The Privacy Notice in brief
It’s important that you read the full Privacy Notice to understand what information we hold, how we may use it, and what your rights are – but if you don’t have time to read it all now, here is a short summary:
- We collect information that is either personal data (such as names, addresses, telephone numbers) or non-personal data (such as your Internet Protocol (IP) address, web pages accessed etc.)
- We collect information about our supporters, donors, fundraisers, volunteers and employees.
- We collect information to provide services or goods, to provide information, to fundraise, for administration, research, profiling, analysis, and for the prevention/detection of crime.
- We only collect the information that we need, or that would be useful to us in our aim to provide the best possible service.
- We do our very best to keep personal information secure, wherever we collect personal data online.
- We never sell your data, and we will never share it with another company or charity for marketing purposes.
- We only share data where we are required by law, or with carefully selected trusted suppliers who do work for us. All our suppliers are required by their contract to treat your data as carefully as we would, to only use it as instructed, and to allow us to check that they do this.
These are the basics but don’t forget to come back later and read the full privacy notice (below), so you have all the details you need.
Isabel Hospice Privacy Notice
Isabel Hospice promises to respect the personal information you provide to us. We wouldn’t want to use it in a way that you won’t expect, so our Privacy Notice explains how we protect your privacy and how you can control how we use your personal information.
If you want to change the way in which we use your data or if you have a question about how your personal information is used, please contact us using any of the methods below:
Phone: Monday to Friday 9am to 5pm
Postal address: 61 Bridge Road East, Welwyn Garden City, AL7 1JR
Who we are:
In this privacy notice, whenever you see the words ‘we’, ‘us’ or ‘our’, it refers to
· The charity Isabel Hospice – Registered Charity number 1046826
· The company Isabel Hospice Trading Limited – Company number 02417607
Isabel Hospice Trading Limited sells a range of goods through our shop network and online. Isabel Hospice Trading enters into corporate partnership arrangements; all of its profits are passed to Isabel Hospice Charity.
How we use your personal information
How we use your personal information
We appreciate you have provided us your personal information and will respect the trust that this represents. There will be times when we will need to use and share your personal data. The law says that we must use one of the following reasons to do so:
• Contract – your personal information is processed in order to fulfil a contractual or potential contractual arrangement.
• Consent – where you agree to us using your information e.g. to receive certain digital information from us.
• Legitimate interest – where we use your data in a way that we believe you would expect us to because of our relationship e.g. to monitor and improve our services. In each case where we use your data based on our legitimate interests, we carefully balance your rights and expectations to ensure that processing is fair to you.
• Legal obligation – where there is a statutory or other legal requirement to process and share the information e.g. gift aid returns.
Here is a list of the ways that we may use your personal information, and which of the reasons described above we rely on to do so.
Where we list legitimate interest as a reason, we also describe below what we believe these legitimate interests are:
Our processing about you if you are a supporter:
Handling the administration of your gift or donation when received by cash, cheque, credit/debit card, direct debit, standing order and charity vouchers or our online fundraising partners. Our lawful basis is contractual.
Administer Gift Aid and Gift Aid declaration forms. Our lawful basis is a legal obligation.
Keep you informed of fundraising opportunities, including upcoming campaigns and events. Our lawful basis is a legitimate interest to generate funds to support and facilitate our mission.
Assess your ability for gift giving. Our lawful basis is a legitimate interest to generate funds to support and facilitate our mission.
To keep a record of your relationship with us. Our lawful basis is a legitimate interest to generate funds to support and facilitate our mission, campaigning and provision of appropriate services.
Conduct due diligence and ethical screening. Our lawful basis is a legitimate interest to ensure that individuals who we develop relationships with are of good character and ethics.
Providing you with information and requests on issues that are important to people affected by end of life and palliative care. Our lawful basis is a legitimate interest/consent to improve supporter interactions
What personal information do we hold about you?
We only ask you to supply information that we need in order to provide the service you have requested. We will normally ask you to provide us with:
· Your name
· Your contact details
· But we may request other information where it’s appropriate and relevant, for example:
· Your bank details
· Your reasons for supporting the Isabel Hospice, i.e. if you or a family has been in our care
· Your profession
· How you would like us to contact you
· Age or date of birth, where relevant to your participation in an event or activity
· Accessibility or medical information where relevant to your participation in an event or activity
· Details of any accident or incident you may have been involved in while on our premises or while taking part in one of our events or activities
While we mainly hold and use the information you provide directly to us, we may use other sources of information about you, including data derived from the electoral roll or affluence information, where they are from publicly available sources, or where you have given your permission for your data to be shared.
