This policy applies on and from 26th August 2020
Keeping your data safe
We will update this Policy from time to time so please check occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org writing to Clean Sheet, PO Box 6364, Coventry CV6 9LL
Who are we?
Clean Sheet is a Charitable Incorporated Organisation that exists to provide a pathway to employment for anyone with a conviction.
- Registered charity number: 1154034
- Registered address: PO Box 6364, Coventry CV6 9LL
You can find out more about Clean Sheet’s aims and activities here: http://beta.charitycommission.gov.uk/charity-details/?subid=0®id=1154034
Personal data/personal information – any information which can identify an individual
Third Parties – those outside Clean Sheet who use data from Clean Sheet for defined tasks
Who’s in control?
It is important that you understand who is responsible for keeping your data safe. Clean Sheet is the “controller” of all personal data collected and used for the purposes of our charitable business. This means that we are responsible for deciding how and why your data is used and for ensuring that your data is handled legally and safely.
What data do we collect and where from?
We obtain information about you when we interact with you either in person, by phone, by email or when you use our website e.g. when you contact us about products and services, make a donation or if you register to receive our newsletter. We also receive information from Third Parties.
We collect some data directly from you when you register as a Member of Clean Sheet. This data includes the following:
- your full name;
- your email address;
- your telephone number;
- your postcode and address (if you choose to provide them);
- your preferences for sharing information;
- the password you set up to access your online account.
We collect information about how you use our website using cookies and similar technology. This helps us analyse data about web page traffic and improve our website in order to tailor it to member needs. We use this information for statistical analysis purposes only.
If you make a donation online we may collect your card information, this is not held by us and it is collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.
What do we use your data for?
It is important that you understand how and why we use the personal data that we collect about you. We may use your information to:
- to carry out our obligations arising from any services you have agreed that we can provide on your behalf;
- inform you about our services and activities;
- send you communications which you have requested;
- process a donation that you have made;
- share with agreed third parties (explained below);
- comply with a legal requirement.
Your data will not be subject to any automated decision making in any way.
How do we use your data for marketing and advertising purposes?
We will not sell, rent or share your information to third parties for marketing or any other purposes.
What is our legal basis for using your data?
Data protection law says that we have to tell you the legal basis that we rely on to process your personal data for the purposes that we have notified to you. This section tells you what that legal basis is in relation to each of the purposes set out.
- Purpose: Running your account and providing you with our services;
- Legitimate interests: To ensure that Clean Sheet Members can access relevant and accurate information on Clean Sheet services with a view to gaining sustainable employment.
- Purpose: Improving our services;
- Legitimate interests: To make sure that we continue to improve our service and provide our users with the best and most effective service possible.
Third party service providers working on our behalf
We may pass your information to our third party service providers, agents, subcontractors and other associated organisations only for the purposes of completing tasks and providing services to you on our behalf (for example to process donations and send you mailings). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service. We will not release your information to third parties beyond Clean Sheet for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
When you are using our secure online donation pages, your donation is processed by a third party payment processor (Charities Aid Foundation), who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us: email@example.com
How do we store and protect your information?
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal data stored on our website and systems.
We keep all information digitally using secure software. Any paper-based information is logged digitally then destroyed. All Clean Sheet staff are trained to safely dispose of documents or media in onsite shredding receptacles.
Other information, such as phone messages, are deleted once they have been logged digitally.
When do we stop using your information?
We keep your personal information while we need it for our charitable and business purposes or until you request removal, and always in accordance with applicable legal requirements.
Generally, we review our databases every 6-8 months to remove any expired data that is no longer necessary.
Under the General Data Protection Regulation you have the right to:
- Access your personal information – You have a right to obtain confirmation that your personal information is being processed and further to request a copy of the personal information that we hold about you.
- Amend/edit your personal information at any time.
- Request to have your personal information deleted.
- Restrict processing of your personal information/date. We will continue to store your data but not further process it, so we can ensure that the restriction is enforced in the future.
- Object to processing of your personal information in certain circumstances e.g. for marketing and research purposes.
- Lodge a complaint with a supervisory authority. If you wish to lodge a complaint or seek advice from a supervisory authority please contact The Office of the Information Commissioner (ICO).
- Withdraw your consent to processing at any time.
To update, change or remove your information
Please contact us by email to firstname.lastname@example.org
You choose whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us please tick the relevant boxes at the point at which we collect your information.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent, or by post if you have indicated you do not want to be contacted in that way.
You can change your marketing preferences at any time by contacting us by email: email@example.com
The accuracy of your information is important. If your details change or any of the information we hold is inaccurate or out of date or you want to access the information we hold about you, please email us at: firstname.lastname@example.org
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
To minimise risk we use secure e-mail that encrypts messages in transit where this is supported by the recipient. Emails passing through the secure e-mail system are also checked by an anti-virus application. If a virus is found, the message won’t be delivered and the sender will be notified. Secure e-mail uses the latest technology to keep emails safe from malicious security incidents.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Transferring your information outside of Europe
We may store your personal data outside the European Economic Area (EEA) using third party secure software providers. Where this is the case we ensure that the third parties provide appropriate safeguards through ‘standard contractual clauses’ issued by the European Commission.
If something goes wrong
All Clean Sheet staff have received training and clear guidance on the process to be followed if a Breach occurs (including reporting and rectifying).
If you are unhappy about our handling of your data, our teams will do their best to resolve the matter for you. If you are not satisfied, you can refer the matter to our Data Protection Officer.
You can, if our actions seem insufficient, contact: Information Commissioner’s Office, online at ICO.org.uk or by telephone on 0303 123 1113.
Review of this policy
We keep this Policy under regular review. This policy was last reviewed and updated on the 26th August 2020.
Overall our aims are to ensure that you:
- know what data we hold;
- understand why we hold that data;
- know how long we will hold the data;
- can change or remove that data on request (subject to requirement of law);
- can see a clear path for help if you feel it is necessary.