This policy document sets out how Triple X Syndrome Support collects, stores and uses the personal data you share with us, for example, when we view the site, fundraise for use, donate or volunteer.
Please read our policy setting out how Triple X Syndrome Support collects, stores and uses the personal information you share with us. It describes what information we collect, how long we will retain it for, who will have access to it and your rights. This is a summary of the policy:
We collect certain types of personal information:
1. When you join us as members:
We collect your name and email address when you become a member and access our blog. This information is only collected and stored with your consent, gained when you first provide the data. We will not use this information to contact you directly.
2. When you subscribe to our site.
We collect your email address when you subscribe to our website We will occasionally email you about our latest news and upcoming events. You can unsubscribe at any time.
3. Volunteering or fundraising.
We collect and store your contact details, including your name, address, telephone number and email address, plus any other information you provide voluntarily, such as your reason for fundraising/volunteering. We also store details of the event/s you are taking part in or the fundraising/volunteering/awareness-raising you are undertaking.
When contacting us about fundraising, we will store emails you send us and will record in written/note form details of telephone conversations, in order that we can help your fundraising. We collect this information to enable us to send administrative messages, to thank and support you, send you fundraising materials and contact you in case of query. This information also enables us to meet our legal requirements to accurately produce accounts/financial statements.
4. When you make a financial transaction, such as a donation or paying in funds raised.
We collect information about our sources of income in order to produce accurate financial statements and to comply with the law relating to the retention of financial data. (for example the Companies Act 2006 and Gift Aid).
When you make a donation on our website, we collect certain information to enable us to process the transaction. This information includes your name, address, email address, telephone number, bank and bank account details, credit/debit card details, reason for donation, or donations made. Some of this information is shared with our secure payment partner, Paypal to effect the transaction.
If using one of our other online fundraising and donations partners such as Justgiving, you will be asked to provide personal information and will be asked whether you consent to us making contact with you (in which case we will use that data in accordance with this policy). Please see their relevant privacy policies which are on their websites.
If you make a payment or a donation by any other method, e.g. post, direct debit/ standing order, we retain a paper record of your financial transaction. This is shared with our chosen auditors and if we are legally required to disclose it, to the relevant authorities. By voluntarily submitting your personal information to us, you are consenting to the use of your personal information for effecting a payment or donation.
5. When you browse through our website.
6. When you are employed by Triple X Syndrome Support or become a trustee.
We hold personal information about our current and past employees and trustees, including name, address, telephone number, email address, date of birth, employment history, bank account information, tax and national insurance and pensions, details of other trusteeships, directorships and declarations of interest.
This information enables us to meet our legal requirements in relation to employment and also charity governance and take decisions on employee and trustee recruitment and employment, future strategy and to enable us to further our charitable aims.
Each time we process your data, we must have a ‘Legal Basis’ for doing so
GDPR (EU Regulation 2016/679) states that in order to collect, store or process different categories of data, organisations who are ‘data controllers’ need to meet one or more of a number of ‘legal bases for processing’ data. This includes Specific, Informed Consent (i.e. where you have given your consent, such as when you join us as a member or agree to us contacting you about other relevant topics), Meeting our Legitimate Interests as a charity (except where this would override your individual rights or interests), Meeting our Legal Requirements (e.g. to maintain accurate financial statements under the Companies Act, 2006) and Carrying out the requirements of a Contract. For further information about these legal bases for processing data, please see the Information Commissioner’s website at www.ico.org.uk