St Martin-in-the-Fields Trust Privacy and Security Policy
This policy applies to our website, our use of emails and text messages for marketing purposes, and any other methods we use for collecting information. It covers what we collect and why, what we do with the information, what we won’t do with the information, and what rights you have.
What information do we collect and why?
We will only ever collect the information we need – including data that will be useful to help improve our services. We collect two kinds of information:
- non-personal information such as IP addresses (the location of the computer on the internet), pages accessed and files downloaded. This helps us to determine how many people use our sites, how many people visit on a regular basis, and how popular our pages are. This information doesn’t tell us anything about who you are or where you live. It simply allows us to monitor and improve our service.
- personal information such as name, postal address, phone number, email address, date of birth (where appropriate), information about your interests and hobbies etc.
We collect this information in connection with specific activities, such as donations made, event registration, feedback, competition entries etc. The information is either needed to fulfil your request or to enable us to provide you with a more personalised service. You don’t have to disclose any of this information to browse the sites. However, if you do choose to withhold requested information, we may not be able to provide you with certain services.
What do we do with the information?
We will use the information you provide to:
- fulfil your requests – such as applications for membership, keeping a record of you donations, competition entries, participation in campaigns and provision of information
- process sales transactions, donations, or other payments and verify financial transactions
- identify visitors and contributors
- provide a personalised service to you when you visit Our websites – this could include customising the content and/or layout of Our pages for individual users
- record any contact We have with you
- prevent or detect fraud or abuses of Our websites and enable third parties to carry out technical, logistical or other functions on Our behalf
- to carry out research on the demographics, interests and behaviour of our users and supporters to help us gain a better understanding of them and to enable us to improve our service. This research may be carried out internally by Our employees or We may ask another company to do this work for Us
- communicate with Our supporters and customers
- if you have agreed to it, provide you with information that we think may be of interest to you.
Using your information for marketing
As of June 2017, St Martin-in-the-Fields Trust has moved to an opt-in approach to marketing communication. This means we only send marketing information to people who have specifically said that they agree to us doing this, and we will only do so in the way(s) they have agreed to. Marketing information covers fundraising appeals by the Trust, and information about our work.
So, as of June 2017, only those people who have opted in will receive these communications. If you want to receive this information but haven’t opted in, you can do so by emailing: firstname.lastname@example.org.
If we contact you by email, every message we send will include a link to opt out of receiving future messages if you change your mind. If we contact you by other means and you want to change how – or if – you receive our communications, please email us: email@example.com.
Sharing your information
We will only share your information if:
- We are legally required to do so, e.g. by a law enforcement agency legitimately exercising a power or if compelled by an order of the Court
- We believe it is necessary to protect or defend Our rights, property or the personal safety of Our people or visitors to Our premises or websites
- We are working with a carefully-selected partner that is carrying out work on our behalf. These partners may include mailing houses, marketing agencies, IT specialists and research firms. The kind of work we may ask them to do includes processing events bookings, sending postal mail, emails and text messages on our behalf, carrying out research or analysis and processing card payments. We only choose partners we can trust. We will only pass personal data to them if they have signed a contract that requires them to:
– abide by the requirements of the Data Protection Act
– treat your information as carefully as We would
– only use the information for the purposes it was supplied (and not for their own purposes or the
purposes of any other organisation)
– allow Us to carry out checks to ensure they are doing all these things.
Storing your information
Information is stored by us on computers located in the UK. We may transfer the information to other offices and to other reputable third party organisations as explained above – they may be situated inside or outside the European Economic Area. We may also store information in paper files.
We place a great importance on the security of all personally identifiable information associated with our supporters, customers and users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal data under our control. For example, only authorised personnel are authorised to access user information and we use secure server software (SSL) to encrypt financial and personal information you input before it is sent to us. While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur while it is under our control, we use our best efforts to try to prevent this.
Unfortunately, the transmission of data across the internet is not completely secure and whilst we do our best to try to protect the security of your information we cannot ensure or guarantee that loss, misuse or alteration of data will not occur whilst data is being transferred.
Where you or we have provided a password enabling you to access parts of our websites or use our services, it is your responsibility to keep this password confidential. Please don’t share your password with anyone.
We will keep your information only for as long as we need it to provide you with the services or information you have required, to administer your relationship with us, to inform our research or the preferences of our supporters, to comply with the law, or to ensure we do not communicate with people that have asked us not to. When we no longer need information we will always dispose of it securely, using specialist companies if necessary to do this work for us.
What we don’t do with your information
We never sell or share your information to other organisations to use for their own purposes.
The Data Protection Act gives you certain rights over your data and how we use it. These include:
- the right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed
- the right to prevent your data being used for direct marketing
- the right of access to a copy of the information We hold about you (known as a subject access request)
If you wish to exercise any of these rights please contact us at firstname.lastname@example.org. Please note it is our policy to charge the statutory maximum fee of £10 for a subject access request.
For more information about your rights under the Data Protection Act go to the website of the Information Commissioner’s Office at ico.org.uk.
St Martin-in-the-Fields Trust is not a ‘public authority’ as defined under the Freedom of Information Act and We will not therefore respond to requests for information made under this Act; using the funds generously donated to Us by Our supporters for such activities is not in accordance with Our charitable purposes.