PRIVACY

Introduction

The Kittiwake Trust is committed to being transparent about how we collect and use your data, and to protecting your rights and privacy.

The purpose of this policy is to give you a clear understanding of how we collect your personal information from you directly and from third parties, how we use it, and how we keep it secure. If you have any questions about the ways in which we collect and use your personal information, please contact us:

By email: kittiwake@kittiwaketrust.org.uk

By post: PO Box 528, Gateshead, NE9 9DQ

By phone: 07 808 704307

Processing of data includes obtaining, disclosing, recording, holding, using, erasing or destroying personal information.

 

Lawful bases for processing an individual’s data

Consent: you have given clear consent for us to process your personal data for a specific purpose.

Contract: the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.

Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations).

Vital interests: the processing is necessary to protect someone’s life.

Public task: the processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.

Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if we are a public authority processing data to perform our official tasks.)

 

How does The Kittiwake Trust protect your data?

We take the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and that it is secured, managed and accessed in accordance with our Data Protection Policy, and our legal responsibilities under privacy and data protection laws. If you would like a copy of our Data Protection Policy, please contact us using the details at the beginning of the policy.

 

Sharing Your Data

Only the data required will be processed and for the strict purpose which is specified; access will be restricted according to need and sensitivity. We will always protect your personal details and will never sell them to, or share them with, other companies for marketing purposes. However, there may be occasions when we need to share your information with a third party; we have made clear where this is the case in the information below.

 

How long does The Kittiwake Trust keep data?

We will not retain personal data for longer than is necessary for the purpose it is required, and we’ll ensure it is securely deleted when no longer needed.  We will review data to reduce the risk of it becoming inaccurate, out of date or irrelevant. Where necessary, we have given further details about data retention policies in the information below.

 

What information does The Kittiwake Trust collect?

We only collect the information that’s necessary to carry out our business or to deliver our charitable objectives, provide the particular service you’ve requested and to keep you informed. The more ways that you engage with us as an organisation, the more data we will require in order to provide the necessary services required. There are occasions where you can choose to not provide us with the information we require, but this may then impact the service we are able to provide.

 

Use of Cookies

Cookies are small text files that are placed on your computer by websites that you visit. We use cookies to collect information about how visitors use our website, such as the number of visitors and the pages they have visited, which we use to compile reports and to help us improve the website. The cookies collect this information in an anonymous form.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.

 

Mailing list

With your consent, we will add you to our mailing lists and contact you to let you know about our volunteer opportunities, events, and the latest news about the charity.

 

We will record your name, contact details and either address or location. This is so we can add you to our mailing list, and understand where our audience is from to help us create accessible, inclusive performances that reach a wide audience. We may also send newsletters targeted by area.

 

We use MailChimp for our email marketing. So, when you subscribe to our newsletter or download one of our reports, the email address, name and location details you submit will be held securely by them and the information also made accessible to us. MailChimp’s servers are based in the United States, so your information may be transferred to, stored, or processed in the US. MailChimp participates in and has certified its compliance with the EU- U.S. Privacy Shield Framework, which certifies that is has adequate safeguards in place. As a respected email marketing provider MailChimp won’t share your information with any unauthorised third parties or contact you directly at any time – you can read their full privacy policy at https://mailchimp.com/legal/privacy/.

 

In addition to the information you supply at sign-up, MailChimp will also capture data about your interactions with our emails and website, such as which links you click within an email and which pages you go on to visit on our website. It does this using a combination of tracking pixels and cookies. You can learn more about those in the Cookies section of this privacy policy. We use this information to help improve our product and provide more personalised messaging.

 

By default we will retain your data in MailChimp for as long as you choose to stay subscribed or such time as we consider your account to be inactive (i.e. you are no longer opening or engaging with our emails). You can update your details or opt-out of our emails at any time using the ‘Unsubscribe’ or ‘Email Preferences’ links found at the bottom of every email we send via MailChimp. If you unsubscribe, MailChimp and The Kittiwake Trust retain the information required (e.g. name, address, email address) for the purposes of a suppression list to ensure that no further marketing messages can be sent unless you actively choose to opt-in again.

 

Social media

We occasionally save anonymised social media comments or feedback. We use this information for evaluation, marketing and fundraising purposes, to help demonstrate the impact and reach of our work. This information may be shared on our website and social media channels, in materials promoting our work, at events, in documents such as annual company reports or project evaluation reports, or in funding applications or funding reports.

