Privacy Policy

Privacy Policy

This Policy explains how we collect, store and use your personal information. By using our website, you’re agreeing to be bound by this Policy.

Your Information

We may obtain information about you when you use our website, if you contact us about our services or if you make a donation. The information we collect could include your name, address, email address, IP address, and information regarding what pages on the website you accessed.

We will only use your information in a limited number of ways, including:

  • to process a donation you have made;
  • to ask for your opinions and views on our work;
  • to advise you of any changes to our services that may affect you;
  • to send you further information if you have asked for this.

 

Collection of Data for an Identified Purpose

Where we engage service providers to work on our behalf, e.g., payroll, donations platforms, they will only have access to the specific information they need to undertake the service required. Information we collect on behalf of these services will be kept and stored securely and for the minimum amount of time required to process this information.

We will only retain your personal information for as long as is required by law.

We may disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation; or in order to enforce or apply our terms of use for this website or other agreements; or to protect the rights, property or safety of the Anne Robson Trust, our donors or others. This includes exchanging information with other companies and organisations for the purposes of fraud detection and protection.

Other than in these circumstances, we will never sell or share your information with third parties.

We may use cookies.

We will use all reasonable measures to ensure that the information we hold about you is kept safe and secure (for information regarding the disposal of data see our Data Storage rules below from our Data Protection Policy).

Data storage

These rules describe how and where data should be safely stored. Questions about storing data safely can be directed to our Data Protection Officer.

Paper

  • When data is stored on paper, it will be kept in a secure place where unauthorised people cannot see it.
  • When not required, the paper or files will be kept in a locked drawer or filing cabinet.
  • Employees will make sure paper and printouts are not left where unauthorised people could see them, e.g., on a printer.
  • Data printouts will be shredded and disposed of securely when no longer required.

Electronically

When data is stored electronically, it will be protected from unauthorised access, accidental deletion and malicious hacking attempts:

  • Data will be protected by strong passwords that are changed regularly and never shared between employees.
  • If data is stored on removable media (like a CD or DVD), these will be kept locked away securely when not being used.
  • Data will only be stored on designated drives and servers and only be uploaded to an approved cloud computing service.
  • Servers containing personal data will be sited in a secure location, away from general office space.
  • Data will be backed up frequently. Those backups will be tested regularly.
  • Data will never be saved directly to laptops or other mobile devices like tablets or smart phones.
  • All servers and computers containing data will be protected by approved security software and a firewall.

If you change email address, or any of the other information we hold is inaccurate or out of date, please contact us by email to info@annerobsontrust.org.uk or in writing to The Anne Robson Trust, Unit A3 Mindenhall Court, 17 High Street, Stevenage SG1 3UN.

Your Right to Access Personal Information

In accordance with our Data Protection Policy you have the right to ask for a copy of the information that we hold about you. 

Subject Access Requests (SAR)

A subject access request is the Right of Access allowing an individual to obtain records to their personal information, held by an organisation. The Anne Robson Trust will recognise the request, whether written or verbal, and pass it on to the Director of Operations or Data Protection Officer. A response is required within one month (under current GDPR guidelines) and the requested information will be given to the individual without delay. If a SAR is received which is considered ‘excessive or manifestly unfounded’, we will charge a reasonable fee to deal with the request or refuse to provide any information at all.

Any questions regarding this policy should be sent by email to info@annerobsontrust.org.uk or in writing to The Anne Robson Trust, Unit A3 Mindenhall Court, 17 High Street, Stevenage SG1 3UN

This policy is reviewed annually or when required by statutory or regulatory changes.