#TADF, is committed to protecting your privacy and security. This policy explains how and why we use your personal data and to make sure you remain informed and in control of your information.
For all information we collect you can decide:
- To stop receiving communications from us
- To update information
- To have your information removed from our systems
- To request a summary of what information we hold on you
We are also committed to keeping you informed in the unlikely event of a data breach.
We also promise that:
- We will not keep information for longer than ‘absolutely necessary’
- That we hold a regular review of all data we process
- That will we never sell your personal data
- That we will only ever share data with organisations we work with where necessary and if its privacy and security are guaranteed.
- That we will supply you with a record of the information held on request.
You can decide not to receive communications or change how we contact you at any time. If you wish to do so, please contact support by email firstname.lastname@example.org.
Any questions you have in relation to this policy or how we use your personal data should be sent to email@example.com .
2. ABOUT US
#TADF provide consumer and institutional services for Anti-discriminatory practice and diversity across industries including mental health, counselling and psychotherapy.
3. WHAT INFORMATION WE COLLECT
Personal data you provide
We collect data you provide to us. This includes information you give when joining or registering, placing an order or communicating with us. For example:
- personal details (name, email, address, telephone etc.) when you use our services such as in directory listing and in subscribing to newsletters
- financial information (payment information such as credit/debit card. Please see section 8 for more information on payment security); and
- details of your interests and preferences (such as which of our free resources you access)
Information we generate
We conduct research and analysis on the information we hold, which can in turn generate personal data. For example, by analysing your interests and involvement with our work we may be able to build a profile which helps us decide which of our communications are likely to interest you.
Section 6 (Research and profiling) contains more information about how we use information for profiling and targeted advertising.
Information from third parties
We sometimes receive personal data about individuals from third parties. For example, if we are partnering with another organisation (e.g. you provide your information to another organisation we’re collaborating with on a joint venture). Also, as explained in Section 11 (Cookies and links to other sites), we may use third parties to help us conduct research and analysis on personal data (and this can result in new personal data being created).
We may collect information from social media where you have given us permission to do so, or if you post on one of our social media pages.
4. HOW WE USE INFORMATION
We only ever use your personal data with your consent, or where it is necessary in order to:
- enter into, or perform, a contract with you;
- comply with a legal duty;
- protect your vital interests;
- for our own (or a third party’s) lawful interests, provided your rights don’t override the these.
In any event, we’ll only use your information for the purpose or purposes it was collected for (or else for closely related purposes):
We use personal data to communicate with people, to promote #TADF This includes keeping you up to date with our news, updates, campaigns.
For further information on this please see Section 6 (Marketing).
We use personal data for administrative purposes (i.e. to carry on our business activities). This includes:
- performing our obligations under membership contracts;
- fulfilling orders for goods or services (whether placed online,) helping us respect your choices and preferences (e.g. if you ask not to receive marketing material, we’ll keep a record of this).
5. DISCLOSING AND SHARING DATA
We will never sell your personal data. If you have opted-in to marketing, we may contact you with information about our partners, or third-party products and services, but these communications will always come from #TADF and are usually incorporated into our own marketing materials (e.g. advertisements or newsletters).
We may share personal data with subcontractors or suppliers who provide us with services.
For example, if you order something from #TADF, your name and address will be shared with the delivery company. However, these activities will be carried out under a contract which imposes strict requirements on our supplier to keep your information confidential and secure.
Occasionally, where we partner with other organisations, we may also share information with them (for example, if you register to attend an event being jointly organised by us and another organisation). We’ll only share information when necessary and we’ll make sure to notify you first.
From 31st of March 2018 #TADF will ask its supporters to “opt-in” for most communications. This includes all our marketing communications (the term marketing is broadly defined and, for instance, covers information about services-related information and #TADF).
This means you’ll have the choice as to whether you want to receive these messages.
You can decide not to receive communications or change how we contact you at any time. If you wish to do so, please contact firstname.lastname@example.org
What does ‘marketing’ mean?
Marketing does not just mean offering things for sale, but also includes news and information about:
- our organisation and its business activities
- our role in educating the students and the general public on issues of mental health
- benefits and offers
- working with is
- products, services and offers (our own, and those of third parties which may interest you)
When you receive a communication, we may collect information about you respond to or interact with that communication, and this may affect how we communicate with you in future.
