Last updated: 23 May 2018
If you have any requests concerning your personal information or any queries with regard to our processing, please contact us at firstname.lastname@example.org. You may also contact us by writing to The Data Protection Officer, The Royal Star & Garter Homes, 15 Castle Mews, Hampton TW12 2NP.
- Information about us
- Collection of information about you
- Children’s data
- Other people’s data
- What we do with your information
- Legal basis for processing your information
- Sharing of your information
- Building profiles of our supporters
- International transfers
- Retention of personal information
- Your rights
- Direct marketing
- Security of personal information
Information about us
We are a member of the Fundraising Regulator, which is the independent regulator of charitable fundraising. As part of our membership, we are signed up to the Code of Fundraising Practice which is a commitment made to the public which is based on the key principles of being Legal, Open, Honest and Respectful.
To find out more about the Fundraising Regulator please click here.
If you are unhappy with anything we’ve done while fundraising, you can contact the Director of Supporter Engagement at The Royal Star & Garter Homes to make a complaint. We have a complaints procedure, a copy of which is available on our website. If we cannot resolve your complaint, we accept the authority of the Fundraising Regulator to make a final adjudication.
Collection of information about you
We may collect and process the following data about you:
- Information you give us. You may give us information about you by applying to live in our Homes, submitting an application to work, volunteering for us or by corresponding with us by phone, e-mail or otherwise. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information and personal description. You may also give us information through our social media pages or by entering a competition.
- Technical information when you visit our website, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, geographical location, browser plug-in types and versions, operating system and platform.
It is our policy not to request donations or accept product orders from children under 18. If we are contacted by anyone under 18, before we collect data from them we will always ask them to:
- obtain the permission of a parent or guardian before contacting us, and
- let an adult know before they use our sites to obtain information about fundraising or supporting our work.
Other people’s data
Some of the services we offer allow you to provide the personal data of other people (e.g. providing a friend’s name for event tickets you have purchased or tagging people on photos on social media). Before providing anyone else’s data please ensure they are happy for you to do so and under no circumstances must you make public another person’s home address, email address or phone number without their permission.
What we don't do with your information
For donors and supporters, we will use the information you provide to:
- request donations from you;
- fulfil your requests – such as provision of information, competition entries, participation in campaigns and donations;
- process sales transactions, donations, or other payments and verify financial transactions;
- handle orders, deliver products and communicate with you about orders;
- provide a personalised service to you – this could include customising the content and/or layout of our communications for individual users;
- record any contact we have with you;
- to carry out our obligations arising from any contracts entered into between you and us;
- prevent or detect fraud or abuses of our website and enable third parties to carry out technical, logistical or other functions on our behalf;
- communicate with our donors and supporters; and
- if you have agreed to it, provide you with information that we think may be of interest to you, carry out research and analyse the demographics, interests and behaviour of our donors and supporters (including the value of donations) to help us gain a better understanding of them and to enable us to improve our services. This research and analysis may be carried out internally by our employees or we may ask another company to do this work for us.
We will also use your information to process and acknowledge any application that you make to work or volunteer for us or apply to live in one of our Homes.
Legal basis for processing your information
We rely on one or more of the following processing conditions in order to process your personal information:
- our legitimate interests in the effective delivery of information and services to you (provided these do not interfere with your rights);
- to satisfy any legal and regulatory obligations to which we are subject;
- to perform our obligations under any contracts that we have agreed with you; or
- where no other condition for processing is available, if you have agreed to us processing your personal information for the relevant purpose.
Sharing of your information
Your personal information may be transferred to third party service providers who process information on our behalf. These partners may include mailing houses, marketing agencies, telemarketing companies, IT specialists and specialist research firms. The kind of work we may ask them to do includes processing, packaging, mailing and delivering purchases, answering questions about products or services, sending postal mail, emails and text messages, making phone calls on our behalf, carrying out research, or analysis and processing card payments. We only choose partners we can trust. We will only pass personal data to them if they have signed a contract that requires them to:
- abide by the requirements of the GDPR;
- treat your information as carefully as we would;
- use the information for the purposes for which it was supplied and no other purpose; and
- allow us to carry out checks to ensure they are doing all these things.
