Introduction

At St. Vincent’s Family Project we take your privacy seriously, for further details on how your data is used and stored we have put together a privacy policy, which lets you know exactly we handle your personal data. The General Data Protection regulations are necessary to protect your data and therefore, this policy shows how we collect, use, store and process your information. It also means that you can give us your genuine trust and engagement because we have specific, technical security procedures in place for your private information, which is governed by the Information Commissioner’s Office (ICO).

How your personal information is collected

We collect and store the following information physically and electronically. Our electronic data is stored on our server. We may use this information for our own purposes,

Information that you provide to us when completing your registration to the marketing/newsletter/fundraising profile/referrals. This includes personal details such as your title, name and date of birth, and also includes contact details such as postal address, post code, email, mobile and telephone numbers;

Information about your computer such as your IP address, geographical location/browser type/ operating system/ length of visit/ page views and website navigation paths;

Information relating to fundraising purchases/donations that you enter through our website and financial information such as your donation history and your bank details and whether you are a tax payer;

Employee and volunteer data such as qualifications, languages and experience written in forms;

Photographs, videos and other media provided by you or taken by our staff;

Any other personal information that you send to us through the website;

Data we have access to

The personal information that we use is your IP address, geographical location, operating system, page views and navigation paths and browser type. We may also use your name, address, email, DOB, social media profile, photos that you post for administrative purposes. During transactions such as making donations or fundraising efforts, we will use your card and transaction details for the sole purpose of processing these transactions.

How your personal information is used

Keeps you informed of our events, activities, resources and conferences;

Promotes our aims to target the most vulnerable in our area and our objectives;

Process forms whether this is for a job/referral/donation;

To fundraise and process donations and related statutory rights and obligations;

Process entries for competitions that we hold;

To improve our facilities and services by analyzing results from anonymised user’s data;

To improve our market research, website and social media using individual’s data patterns;

To assist with administrative purposes, for instance accounting, credit/debit card payments and maintenance.

Who has access to this information

Staff and volunteers have access to computers which have information, however, only certain members of staff can access certain drives, dependent on the level of security and information that each electronic drive contains. A select number of staff and volunteers have access to the development and maintenance of the website under a duty of confidentiality and limits to access.

How long do we retain you information?

We will only keep your personal information for as long as it is required and in accordance with the Law and other legal requirements.

If you have indicated that you will no longer wish to hear from us we will keep the minimum information necessary to ensure that no further contact is made.

However, even after you modify your communication preferences, we may retain copies of information about you for a period of time that is consented with applicable law, applicable statute of limitations or as we believe is reasonably necessary to comply with applicable law, regulation or legal process.

Third party service providers

Your data may also be available to our website provider to enable us and them to carry out analysis and research on demographics, interests and behaviour of our users and supporters to help us gain a better understanding of them to enable us to improve our services.  This may include connecting data we receive from you on the website to data available from other sources.  Your personally identifiable data will only be used where it is necessary for the analysis required, and where your interests for privacy are deemed to outweigh their legitimate interests in developing new services for us.  In the case of this activity the follow will apply:

  1. a) Your data will be made available to our website provider
  2. b) The data that may be available to them include any of the data we collect as described in our section 'how your personal information is collected' above.
  3. c) Our website provider will not transfer your data to any other third party, or transfer your data outside of the EEA.
  4. d) They will store your data for a maximum of 7 years.
  5. e) This processing does not affect your rights stated in this privacy policy.

Our website includes hyperlinks to these and other third party websites. We do not have any responsibility for the cookie and privacy policies, and practices of third parties. Please read their policies to understand how your information will be used by that organization. Your personal information will never be sold, nor given away. To understand how Facebook, Twitter and Google use analytics please click the following links:

http://www.google.com/policies/privacy/

https://www.facebook.com/full_data_use_policy

https://twitter.com/en/privacy

Financial transactions will also be handled by our payment service providers Stripe and GoCardless. The transaction information that is shared is necessary for the processing of payments and dealing with complaints and refunds. For more information about how both of these providers use this data, please view:

https://stripe.com/gb/privacy)

https://gocardless.com/legal/privacy/)

How you can access and update your information

As stated on the GDPR regulations, it is necessary that all the information that we hold is accurate.

Please email us at [email protected] to let us know if any information that we hold about you needs to be updated or corrected.

You have the right to ask for a copy of the information that St. Vincent’s Family Project holds. You will have to disclose appropriate evidence of your identity following this request.