We do this to help ensure that we only contact you (where you have given us permission) with appropriate communications or requests for support. We take great care in sourcing this information, but if you prefer us not to, then please let us know:
Phone: 01707 382536 – Monday to Friday 9am to 5pm
Postal address: Isabel Hospice, 61 Bridge Road East, Welwyn Garden City, Herts, AL7 1JR
Where we collect your personal information from:
We collect personal information about you in several ways:
· via our website when you support us through making a donation; becoming a volunteer; applying for or taking part in, organising or attending a fundraising event; registering to take part in other types of non-fundraising events that we hold; joining a campaign, or pledging a gift in your will.
· when you contact us by mail, phone, email or live chat.
· when you complete one of our online or paper-based surveys or purchase or order an item from our online shop.
· when you have used a social media platform to contact us – Facebook, Twitter, LinkedIn, Instagram or Google +.
· via our local community groups.
· via an accident and incident form when you have been involved in an accident or incident on one of our premises or when attending one of our events or activities.
We may collect your personal information from other organisations and sources. For example, if you take part in an event run by another organisation with which we partner, such as the London Marathon; when you raise funds via JustGiving, Give As You Live or similar websites; or through social media platforms, e.g. Facebook, Twitter, LinkedIn, Instagram or Google +.
When providing information to us via these channels, you should check these companies’ privacy policies and settings to understand how they use your personal information. We always check that third parties and other organisations have consent from you to pass your information on to us.
Building profiles of supporters and targeting our communications
We use profiling and screening techniques to ensure communications are relevant and timely, to target our resources effectively, and to provide an improved experience for our supporters. These activities allow us to understand the background of people who support us and help us to make appropriate requests to supporters who may be able and willing to give more than they already do. Importantly, it enables us to raise more funds, sooner, and more cost-effectively, than we otherwise would, so that we care for adults with a life-limiting illness across eastern Hertfordshire..
When building a supporter profile, we may analyse geographic, demographic and other information relating to you to better understand your interests and preferences in order to contact you with the most relevant communications. In doing this, we may use additional information from third party sources when it is available.
Such information is compiled using publicly available data about you, for example from Companies House, information published in any type of media including magazines and newspapers, listed directorships or typical earnings in a given area. All this type of profiling is done under our internal processes and procedures that ensure we have the correct permissions to do so.
If you do not want us to carry out this type of profiling, then please let us know by contacting our Supporter Care team on 01707 382536 or via email firstname.lastname@example.org.
How we use your personal information for marketing and fundraising
We only use your personal information for marketing where you have given us permission to do so, or you have provided permission to other organisations to allow us to market to you, for example, via Facebook or JustGiving.
Like all organisations we rely on marketing to help support the work we do and by using the information you provide to us we are able to contact you with specific marketing messages that we feel will be appropriate to you. Depending on the permission you have given us or another organisation this may be by post, email, telephone, SMS or social media.
To assist us in our marketing, in addition to the data that you provide to us, we may also obtain data from trusted third parties to help us understand what you might be interested in. This ‘profiling’ information is produced from a variety of sources, including publicly available data (such as the electoral roll) or from sources such as surveys and polls where you have given your permission for your data to be shared.
We understand that our supporter’s circumstances change and you can easily withdraw the permissions you have given us, at any time either by using our contact details in this policy or by using the methods we tell you about in our communications e.g. using the ‘unsubscribe’ link on our emails.
Who we share your data with
We do not share or sell your data to any other charity or company for marketing purposes.
However, there are some situations where we use trusted suppliers to help us with administration of the services you have asked us to supply to you for example:
· mailing houses to despatch our newsletters, appeals and raffles or invitations for our events and fundraising materials
· agencies who handle your donations on our behalf or administer your online conference and event bookings
· companies who deliver bespoke events for us (e.g. our bespoke overseas challenges) or who organise events in which we purchase charity places (e.g. the London Marathon)
· companies who help us campaign on your behalf, for example to lobby your local MP
· website hosting companies which we use to administer our website content
· a database company who support us in keeping all our records in order
· as and when required we will share accident and incident information with the Health and Safety Executive, our insurers and our solicitors.
We also use trusted suppliers to help us with marketing:
· email service providers to send our emails and manage your marketing permissions
· mailing houses to send out marketing by post
· telemarketing agencies to contact you by phone or SMS
· an organisation which helps us keep your information accurate and up to date.
Some of our suppliers may operate outside the European Economic Area (EEA). This requires us to ensure they provide an adequate level of protection in accordance with UK data protection law, for example the EU-US Privacy Shield Framework. By submitting your personal information to us you agree to this transfer, storing or processing at locations outside the EEA.
Under some circumstances we may be required to disclose or share your information without your consent, for example if we are required by the police, the courts or for other legal reasons.