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.
We never sell or share your information to other organisations to use for their own purposes other than as explained above.
Building profiles of our supporters
The Royal Star & Garter Homes was founded with the help of philanthropy, and philanthropy continues to make an enormous impact on our work. Developing a better understanding of our supporters through their personal data allows us to fundraise more efficiently and make better decisions.
We may use profiling and screening techniques, including some automated techniques, such as postcode segmentation, to ensure our communications are relevant and timely, and to provide an improved experience for our supporters. Profiling also allows us to better understand the background of the people who support us and helps us to make more appropriate requests to supporters.
In order to better understand your interests and preferences and contact you with the most relevant communications, we may analyse the history of your support to us, as well as geographic, demographic and other information relating to you. We may use additional information from third party sources, such information is compiled using only publicly available data.
Transfers outside the EEA will be only:
- to a recipient located in a country which provides an adequate level of protection for your personal information; and/or
- under an agreement or mechanism which satisfies EU requirements for the transfer of personal data to data processors or data controllers outside the EEA, such as standard contractual clauses approved by the European Commission or the EU-US Privacy Shield Framework in relation to transfers of personal data from the EEA to the USA.
Retention of personal information
We will retain your personal information only for as long it is required for the purposes for which it was collected, or as required to do so by law. When we no longer need information, we will dispose of it securely, using specialist companies if necessary to do this work for us.
You have certain rights in relation to the personal information we hold about you. In particular, you have a right to:
- request a copy of personal information we hold about you (commonly referred to as a subject access request);
- ask that we update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete;
- ask that we delete personal information that we hold about you, or restrict the way in which we use such personal information;
- object to our processing of your personal information;
- withdraw your consent to our processing of your personal information (to the extent such processing is based on consent and consent is the only permissible basis for processing); and/or
- request portability of your personal information.
If you would like to exercise these rights, please contact the Data Protection Officer in writing at The Royal Star & Garter Homes, 15 Castle Mews, Hampton TW12 2NP or by emailing email@example.com.
We may charge for a request to access your information, if permitted by applicable law. For example, we may charge a reasonable fee based on administrative costs for providing further copies of your information.
We are not a ‘public authority’ as defined under the Freedom of Information Act 2000. We will not use our funds to respond to requests for information made under this Act.
For more information about your rights under the GDPR, please visit the website of the Information Commissioner’s Office at https://ico.org.uk/.
We conduct marketing via post, email, telephone and SMS.
Where we are legally required to obtain your explicit consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.
We may also send marketing information to you by post if we believe we have a legitimate interest to do so.
Marketing information that you may receive from us includes information about the goods and services we offer, fundraising appeals, competitions, events, employment, volunteering and information about our work.
Whenever we send you direct marketing/fundraising appeals we will always provide you with a clear method to unsubscribe from receiving further information from us. Every email/SMS message we send will include a link to unsubscribe. If you want to unsubscribe from mailing lists or any marketing, you should look for and follow the instructions we have provided in the relevant communications to you.
If you do not wish to receive emails or marketing communications from us, you can at any time contact us to request that such communications cease. If you choose to unsubscribe from any or all mailings, we may retain information sufficient to identify you so that we can honour your request.
If you want to unsubscribe or change the way we communicate with you, you can do so by:
Security of personal information
We have implemented generally accepted standards of technology and operational security in order to protect personal information from loss, misuse, alteration or destruction. Only authorised persons are provided access to personal information collected via the website; such individuals have agreed to maintain the confidentiality of this information. We use secure server software (SSL) to encrypt financial and personal information you input via our website before it is sent to us.
Although we use appropriate security measures once we have received your personal data, the transmission of data over the Internet (including by e-mail) is never completely secure. We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to or by us.
Where you or we have provided a password enabling you to access parts of our websites or use our services, it is your responsibility to keep this password confidential. Please don’t share your password with anyone.
Post: The Data Protection Officer, The Royal Star & Garter Homes, 15 Castle Mews, Hampton – TW12 2NP.
You may also have the right to lodge a complaint with the UK’s data protection regulator, the Information Commissioner’s Office. For further information on your rights and how to complain to the ICO please refer to the ICO website: https://ico.org.uk/.