 

We also collect and track anonymised data on our social media audiences to better understand the ‘groups’ of people who engage with us online.  We use this to ensure we engage with audiences and groups of people who are new to us. For more information on how to control your privacy settings for these services, go to the following links:

Facebook – Privacy Policy

Instagram – Privacy Policy

Twitter – Privacy Policy

 

Contacting us

If you have contacted us via email, our contact form, social media or phone, your contact details and a record of your message/s may be stored in our contact lists, and/or in our email and social media accounts.

 

Enquiries regarding research, volunteering or advice will be stored while we handle your request. Any answers we provide may be stored, and an anonymised record of your enquiry will be included in our internal and/or board reports, to help us monitor and respond to requests. Your email address may be stored in our company contact lists or database. We will ask for your consent to email you specific training opportunities in future.

 

Fundraising

We are a registered charity and we rely on charitable support. We collect information in order to seek out new supporters and to maintain our current relationships. We are committed to fundraising best practice and abide by the Fundraising Regulator’s key principles and behaviours of a fundraising organisation: to be legal, open, honest and respectful. We undertake to comply with relevant law and regulations, including the Proceeds of Crime Act, Data Protection, Tax and Gift Aid legislation and Charity Commission guidance.

 

Events

If we collaborate or partner with another named organization to deliver an event, your information may need to be shared. Where this is the case, both parties will make it clear what will happen to your data when it is shared and will not disclose your personal information.

 

Volunteering opportunities

We collect personal information such as name, contact details, relevant experience and any access needs, to process applications for volunteering opportunities. Your application will be shared with the administrator managing the applications, and the selection panel if relevant. The administrator and panels’ details will be included in the information webpage and documents for prospective applicants. If you are offered and accept a place, your personal data will be used to facilitate your appointment and to communicate information about the volunteering opportunity.

 

Photos & footage

We ask for explicit and informed consent of individuals, or their parent / guardian if they are under 18 or an at risk adult, to capture and share their image. An example of when we might capture photography and footage would be to document our events for marketing and archival purposes, or as part of a preparation resource for an event. Images may be shared on our website and social media channels or printed marketing materials.

 

Third Parties we work with

We may also obtain your data from third parties, such as organisations with which we enter into a co-production event.  These organisations should not pass on your data to us without your knowledge and only if it is required in the performance of a contract. The third party will require your permission in order to share your data with us for marketing purposes and we will always notify you within 30 days of receipt of your data.  You should check their Privacy Policy when you provide your information to understand fully how they will process and safeguard your data.

 

Your rights

As a data subject, you have a number of rights which you can exercise in relation to the information we hold about you – you can contact us about any of these by phoning, emailing or writing using our contact details set out at the top of this Privacy Policy.

You can:

  • access and obtain a copy of your data on request;
  • require The Kittiwake Trust to change incorrect or incomplete data;
  • require the company to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
  • object to the processing of your data where The Kittiwake Trust is relying on its legitimate interests as the legal ground for processing.

 

You have the right to lodge a complaint with the supervisory authority, The Information Commissioner’s Office – www.ico.org.uk.

 

Are you under 18? If you are under 18, please ensure that you obtain your parent / guardian’s consent beforehand whenever you provide personal information to the website. If you don’t have that consent, you must not provide personal information to us.

 

Subject Access Request

If you would like to request a copy of the information we hold on file about you (either electronically or in physical form) The Kittiwake Trust will, in compliance with the Data Protection Act in relation to subject access requests, respond within one month. Any request will be subject to adequate identity checks before processing. Access requests can be made via email to: kittiwake@kittiwaketrust.org.uk.

 

The Kittiwake Trust will process all legitimate subject access requests free of charge unless requests made are deemed to be manifestly unfounded or excessive. In such cases, a reasonable and proportionate administrative fee will be applied to the request or, in exceptional cases, a request may be refused.

 

This policy was last updated March 2021.

 

This policy may be updated to take into account changes we have made, or to reflect changes to regulation or legislation. Updates to this policy will be posted on this page – please check back from time to time. We may also inform you of any changes where we hold an appropriate email address for you.

 

Further information on data protection regulations and laws can be found here:

Data Protection information by the Information Commissioner’s Office (ICO)

Fundraising Regulator – code of fundraising practice