How we keep your personal information up to date
Isabel Hospice has a legal obligation under data protection legislation to keep the personal information it collects accurate and up to date. Among other things, it helps us ensure that we do not contact you with inappropriate information and marketing messages and also prevents us from wasting valuable funds on print and postage. We keep your information accurate as follows:
· By giving you the opportunity at any time to contact us to correct or change your information.
· By screening your name and postal address information against Royal Mail’s National Change of Address File: where you have given your permission to Royal Mail, we can either update our records with your new address or note you have moved so we don’t send anything to your old address.
· By using information publicly available to us.
· If you contact our us may ask you to confirm certain details.
· When we receive undelivered mail or email.
How we keep your personal information safe
We take our obligations to keep your personal data safe and secure very seriously.
Within Isabel Hospice, access to your personal information is strictly controlled on a ‘need to know’ basis. Staff members and our nominated volunteers are only allowed access to your personal data if they have been sufficiently trained in data handling. We have specific technical controls in place to restrict access and these are monitored regularly. Our website is also monitored and protected to prevent it from unauthorised access.
All personal data sent to our trusted suppliers is encrypted. In all cases we require these companies to comply strictly with our instructions and they are not allowed to use your information for their own business purposes. We also require these companies to have sufficient organisational and technical measures in place to ensure the security of your data.
How long we keep your personal information
We keep your personal information in line with our data retention policy.
· In certain circumstances we have a statutory obligation to keep your personal information for a set period of time (normally six-seven years) and this mainly concerns financial information regarding your donations or Gift Aid contributions.
· How you can find out about the information we hold about you
· You have the right to request a copy of the information that we hold about you.
If you would like a copy of some or all of your personal information, please email or write to us using the contact details in this policy – we do not apply a charge for providing you with this information.
If we do hold information about you we will:
· give you a description of it.
· tell you why we are holding it.
· tell you who it could be shared with.
· let you have a concise and clear copy of the information.
· We want to make sure that your personal information is accurate and up to date and we will be happy to correct or remove information you think is inaccurate.
Your individual rights
Under data protection regulations, you have rights over how your personal information is used by others.
Right to access: You have the right to access the personal information we hold about you. If you wish to see it, you can submit a request to our Data Protection Lead who will respond within one month. Depending on the nature of your request, we may need to seek further clarification from you or gain confirmation of your identity before the information can be provided.
Right to rectification: If the information we hold about you contains errors, you have the right for it to be corrected. We have measures in place to keep our information updated, but if you notice anything wrong with the information we are using, please let us know and we will update it as soon as we can.
Right to erasure: You have the right to request we erase the information we hold about you from our records if you think it is no longer required. Where possible, we will always comply with a request for erasure, however in many cases it will not be possible to erase all information about you, because there may be legal or contractual reasons why we need to keep certain details. If any of your details cannot be erased, we will tell you and explain the reasons.
Right to restriction: If you think your personal information is being used for things it shouldn’t be, you have the right to request we stop using it that way. As with erasure, there may be legal or contractual obligations why we need to continue using information in particular ways.
Right to portability: There may be times when you want a particular portion of the information we hold about you to be moved or made portable. You have a right to receive information you have provided to us in a structured, commonly used and machine-readable format. This right only applies when the information has been collected and used on the basis of consent or a contract.
Right to objection: You have the right to object to us collecting and using your information when it is being done on the basis of legitimate interests, or for direct marketing, or research. We will inform you at the point we start collecting your information if this right applies. Any objections will be considered and complied with, unless there is a lawful exemption.
We will endeavour to inform you about your rights and uphold them at all times. If you believe we have infringed your rights, we encourage you to contact our Data Protection Lead who will work with you to resolve the matter in a way that satisfies both you and the law. If for any reason you are unable to resolve the matter with us, you can escalate your concerns to the Information Commissioner’s Office, who is the UK’s independent authority responsible for upholding information rights in the public interest.
What to do if you have a query
If you have a query regarding your data, please contact our Data Protection Officer by:
writing to: Data Protection Officer, Isabel Hospice, 61 Bridge Road East, Welwyn Garden City, AL7 1JR.
or sending an email to email@example.com.
If you are not satisfied with the way your query was handled, you can refer your complaint to UK Information Commissioner’s Office at https://ico.org.uk/concerns/.
Links to other websites
We link our website directly to other sites, including sites that provide information, services, resources and fundraising opportunities that are not directly associated with us. This privacy notice does not cover the links within our site linking to other websites and organisations. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
This Privacy Notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of the Isabel Hospice’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed using the contact details in this policy.
We keep our privacy notice under regular review. This privacy notice was last updated on: 20th August 2018 to 20th July 2021