The #TADF newsletter is provided as a benefit of subscribers. We send these out to all our subscribers (unless you specifically ask us not to) and you can choose to unsubscribe from general marketing communications without giving up your subscription to the Subscriber. However, please be aware that member magazines do include advertisements.
7. RESEARCH AND PROFILING
This section explains how and why we use personal data to build profiles which enable us to understand our supporters, improve our relationship with them, and provide a better supporter experience.
Analysis and grouping
We analyse our support to determine common characteristics and preferences. We do this by assessing various types of information including behaviour (e.g. previous responses) or demographic information (e.g. age or location).
By grouping people together on the basis of common characteristics, we can ensure that group is provided with communications, products, and information which is most important to them. This helps prevent your inbox from filling up, and also means we aren’t wasting resources on contacting people with information which isn’t relevant to them.
Profiling to help us understand our customers
We profile individuals who opt in through our site and our membership services in terms of:
- How often they open emails from us
- How they respond to email correspondence
- Length of engagement with paid services such as the CSR and Handout Vault or any other paid product
- Understanding their engagement on social media platforms, which are managed by #TADF
We collect information on preferences and interests (e.g. which course you are studying, are you a student or a tutor) so that we know what material you are mostly likely to be interested in.
We may aggregate and anonymise personal data so that it can no longer be linked to any particular person. This information can be used for a variety of purposes, such as recruiting new supporters, or to identify trends or patterns within our existing supporter base. This information helps inform our actions and improve our campaigns, products/services and materials
8. HOW WE PROTECT DATA
We employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to or use or disclosure of your personal information.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data.
All electronic forms that request financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers.
If you use a credit card to purchase a membership or purchase something on-line, we will pass your credit card details securely to our Merchant Service Stripe.
Stripe merchant service complies with the payment card industry data security standard. #TADF will never store your card entire card details on any of our internal computer or network systems.
Of course, we cannot guarantee the security of your home computer or the internet, and any online communications (e.g. information provided by email or our website) are at the user’s own risk.
Where we store information
#TADF’s operations are based in the UK and we store our data within the European Union. Some organisations which provide services to us may transfer personal data outside of the EEA, but we’ll only allow them to do if your data is adequately protected.
How long we store information
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).
We continually review what information we hold and delete what is no longer required. We never store payment card information.
10. KEEPING YOU IN CONTROL
We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
- the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as subject access request);
- the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
- the right to have inaccurate data rectified;
- the right to object to your data being used for marketing or profiling; and
- where technically feasible, you have the right to personal data you have provided to us which we process automatically on the basis of your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you would like further information on your rights or wish to exercise them, please write to our Data Protection Officer at #TADF, email@example.com.
We can provide you with a template subject access form which includes guidance on how to make your request (and will help us respond more quickly). Please contact us for a copy of this.
You can complain to the #TADF directly by contacting our data protection officer using the details set out above. If wish to make a complaint (which does not directly relate to your data protection and privacy rights), you can do so at firstname.lastname@example.org.
If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the UK Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk.
11. COOKIES AND LINKS TO OTHER SITES
Our website uses local storage (such as cookies) to provide you with the best possible experience and to allow you to make use of certain functionality (such as being able to shop online).
Links to other sites
Our website contains hyperlinks to many other websites. We are not responsible for the content or functionality of any of those external websites (but please let us know if a link is not working by using the ‘Contact us’ link at the top of the page).
When purchasing goods or services from any of the businesses that our site links to, you will be entering into a contract with them (agreeing to their terms and conditions) and not with #TADF.
We have developed data practices designed to assure information is appropriately protected but we cannot always know where Personal Information may be accessed or processed. While our Services are maintained and operated in the United Kingdom, we may transfer Personal Information outside of the United Kingdom if necessary.
In certain cases, we transfer and store certain information outside the EEA, such as to the United States. In such cases, we use a legal mechanism known as “standard contractual clauses” to protect information transferred outside the EEA. Standard contractual clauses refer to contracts between companies transferring personal information that contain standard commitments, approved by the European Commission, protecting the privacy and security of the information transferred.