Privacy Notice For Supporters - Held In Our Hearts

Privacy Notice FOR Supporters Data controller: Held In Our Hearts

Introduction

Held In Our Hearts is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. Held In Our Hearts “The Charity” collects, stores and processes personal data relating to our supporters in order to manage our relationship with them. This privacy notice sets down how the Charity collects and uses personal information about you during and after your supporter relationship with us. This privacy notice applies to current and former supporters. The Charity is committed to protecting the privacy and security of your personal information. The Charity is committed to being clear and transparent about how it collects and uses that data and to meeting its data protection obligations.

Data Protection Principles The Charity will comply with data protection law. This means that the personal information we hold about you must be:

Used lawfully, fairly and in a transparent way;
Collected only for valid purposes that we have explained to you clearly and not used in any way that is incompatible with these purposes;
Relevant to the purposes we have told you about and limited to those purposes only;
Accurate and kept up to date;
Kept only for such time as is necessary for the purposes we have told you about; and
Kept securely.

What Information Does The Charity Collect And Process?

The Charity collects and processes a range of personal information (personal data) about you. Personal data means any information about an individual from which the person can be identified. This includes:

Personal contact details, such as your name, title, address and contact details, including email address and telephone number;
Date of birth;
Bank or credit/debit card details for donations and Gift Aid processing
Your relationship to other individuals or organisations
Connections to our charity and your motivations for fundraising with us.

The Charity collects this information in a variety of ways. For example, data is collected through sites like JustGiving. Data is stored in a range of different places, including the charity’s CRM system, Donorfy and is secured and password protected (including the Charity’s email system). Any paper records are always stored in a locked cupboard.

Why Does The Charity Process Personal Data?

The Charity needs to process data to maintain an accurate audit trail and comply with HMRC legal obligations on Gift Aid. In other cases, the Charity has a legitimate interest in processing personal data during and after the end of the supporter relationship. Processing your data allows us to maintain accurate and up-to-date records and contact details.

Situations In Which We Will Use Your Personal Information

Situations in which we will process your personal information are detailed below: In order to:

process any donations you have given
contact you about an event or challenge you are taking part in and send any necessary materials
send thank you correspondence after you have finished your fundraising or to thank you for your donation/s
send you our e-newletter if you have given consent for us to contact you this way
process any Gift Aid claims related to your giving

Change of Purpose

The Charity will only use your personal information for the purpose for which it was collected unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will advise you of this and explain the legal basis which allows us to do so. You should be aware that we may process your personal information without your knowledge or consent where this is required or permitted by law.

For How Long Do You Keep Data?

The Charity will only hold your personal data for as long as is necessary to fulfil the purposes we collected it for, including any legal, accounting or reporting requirements. The Charity will hold your personal data for a maximum of seven years after your last donation unless there is a legal requirement for us to retain it longer.

Who Has Access to Data?

Your information will be shared internally, including with other members of the team, as required for them to do their job roles. The Charity shares your data with third parties where required by law, where it is necessary if we have another legitimate interest in doing so. The Charity will not transfer your data to countries outside the European Economic Area.

How Does The Charity Protect Data?

The Charity takes the security of your data seriously. The Charity has internal policies and controls in place to prevent your data being lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties. Details of these measures [are available on request] OR you can read more here: https://heldinourhearts.org.uk/privacy-policy/

Your Duty to Inform Us of Changes

It is important that the personal information we hold about you is accurate and current. Please be sure to keep us informed if your personal information changes during your time working with us.

Your Rights

As a data subject, you have a number of rights. You can:

access and obtain a copy of your data on request (known as a “data subject access request”);
require the Charity to change incorrect or incomplete data;
request erasure of your personal information. This enables you to ask the Charity to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
object to the processing of your data where the Charity is relying on its legitimate interests as the legal ground for processing; and
ask the Charity to suspend the processing of your personal data for a period of time if data is inaccurate or there is a dispute about its accuracy or the reason for processing it.

[If you would like to exercise any of these rights, or you have any questions about the privacy notice, please email info@heldinourhearts.org.uk or call the office on 0131 622 6263] If you believe that the Charity has not complied with your data protection rights, you have the right to make a complaint to the Information Commissioner’s Office. Updated: February 2024

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_ME4X56TRNP	2 years	This cookie is installed by Google Analytics.
_gat_gtag_UA_177775775_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
vuid	2 years	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
m	2 years	No description available.
woocommerce_recently_viewed	session	Description unavailable.

Login