The RockinR Charity may be known as (“We” or “Us”) throughout this document and we are committed to protecting and respecting your privacy.
2. Who we are?
The RockinR Charity
16 Sunnyhill Crescent,
- What information do we collect?
Other information will be collected purely for the purposes of dealing with your enquiry or fulfilling our contract or service with you. This information, when collected through our website usually involves contact details such as name, email address, telephone numbers, and we will then ask for your physical address. This information constitutes personally identifiable information and as such will be treated in accordance with EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) rules.
We do not collect sensitive data via our website. Any sensitive data we do hold will be destroyed as soon as it is processed.
4. How do we use personal information?
We will use the information you provide only for the purposes of our business. The following table explains the types of data we collect and the legal basis, under current data protection legislation, on which this data is processed.
Purpose Data (key elements) Basis Enquiring about our organisation and its work Name, email, message Legitimate interests – it is necessary for us to read and store your message so that we can respond in the way that you would expect. Subscribing to email updates about our work Name, email Consent – you have given your active consent. Making a donation Name, email, address, payment information Legitimate interests – this information is necessary for us to fulfill your intention of donating money and your expectation of receiving a confirmation message. Signing up as a member Name, email Contract – by paying your membership fees you have entered into a contractual relationship with us as set out in our membership terms and conditions. Website functionality Website activity collected through cookies
– it is necessary for us to store a small amount of information, usually through cookies, to deliver functionality that you would expect, such as remembering the contents of your order before you have fully completed the process.
We may also need your details to provide customer feedback and support.
We will also use this information to comply with any legal obligations; For example, prevention of fraud or legal or accountancy requirements.
5. What legal basis do we have for processing your personal data?
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
You have given consent to the processing of your personal data for one or more specific purposes, such as placing an order asking for a quote;
Processing is necessary for the performance of a contract to which you are a party or to take steps at the request of you prior to entering into a contract with us;
Processing is necessary for compliance with a legal obligation to which we are subject;
Processing is necessary for the purposes of the legitimate interests pursued by us, except where such interests are overridden by your fundamental rights and freedoms.
6. When do we share personal data?
We may at times need to share your personal data with third parties to whom we contract to provide a product or a service. If this is necessary, we will take all reasonable steps to ensure that your data is handled securely and in accordance with your rights. Data will only be revealed on a need to know basis and we only deal with third parties that we know to have safeguards in place to ensure our obligations towards your data security are met.
We currently deal with the following types of businesses to whom we may need to provide some of your information:
You have provided your explicit consent for us to pass data to a named third party;
We are using a third party purely for the purposes of processing data on our behalf and we have in place a data processing agreement with that third party that fulfils our legal obligations in relation to the use of third-party data processors;
Professional advisors such as lawyers, bankers, medical professionals, accountants, auditors and insurers;
Any third parties to whom we may sell, merge or transfer our business to;
Suppliers and delivery agents who supply some of our products;
7. Where do we store and process personal data?
We only keep your data for as long as we need to use it as described above in section 5, and for as long as we have your permission to keep it.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.
How do we secure personal data?
We try to limit the amount of data we collect from you specifically through our website. Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our site. Staff are only allowed to access data on a need to know basis.
8. How long do we keep your personal data for?
We will only retain your data for as long as is necessary to carry out our services and to comply with any legal obligations, such as HMRC or auditing purposes. We have a yearly review of all data and any data that is no longer needed will be securely shredded or securely deleted.
9. Your rights in relation to personal data
Under the GDPR, you have:
• the right to request access to, deletion of or correction of, your any aspect of the personal data we hold;
• the right to complain to a supervisory authority;
• be informed of what data processing is taking place;
• the right to restrict processing;
• the right to data portability;
• object to processing of your personal data;
Your rights can be exercised accordingly by getting in touch with us, by phone, email or post using the contact details in part 2. Please bear in mind that we may require further information to help us confirm your identity and your right to make any request.
11. Linking to other websites / third party content
Our websites and services may provide links to other third-party websites and services which are outside our control and not covered by this policy. We encourage you to review the privacy policies posted on these (and all) sites you visit or services you use.