HUMAN AID INITIATIVE promises to take great care with your personal data, and we commit to protecting any personal information we obtain about you. We aim to be clear when we collect your data and not do anything you would not reasonably expect.
Select to read more
The following policy is written in accordance with the GDPR and Data Protection Act 1998. If you have questions regarding this policy, please email our Data Protection Officer at firstname.lastname@example.org
We only collect personal data relevant to the type of interaction you have with us. The information we collect is relevant to the type of transaction you are entering into. The personal information we collect might include; name, address, email address, telephone numbers, bank account details (for setting up regular direct debit or payment information) and whether or not you are a tax payer so that we can claim Gift Aid.
Please note the personal details gathered by us may not be limited to the above-mentioned categories depending on the services you sign up for.
Under GDPR and the Data Protection Act 1998 some elements of personal data are considered as being more sensitive. We do NOT collect “sensitive personal data” about our supporters (e.g. health status) unless there is a clear reason for doing so – such as participation in a marathon or similar fundraising event where we need this to ensure that we provide appropriate facilities or support to enable you to participate in the event. In such cases, clear notices will be provided on application forms to make clear what information we need and why we need it.
All sensitive personal data is stored on a secure database, to which only a limited number of relevant staff have access. It is deleted when no longer relevant, is never shared with third parties and is available to you at any point should you wish to see it.
We collect this information in order to process your requests and keep you updated with our work. Examples Include:
- Dealing with your enquiries requests and complaints
- Processing your donations
- Provide you with the services, products or information you have requested such as child
- Process Gift Aid donations
- Confirm receipt of donations (unless you have asked us not to do this)
- Processing your donations
- Providing you with information about our work activities events and services
- Complying with our legal obligations policies and procedures
- Providing and personalising our services
- Administering membership records
Certain third party organisations collect data on our behalf as well as for their own use. Third party organisations we currently receive data from, but not limited to, are Muslimgiving, PayPal Giving Fund and Charities Trust. These organisations will have their own data protection and privacy policies, which you should be aware of before signing up.
We do not store credit card details nor do we share financial details with any third parties.
We will not disclose any of your personally identifiable information, except when we have your permission or under special circumstances, such as when we believe in good faith that the law requires it. If you opt to share your personal information on the Gift Aid claim form, we will provide your data to HMRC (HM Revenue and Customs) for auditing purposes.
We enter into contracts with all our data processors and regularly monitor their activities to ensure they are complying with our policies and procedures. We do not allow these organisations to use your data for their own purposes or disclose it to other third parties without our consent and we will take all reasonable care to ensure that they keep your data secure.
We will NOT sell your personal information to other organisations for use by them in any way, including in their own direct marketing activities. We may disclose your personal information in the following circumstances:
We may need to share your information with service providers who help us to deliver our projects, fundraising activities and appeals (subject to your communication preferences and our internal policies and procedures). We require these third parties to comply strictly with our instructions and data protection laws and we will make sure that appropriate controls are in place.
- We may use other companies to provide services and process your personal data on our behalf, including delivering postal mail, sending emails, processing credit card payments and analysing supporter trends to help us offer you communications that are most appropriate to you and your interests. We will only provide those companies with the information they need to deliver the specific service and we ensure that your data is treated with the same level of care as if we were handling it directly.
- When you are using our secure online donation pages, you are going through to a secure payment provider approved by the banking industry, that is, PayPal.
- Where we are under a duty to disclose your personal information in order to comply with law; or the disclosure is ‘necessary’ for purposes of national security taxation and
criminal investigation; or we have your written consent.
- Where we need to perform due diligence checks to ensure individuals are not utilising our services for criminal purposes such as money laundering or for fraud.
We are obliged to ensure your data is as accurate and up-to-date as possible. We therefore consult alternative sources in order to ensure data quality e.g. Royal Mail address files, data cleansing services, websites and other publicly available sources.
We will hold your personal information on our systems for as long as is necessary for the relevant activity. If you request that we stop sending you marketing materials, we will keep a record of your contact details and the appropriate information that will enable us to comply with your request.
Legacy income is vital to the running of the charity. We may keep the data you provide to us indefinitely to carry out legacy administration and communicate effectively with the families of
people leaving us legacies. This also enables us to identify and analyse the source of legacy income we receive.
We are legally required to hold some personal information to fulfil statutory obligations, for example the collection of Gift Aid or to support certain financial transactions.
We will only use the information you give in your job/volunteer application for the legitimate interest of processing your application and to monitor recruitment statistics. If there are instances in which we need to disclose your details to persons outside our organisation (for example, when conducting background checks such as references, professional qualifications or obtaining a disclosure from the Disclosure & Barring Service), we will ask for your consent before doing so, unless we are required to disclose this information by law.
All application details will be stored and retained on our system until the completion of the recruitment campaign. Details of all unsuccessful candidates will be deleted at the end of the interview process. Physical interview notes are kept for 6 months after which they are shredded.
We always keep anonymous statistical information about applicants to develop our recruitment processes and for equality and diversity monitoring. This will not contain any information that could identify individual job applicants. Successful candidates will have a staff file created for them that will contain their recruitment information. This information will be kept secure on our HR system that you will have access to.
We ensure that there are appropriate technical controls in place to protect your personal details. For example our online forms are always encrypted and our network is protected and routinely monitored.
We undertake regular reviews of those who have access to the information we hold to ensure that your information is only accessible by appropriately trained staff and volunteers.
We perform comprehensive checks on external companies that collect or process personal data on our behalf before we work with them. We put contracts in place that sets out our expectations
and requirements, especially regarding how they manage the personal data they collect on our behalf or have access to. We have a robust partner monitoring framework to ensure these contractual obligations are met.
If you’re under 13 parental consent. We are committed to protecting the privacy of the young people that engage with us through our website and at fundraising events.
If you’re aged 13 or under, you must get your parent/guardian’s permission before you provide any personal information on the website.
The accuracy of your individual identifying information is important to us. We are working on ways to make it easier for you to review and correct the information that we maintain about you. In the meantime, if you change email address or any of the other information we hold is inaccurate or out of date, please email us at email@example.com
Under the Data Protection Act 1998 and the General Data Protection Regulation, which comes into force on May 25th 2018 you have the following rights:
- The right to access your personal information free of charge.
- The right to edit and update your personal information.
- The right to request to have your personal information deleted.
- The right to restrict processing of your personal information.
- The right to object.
- The right to lodge a complaint with a supervisory authority (ICO).
- If you make a request relating to any of the rights listed above, we will consider each request in accordance with all applicable data protection laws and regulations.
in the way we treat your personal information we will contact you and we will place a prominent notice on our website(s).