SURVIVE-MIVA is committed to respecting any personal data you share with us and to keeping it safe. We aim to be clear when we collect your data and not do anything you wouldn’t reasonably expect.
WHAT THIS POLICY COVERS
We ensure that we use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:
- What information SURVIVE-MIVA may collect about you and how we collect it
- How we will use that information
- Whether we disclose your details to anyone else
- Your choices regarding the information you provide to us
If you have any queries about this please contact us: firstname.lastname@example.org
5 Park Vale Road,
tel: 0151 523 3878
WHO WE ARE
SURVIVE-MIVA is a registered charity in England and Wales (charity number 268745), and is governed by a Committee of Management, or Trustees.
HOW WE COLLECT DATA
We collect information in the following ways:
1. When you give it to us DIRECTLY
You may give us your information for the following reasons:
- to subscribe to our twice-yearly (issued in January and July) free magazine ‘Awareness ‘(by post or via e-mail notification)
- to make a donation
- to complete a Gift Aid declaration
- to become a volunteer.
2. When you give it to us INDIRECTLY
Your information may be shared with us by independent event organisers, for example the London Marathon, or fundraising sites such as Just Giving, BT My Donate These independent third parties will only share your information with us when you have indicated that you wish to support SURVIVE-MIVA and that you are happy for your details to be passed on to us.
WHAT DATA WE COLLECT
The type and quantity of information we collect and how we use it depends on why you are providing it.
If you subscribe to our magazine, we will collect:
- Your name
- Your contact details – postal address and, for e-mail subscribers, both the postal and e-mail address – unless you only wish to supply your e-mail address
If you support us by making a donation, or volunteer to help us fundraise, we will usually collect:
- Your name;
- Your contact details;
- Your bank or credit card details (not usually collected for volunteering unless you wish volunteer expenses to be paid direct into your bank account).
We retain records of your donations for our accounts and for Gift Aid claims, and if you use your credit or debit card to donate to us, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard.
You can find out more information about PCI DSS on their website:
We do not store your credit or debit card details at all, following the completion of your transaction.
All card details (including those printed on the ‘Merchant’ paper receipt) and validation codes are securely destroyed once the payment or donation has been processed (usually on the same day as the donation is received). If for some reason the credit/debit card cannot be processed on the same day as the details are received (e.g. no staff authorised to process debit/credit cards are available), then the card details are stored in a locked cabinet. Only staff authorised, and those trained to process payments, will be able to see your card details.
If you donate by cheque, then we pay in cheques to our bank via a service provided by the Post Office. In case of problems/queries that may arise when banking cheques, we retain in our office, in a locked cabinet, a list of all cheques banked on a particular date. The list shows the name on the cheque, the bank sort-code and bank account number.
We retain this information for no longer than one month after the deposit was made (assuming successful bank clearance). We then delete/obscure the bank sort-code and account number from the paper record in the filing cabinet.
Where it is appropriate in order to offer you a good service, for example to attend a meeting or information day, to recruit you as a volunteer, we may also ask for:
- Your religious affiliation
- Your age
- Information relating to your health, disability, and dietary preferences
- Your occupation or previous occupations
- Information on your previous experience as a volunteer
Data Protection law recognises that certain categories of personal information are more sensitive. This is known as sensitive personal data and covers health information, race, and religious beliefs. We do not usually collect ‘sensitive personal data’ about our supporters unless there is a clear reason for doing so, such as ensuring your needs are met if you attend a meeting, or to ensure we match you to an appropriate volunteer role.
In the case of our volunteer Speakers, who make appeals for funds for SURVIVE-MIVA in Catholic churches, we need to recruit volunteers to this role who are themselves Catholic or who have a good understanding of the faith. In the final stages of the Speaker recruitment process, it is standard practice to request a reference from the prospective volunteer’s parish priest and, therefore, we are in effect gathering information on religious affiliation.
WHY WE COLLECT DATA
We will mainly use your data to:
- Provide you with the services, products or information you asked for
- Administer your donation or support your fundraising, including processing gift aid
- Let you know about new services, products and ways you can support us
- Keep a record of your relationship with us
- Ensure we know how you prefer to be contacted
- Understand how we can improve our services, products or information
We may also use your personal information to detect and reduce fraud.
HOW WE SHARE DATA
We will not normally share your data, but will do so if:
- We are legally required to do so, e.g. by a law enforcement agency legitimately exercising a power or if compelled by an order of the Court
- We believe it is necessary to protect or defend our rights, property or the personal safety of our people or visitors to our premises or website
- We are working with a carefully-selected partner that is carrying out work on our behalf. These partners may include mailing houses and IT specialists. The kind of work we may ask them to do includes processing, packaging, mailing and delivering our magazine, sending postal mail, emails and text messages, carrying out research or analysis and processing payments. We only choose partners we can trust. We will only pass personal data to them if they have signed a contract that requires them to:
- abide fully by the requirements of the General Data Protection Regulation
- treat your information as carefully as we do
- only use the information for the purposes it was supplied (and not for their own purposes or the purposes of any other organisation)
- allow us to carry out checks to ensure they are doing all these things
- We will only ever share your data in other circumstances if we have your explicit and informed consent.
We will never share, sell, or swap your details with any third parties for the purposes of their own marketing or the monetising of your data.
HOW WE STORE DATA
We store information on computers located in the UK. We may transfer data to our reputable third party suppliers as explained above. They may be situated inside or outside the European Economic Area. We may also store information in paper files.
We place a great importance on the security of all personally identifiable information associated with our supporters and users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal data under our control. Whilst we cannot ensure or guarantee that loss, misuse or alteration of data will not occur while it is under our control, we use our best efforts to try to prevent this.
Unfortunately, the transmission of data across the internet is not completely secure and whilst we do our best to try to protect the security of your information we cannot ensure or guarantee that loss, misuse or alteration of data will not occur whilst data is being transferred.
We will keep your information only for as long as we need it to provide you with the services or information you have required, to administer your relationship with us, to inform the preferences of our supporters, to comply with the law, or to ensure we do not communicate with people that have asked us not to. When we no longer need information we will always dispose of it securely, using specialist companies if necessary to do this work for us.
The General Data Protection regulation gives you certain rights over your data and how we use it. These include:
- the right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed
- the right to prevent your data being used for direct marketing
- the right of access to a copy of the information we hold about you (known as a subject access request).
If you wish to exercise any of these rights please contact us. Subject access requests must be made in writing by post, with a description of the information you want to see and proof of your identity. We do not accept subject access requests by email so that we can ensure that we only provide personal data to the right person.
We will respond within one month of receipt of your written request and confirmed ID. Please provide as much information as possible about the nature of your contact with us to help us locate your records. Please note it is our policy to charge the statutory maximum fee of £10 for a subject access request.
Where you have provided your consent for our use of your personal information, you always have a right to withdraw your consent at any time.For more information about your rights under the Data Protection Act go to the website of the Information Commissioner’s Office:
5 Park Vale Road
Tel: 0151 523 3878