The Audley Foundation (‘we’ or ‘us’) are the ‘Data Controller’ of the personal data that you (‘you’ means the person whose data is being processed) provide to us. We are committed to protecting your data and your rights in line with the Data Protection Act and the General Data Protection Regulation of 2018 (GDPR 2018). This notice explains how information about you is used by us.
The Audley Foundation is a registered Charitable Incorporated Organisation (CIO) in England and Wales No. 1187871
Audley Foundation's privacy principles
We know that your information privacy is very important to you. We promise that it is even more important to us.
We want everyone who has any dealings with us to feel confident about how any personal information they share will be looked after or used.
You can be confident that:
- We only use personal information in the ways we need to and that is expected of us.
- We will use your information to keep you up to date, for example, to let you know how we are progressing with your enquiry.
- But, we only use your personal information to do this if you have previously given us your permission to do so.
- We will make it easy for you to tell us how you want us to communicate with you, including how to opt-out from future communications – and we promise we will always comply with your request. Please note that you may continue to receive communications for a short period while our systems are fully updated.
- We will never release your information to other organisations where we do not have a contractual agreement in place.
- We take all reasonable care to safeguard all your personal information through security policies and secure business processes. We take extra care to ensure all sensitive personal information is properly looked after.
- We respond quickly, efficiently and lawfully if you have any queries or complaints, or if you wish to amend your records.
- We fully respect your rights relating to the personal information we process about you – we will always provide easy ways for you to contact us. Our Data Protection Officer is happy to answer any queries you have.
How we collect personal information about you
We may collect personal information from you when you get in touch with The Audley Foundation. This may be when you phone us, go onto our website, contact us through email or the post, or in person.
What information do we collect about you?
We may process the following information:
- Your personal details – such as your name, date of birth and your nationality.
- Your contact details – such as your address, telephone, email address, and other information that you may provide in any correspondence between us.
- Financial information you may provide to us – such as bank details, financial details and credit/debit card details.
- Details of others such as ‘Next of kin’ – this may be the contact details of a close relative or friend, or your solicitor or other agent/s.
- Any preferences you may have, including whether you consent to any marketing contact.
- We also collect general information about the use of our websites, such as which pages users visit most often, and which services, events or facilities are of most interest. We may also track which pages users visit when they click on links in our emails. We may use this information to personalise the way our websites are presented when users visit them, to make improvements to our websites and to ensure we provide the best service for users. Wherever possible we use aggregated or anonymous information which does not identify individual visitors to our websites.
The provision of information by you is needed so that we can provide you with the contractual service you have asked for or so that we can legitimately fulfil your request. Where necessary, we will ask for permission to process data and your consent is requested when we ask for your data.
A special note about the sensitive information we hold
We may need to ask you to provide us with details of a sensitive nature.
When you share this with us, we usually ask for your explicit consent to process it for these purposes; However, occasionally we may do so without consent where required or permitted to do so by applicable law (e.g. to comply with diversity reporting requirements). Your sensitive information will not be used for any other purpose.
We will not pass on your details to anyone else without your permission except in exceptional circumstances. Examples of this might include posing a threat to others, and sharing other serious issues.
Systems and applications used to process data
We gather information directly from you and via our websites, in person and other technical systems. These may include for example, our:
- Computer networks and connections
- Communications systems
- Email and instant messaging systems
- Intranet and Internet facilities
- Telephones, voicemail, mobile phone records
- Social media platforms
- Face to face customer service
- Other hardware and software owned, used or provided by or on behalf of us.
How do we use personal information?
Audley Foundation processes your information for an identified lawful purpose and most purposes have a legitimate basis. The purpose for processing may be for a statutory or contractual requirement: where this is the case, you have a choice as to whether you provide your information but not doing so may mean that we are unable to provide the service you have requested. On occasion, we may also process information based on your consent, or in someone’s vital interests.
For information on the conditions for processing, please email email@example.com.
Examples of reasons for which we process your information include;
- To provide you with the services you have requested;
- For necessary disclosure (for example, to solicitors, to the police, to the Courts, and to tribunals and enquiries);
- To help ensure safety and security, as well as to prevent and detect crime;
- For fraud prevention; research and analysis, enhancing, modifying or improving our services.
Confidential client-identifiable information is only shared with other organisations where there is a legal basis for it as follows:
- When there is a Court Order or a statutory duty to share client data;
- When there is a statutory power to share client data;
- When the client has given his/her explicit consent to the sharing;
- When the client has implicitly consented to the sharing for direct care purposes.
Who sees your personal information
The personal information we collect about you will be used by our team in The Audley Foundation in the UK so that they can support you and provide the services you request.
The Audley Foundation may share your information with our trusted partners and suppliers, who we instruct to provide The Audley Foundation services to you. These organisations include data processors for storage purposes, administration, data security and management; solicitors; marketing agencies and suppliers; and other representatives.
Where we share your information, it is always carried out under our instruction, and is never for their marketing approaches. We ensure that we perform our due diligence on these third parties which includes storing the data securely and deleting it when it is no longer needed.
We may also disclose your information with law enforcement agencies and regulatory bodies as required by law.