St. Vincent’s Family Project reserve the right to withhold personal information to the extent permitted by law.

Personal data of children

Our website is targeted at people who are over the age of 18. If we reason to believe that we hold personal data of a person under that age on our website, we will delete that personal data.

Rights that are in place to secure yourself from the misuse, alteration or loss of your information

You have the right to have your information treated securely by St. Vincent’s Family Project. We make sure that all sensitive information is protected using encryption software with the software used on the SSL. You can verify that this is correct if you see the lock logo in our website’s address bar. All financial transactions that are made over the website is protected by encryption technology. We have an anti-virus software called Microsoft Defender that is update regularly as part of the automatic Windows update.

With these secure systems in place it is unlikely that your information will be misused, altered or lost. However, it is your responsibility for keeping your password confidential. If you are worried that your personal information has been misused, unlawfully destroyed, altered or lost please contact [email protected] or call us on: 020 7654 5353. We will deal with this as efficiently as possible within 30 days We have a dedicated member of staff who can escalate this incident effectively to the Information Commissioner’s Office (ICO).

Website and Social Media links

Our website www.svfp.org.uk is currently under construction and will be published at the end of June 2018. The website is GDPR compliant and may include information that is linked to our social media pages and other partner charities pages that we follow. We do not endorse other websites so cannot hold accountability for your choice to view them and therefore, access websites with cookies. We never ask for any personal details over social media.

Cookie Policy

Our website uses cookies to distinguish individual users on the website. For instance, on social media websites such as Facebook and Twitter also store cookies to recognize the user visiting their site.

Cookies allow websites to recognize the user who has previously visited the site. Information is stored about this user so that when they access the site again you do not have to fill this information again.

What type of cookies does St. Vincent’s Family Project website use?

Cookies:

 

Use:

 

Expiration:

 

_utma / __utmb / __utmc / __utmv/ __utmz /__utmt

 

St. Vincent’s Family Project uses Google Analytics that provides information on our website of our online performance. Stores the amount of visits of a user, the time of their first visit, the previous visit, and the current visit. It also stores where a user came from (e.g. search engine, search keyword, link). 

 

(_utma) 2 years from set/update)

(_utmz) 6 months from set/update

 

_ga, _gid

 

Used to distinguish between website users in Google Analytics.

 

2 years and 2 hours

 

_gat_UA-XXXXXXXX-X (where the Xs are replaced by the Google Analytics ID number)

 

Used to moderate calls to the Google Analytics service.

 

1 minute

cc_cookie_accept

 

Our website stores whether the user has accepted the cookie message or not.

 

365 days

.ASPXROLES

 

St. Vincent’s Family Project uses this cookie to tell the website what the user type a person is who is visiting the site. For instance, it can tell the difference between our digital media officer and a member of the public.

 

End of session

 

ASP.NET_SessionId

 

Used to ensure that the user logged into the website stays logged in.

 

End of session

 

ARRAffinity

 

Tells our infrastructure which server to handle the request.

 

End of session

MemberLoggedIn

 

A binary flag which stores whether a user is logged in or not for our website.

 

End of session

ai_session and ai_user

 

Tracks users as they navigate the website predominately for infrastructure performance insights.

 

1 day

 

DisplayName

 

Website can keep track of a donors preference to show their name during a Direct Debit.

 

End of session

 

Deleting cookies

It is very easy to delete cookies that are stored on to your computer once you have visited or are visiting our website.

In Internet Explorer, you can manually delete cookie files, for more information visit: http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11)

In Windows 10 Firefox, you can delete cookies by clicking the menu button , choosing History and then Clear Recent History. Click on the arrow next to Details to expand the list of history items. Select Cookies and make sure that other items you want to keep are not selected. For more information visit: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored

In Chrome, you can delete all cookies by accessing the "Customise and control" menu, and clicking "Settings", "Show advanced settings" and "Clear browsing data", and then selecting "Cookies and other site and plug-in data" before clicking "Clear browsing data". For more information visit: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en

International data transfers

The GDPR restricts the transfer of personal data outside the EU to other countries or international organisations. This means that information may be collected or transferred between countries where we operate. Personal information, such as fundraising event information or personal comments once published publically on our website can be viewed globally via the Internet. We cannot prevent the use or misuse of this information by others who have access to the information that is used on the website.

Review of the Policies

This policy was written in May 2018 and was last updated on the 13/06/2018. It will be regularly updated as necessary, please let us know if you are unhappy with any changes to our policy by emailing [email protected] We may notify you of changes to the policies through contacting you.