage children, young people or vulnerable adult’s data?
- Sensitive information will be obtained for children, young people and vulnerable
adults when it is needed to ensure their safety and wellbeing whilst at Bendrigg
- Where appropriate consent from a parent/guardian or carer will be obtained before collecting this information
How do we keep your data safe and who has access?
- The storage of all of our data is managed by our ‘information security officer’
- Most data will be stored electronically on a secure and protected server
- All booking information will be secured in a locked cupboard and will be destroyed within five years
- Medical forms/data will be secured in a locked cupboard or will be stored
electronically on our secure server and will be destroyed within 10 years
- We undertake regular reviews into who has access to information we hold to ensure that your information is only accessible by appropriately trained staff and volunteers
- We review the data protection policies of any external companies we use to store
and process data e.g. E-Tapestry and Mail Chimp on an annual basis. Your data will not be sold or passed on to any third party for marketing or fundraising purposes
- We may need to disclose your personal details to the emergency services if this is
- We will only ever share your data in other circumstances if we have your explicit and informed consent
- We would report any serious data breach to the ICO within 72 hours. In the event of your sensitive data being breached we will notify you of this without undue delay.
How do we keep your information up-to date?
- We would appreciate it if you would let us know if your contact details change
- We may contact you if we need to ensure we have your correct details on file.
How do you find out what we know about you and how do we make changes?
You have a right to ask us to stop processing your personal data
- You have a right to ask us for a copy of the information we hold about you.
- If you want to access your information held by us, you must should send a
description of the information you want to see and proof of your identity by post.
We will provide this information within one month from receiving your request. We do not accept these requests by email so that we can ensure that we only provide personal data to the right person. We may charge you £10 to cover any
administration costs involved
- If you have any questions please send these to email@example.com or call us on 01539 723766.
Asking us to delete your data
You have a right to instruct us to stop processing your data and delete any information we have on you from our database. We would do this within one month of your request. Please contact firstname.lastname@example.org or call us on 01539 723766.
When we make changes to this policy
- We may change this policy from time to time. If we make any significant changes in the way we treat your personal information, we will make this clear on our website or by contacting you directly
- If you have any questions, comments or suggestions please let us know by
contacting email@example.com or call us on 01539 723766.
This policy was last updated on the 23rd April 2018.