This privacy policy explains how we use any personal information we collect about you when you contact us, attend any of our events or use our website.

This Privacy Policy applies to information we (The Interlink Foundation) collect about individuals who interact with our organisation. It explains what personal information we collect and how we use it.

If you have any comments or questions about this policy, feel free to contact us at [email protected].

1. GENERAL PROVISIONS

  • The Interlink Foundation is committed to protecting your privacy. This policy outlines how we keep your personal data safe.
  • This policy applies to all personal data processed by The Interlink Foundation.
  • The Responsible Person shall take responsibility for the Charity’s ongoing compliance with this policy.
  • This policy shall be reviewed at least annually.
  • This policy is compliant with the rules set out by the UK General Data Protection Regulation (the GDPR), relevant other legislation and regulations of the Information Commissioner’s Office (the ICO).
  • The Interlink Foundation is registered with the Information Commissioner’s Office (ICO) as an organisation that processes personal data. Registration number: Z1856413

2. DEFINITIONS

Data controller – A controller determines the purposes and means of processing personal data.

Data processor – A processor is responsible for processing personal data on behalf of a controller.

Data subject – Natural person.

Responsible Person – Miss R Denderowicz

Categories of data: Personal data and special categories of personal data

Personal data – The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier (as explained in Article 6 of GDPR). For example name, passport number, home address or private email address. Online identifiers include IP addresses and cookies.

Special categories personal data – The GDPR refers to sensitive personal data as ‘special categories of personal data’ (as explained in Article 9 of GDPR). The special categories specifically include genetic data, and biometric data where processed to uniquely identify an individual. Other examples include racial and ethnic origin, sexual orientation, health data, trade union membership, political opinions, religious or philosophical beliefs.

Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Third party – means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data

3. ABOUT OUR CHARITY

The Interlink Foundation is the data controller. This means we decide how your personal data is processed and for what purposes. Our contact details are [email protected].   For all data matters please contact our Responsible Person: Miss R Denderowicz at [email protected].

4. THE PURPOSE(S) OF PROCESSING YOUR PERSONAL DATA

If you request or receive services or products, or become involved in our campaigns, we may collect and process the personal information that you’ve provided. We may also collect information from you when you report a problem with our website or if you complete a survey which we use for research purposes.

This personal information may include your name, email address, postal address, telephone or mobile number and date of birth, financial details, UK Taxpayer information (for Gift Aid), credit/debit card information and records of responses to campaigns, as well as how you came to find us or about our services or events.

We may also collect details of your visits to our website, for example your location data, other sites you’ve visited and the resources that you access. We use this to provide you with the information, services or products that you’re interested in and/or are most relevant to you.

5. THE CATEGORIES OF PERSONAL DATA COLLECTED

With reference to the categories of personal data described in the definitions section, we may process the following categories of your data: name, email address, postal address, telephone or mobile number and date of birth, financial details.

We only process your personal data if it has been directly supplied by you in the course of using our services and our website.

6. WHAT IS OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA?

  • All data processed by the The Interlink Foundation must be done on one of the following lawful basis: consent, contract, legal obligation, vital interests, public task or legitimate interests. This is in accordance the Article 6 of the GDPR. More information on lawful processing can be found on the ICO website.
  • Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
  • Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in the Charity’s systems

      a) Personal data

  • Our lawful basis for processing your general personal data is that it has been provided with your consent, necessary for the performance of our services to you.

     b) Special categories of personal data (article 9 of GDPR)

  • We do not routinely process special categories of personal data.

7. SHARING YOUR PERSONAL DATA

We will never share your personal data with a third party without your prior consent or unless required by law.

8. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We keep your personal data for no longer than reasonably necessary or legally required.  Our policy is as follows:

  • Donations you have made to us
    • for 7 years since the date of your last donation
  • Information collected while providing you with membership services
    • For 12 years, unless otherwise specified by you.  This is because holding this data is valuable to our members who often want us to retrieve data provided during the course of service provision.
  • Service user information collected through Interlink Foundation or Interlink Community Services C.I.C.
    • For 3 years after the end of contract
  • Employee and volunteer information
    • for 6 years after the end of contract
  • Trainings you have attended
    • for 6 years after the event

9. PROVIDING US WITH YOUR PERSONAL DATA

You are under no statutory or contractual requirement or obligation to provide us with your personal data. But failure to do so may limit our ability to provide you with services.

10. CCTV

We have installed CCTV surveillance cameras on our premises for safety and security purposes. All practices and procedures are in line with GDPR regulations. Our CCTV Policy is available upon request.

11. YOUR RIGHTS

If you wish to exercise any of your rights, as listed below please contact the Responsible Person, [email protected].  Unless subject to an exemption under the GDPR, you have a right of:

  1. Access to your personal information;
  2. Objection to processing of your personal information;
  3. Objection to automated decision-making and profiling;
  4. Restriction of processing of your personal information;
  5. Your personal data portability (the ability to move, copy or transfer data easily from one database, storage or IT environment to another);
  6. Rectification of your personal information; and
  7. Erasure of your personal information.

If you make a request relating to any of the rights listed above, we will consider each request in accordance with all applicable data protection laws and regulations. No administration fee will be charged for considering and/or complying with such a request unless the request is deemed to be excessive in nature.

Upon successful verification of your identity you are entitled to obtain the following information about your own personal information:

  1. The purposes of the collection, processing, use and storage of your personal data.
  2. The source(s) of the personal information, if it was not obtained from you.
  3. The categories of personal data stored about you.
  4. The recipients or categories of recipients to whom your personal data has been or may be transmitted, along with the location of those recipients.
  5. The envisaged period of storage for your personal data or the rationale for determining the storage period.
  6. The use of any automated decision-making and/or profiling.

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.

12. TRANSFER OF DATA ABROAD

We do not transfer personal data outside the EEA.

13. AUTOMATED DECISION MAKING

We do not use any form of automated decision making in our organisation.

14. FURTHER PROCESSING

If we wish to use your personal data for a new purpose, not covered by this Privacy Policy, then we will provide you with a new privacy notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

15. USE OF COOKIES

We use cookies on our website so that we can tailor the content to you, ensure it’s working the way it should and make improvements.

A cookie is a small file of letters and numbers that is sent and stored on your computer and/or mobile device which provides us with information in relation to your website usage, and allows us to recognise that you have used our website before.

By continuing to use our site, you agree to our use of cookies – but these cookie files and IP addresses will never identify you as an individual. For more information on cookie files and IP addresses read our Cookies Policy. This page also includes instructions on how to disable cookies if you don’t want them to be used.

16. CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our Privacy Policy in the future will be posted on our website where appropriate, notified to you by e-mail/in writing.

17. HOW TO MAKE A COMPLAINT

To exercise all relevant rights, queries or complaints please in the first instance contact our Data Protection Officer – Miss R Denderowicz; email: [email protected].

If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.