Version 2 – January 2019
Reach Out North Herts and Stevenage Privacy Notice
This policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and organisation (Reach Out NH&S). Furthermore, the way Reach Out NH&S processes, stores and protects user data and information will also be detailed within this policy.
Whilst using our website, software applications or services, you may be asked to provide personal information (name, address, email, account details, etc.). We will use this information to administer our website, applications, client databases and marketing material. We will ensure that all personal information supplied is held securely in accordance with the EU’s General Data Protection Regulation (GDPR) 2018 and the UK’s DPA 2018. Further, by providing telephone and email details, you consent to us contacting you using that method.
You have the right at any time to request a copy of the personal information we hold on you. Should you wish to receive a copy of this, or would like to be removed from our database, please contact us at email@example.com or see more information on Subject Access Requests (SAR’s) at https://www.nhcvs.org.uk/about-us/feedback-and-information-requests
Information collection and use
What information we collect
Reach Out NH&S collects the following information:
- Contact details including phone number and email address
- Training information
- Contact Number
- Email Address
- Personal Circumstances to include anything that might be relevant to a volunteer that would be supporting them
- Other agencies involved
How do we collect it?
There are several ways in which we collect information:
- Through correspondence over the phone and via email
- When you sign up as a volunteer for the project through a third-party website
- Via partner agencies if you are a potential client that we would be placing a volunteer for
Why do we collect this information?
Reach Out NH&S collects information for four reasons:
There are circumstances in which you may provide us with personal data to fulfil a legal obligation or contract, for example nondescript demographic information for the purposes of project monitoring, in which we would have to collect and verify the information, before submitting anonymised information to the project funders.
If the law requires us to, we may need to collect and process your data, examples of this would be attendance at events for insurance purposes.
We may also pass on details of people involved in fraud or other criminal activity affecting our organisation to law enforcement.
In specific situations, we can collect and process your data with your consent. For example, when you sign up on one of our or a project partners website to volunteer for our project; or if you have consented for a partner organisation to pass us your details in order to receive support from one of our volunteers.
When collecting your personal data, we’ll always make clear to your which data is necessary in connection with a service.
Sometimes, our use of your personal information is not strictly necessary for us to be able to provide you with our products and services, or for them to work properly. In those circumstances, we have what’s called a “legitimate interest” in handling your personal information; our “legitimate interest” may be to:
- detect and prevent fraud;
- keep our websites, apps, products and IT systems secure;
- ensure that our own processes, procedures and systems are as efficient as possible;
- analyse and enhance the information that we collect;
- determine the effectiveness of our promotional campaigns and advertising; and
- customise and improve the way that you shop and engage with us in future.
How long do we keep your data for?
Reach Out NH&S will not retain your personal information longer than necessary. We will hold onto the information you provide either while your account is in existence, or as needed to be able to provide the services to you, or (in the case of any contact you may have with one of our staff members) for as long as is necessary to provide support related to your enquiry or requested service.
If legally required or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also retain some of your information for a limited period as required, even after you have closed your account, or it is no longer needed to provide the services to you.
How do we store information?
All sensitive personal information is stored in restricted access (encrypted) Office 365 document libraries, and any information held in paper copy is kept in locked cabinets with restricted access on site.
Information collected on our behalf by third party websites (i.e. Do-it.org; Eventbrite; Mailchimp etc.) remains stored securely on those websites and is not transferred unless specific permission from the user is gained.
Choosing how we use your data
Reach Out North Herts and Stevenage will not sell or rent your personally identifiable information, gathered because of filling out the volunteer registration form, to anyone.
Personal Data will ONLY be provided to a partner organisation with your express, specific permission, for legal or contractual purposes only (i.e. Personal Data put in a DBS application, when the application is sent to the Disclosure and Barring Service for processing).
We understand that you trust us with your personal information and we are committed to ensuring you can manage the privacy and security of your personal information yourself.
With respect to the information relating to you that ends up in our possession, and recognising that it is your choice to provide us with your personally identifiable information, we commit to giving you the ability to do all the following:
- You can verify the details you have submitted to Reach Out NH&S by contacting Thomas Burton on firstname.lastname@example.org , our security procedures mean that we may request proof of identity before we reveal information, including your e-mail address and possibly your address.
- You can also contact us by the same method to change, correct, or delete your personal information controlled by Reach Out North Herts and Stevenage regarding your profile at any time. Please note though that, if you have shared any information with others through social media channels, that information may remain visible, even if your account is deleted.
- You can always feel free to update us on your details at any point by contacting us at email@example.com , with the updated piece of information and what it is replacing (E.g. Hi, my name is XXXXX, I’m registered on your E-bulletin, my new email is XXXXXX@XXX.co.uk, it was previously YYYYY@YYY.com , can you please update my details.)
Please note, we are constantly reviewing how we process and protect data. Therefore, changes to our policy may occur at any time. We will endeavour to publicise any changes.
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all UK national laws and requirements for user privacy.
Depending on your settings or the privacy policies for other online services such as web browsers, you may give us permission to obtain information from your account with those other services. For example, this can be via social media or by choosing to send us your location data when accessing our website from your smartphone, these services have their own policies explaining how they use and share your personal data, you should carefully review those privacy policies before you use these sites to make sure that you are happy with how your personal information is being collected and shared.
We provide links to other websites which are not operated and controlled by Reach Out NH&S. We have no control over and are not responsible for the content of those sites or how the third parties responsible for them collect and use your personal information. We do not endorse or make any representations about third party websites.
Third party websites usually have their own privacy policies explaining how they use and share your personal information. You should carefully review those privacy policies before you use these websites to make sure that you are happy with how your personal information is being collected and shared.
What are cookies?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
We use anonymous session cookies (short-term cookies that disappear when you close your browser) to help you navigate the website and make the most of the features.
Should users wish to deny the use and saving of cookies from this website onto their computer’s hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.