Stifford Centre
Empower people to lead healthy and prosperous lives
Privacy & Cookie Policy
Privacy & Cookie Policy
Stifford Centre is committed to protecting your personal data, whether you are a user, staff, volunteer, visitor or shopper.
Please read this policy carefully to understand how we collect, use and store your personal data.
We take your privacy seriously and are committed to protecting your personal information. We aim to be clear and open about our data and security practices.
Where we ask you to provide us with any information by which you can be identified, you can be assured that it will only be used in accordance with this privacy statement, and in line with the General Data Protection Regulation (GDPR) 2018.
Stifford Centre is a Registered Charity (Charity No. 1140716)
A registered Company Limited by Guarantee (Registration No. 7321910)
The processing of your personal data is carried out by Stifford Centre is registered with the Office of the Information Commissioner.
If you have any questions regarding our privacy policy, please contact:
The Data Protection Officer
Stifford Centre
London
E1 3JG
Telephone: 02077903632
Email: info@stifford.org.uk
Notification of change of privacy & cookie policy
We reserve the right to amend this privacy statement at any time. You are advised to visit this website section periodically in order to keep up to date with the changes in our privacy policy.
Please read this policy carefully to understand how we collect, use and store your personal data.
We take your privacy seriously and are committed to protecting your personal information. We aim to be clear and open about our data and security practices.
Where we ask you to provide us with any information by which you can be identified, you can be assured that it will only be used in accordance with this privacy statement, and in line with the General Data Protection Regulation (GDPR) 2018.
Stifford Centre is a Registered Charity (Charity No. 1140716)
A registered Company Limited by Guarantee (Registration No. 7321910)
The processing of your personal data is carried out by Stifford Centre is registered with the Office of the Information Commissioner.
If you have any questions regarding our privacy policy, please contact:
The Data Protection Officer
Stifford Centre
London
E1 3JG
Telephone: 02077903632
Email: info@stifford.org.uk
Notification of change of privacy & cookie policy
We reserve the right to amend this privacy statement at any time. You are advised to visit this website section periodically in order to keep up to date with the changes in our privacy policy.
CONSENT
By using our website, our social media pages (such as Facebook), subscribing to our services, donating to us and/or shopping online you agree that we can place the types of cookies set out below on your device and use your data in accordance with this policy.
In order to remember that you have accepted our use of cookies, we will place a temporary cookie to remember your consent for 3 months.
PRIVACY POLICY
How do we collect information?
We may collect information about you whenever you interact with us. For example, when you contact Stifford Centre regarding our activities, register as a supporter, send or receive information, engage with our social media or make a donation to us, you may specifically and knowingly provide us with your personal information.
In addition, we collect aggregated or anonymous information about the services you use and how you use them, like when you watch a video on YouTube, visit our website or view and interact with our ads and content.
We may also receive information about you from third parties – for example, where you’ve given them permission to share your information or where we gather information from publicly available sources as discussed below.
What information do we collect?
When you interact with us, we may collect names, addresses, email addresses, telephone numbers, bank account details for setting up a regular direct debit and, where appropriate, dates of birth. We do not use cookies to collect this type of information. All online financial transactions will be encrypted using SSL (Secure Sockets Layer).
By using our website, our social media pages (such as Facebook), subscribing to our services, donating to us and/or shopping online you agree that we can place the types of cookies set out below on your device and use your data in accordance with this policy.
In order to remember that you have accepted our use of cookies, we will place a temporary cookie to remember your consent for 3 months.
PRIVACY POLICY
How do we collect information?
We may collect information about you whenever you interact with us. For example, when you contact Stifford Centre regarding our activities, register as a supporter, send or receive information, engage with our social media or make a donation to us, you may specifically and knowingly provide us with your personal information.
In addition, we collect aggregated or anonymous information about the services you use and how you use them, like when you watch a video on YouTube, visit our website or view and interact with our ads and content.
We may also receive information about you from third parties – for example, where you’ve given them permission to share your information or where we gather information from publicly available sources as discussed below.
What information do we collect?
When you interact with us, we may collect names, addresses, email addresses, telephone numbers, bank account details for setting up a regular direct debit and, where appropriate, dates of birth. We do not use cookies to collect this type of information. All online financial transactions will be encrypted using SSL (Secure Sockets Layer).
How do we use your information?
We may use your information in a number of ways and for a number of purposes including:
⚫ To provide you with information, products or services that you have requested from us or that we feel may be of interest to you where you have consented to being contacted; To provide you with information about our work or our activities where you have agreed to receive communications from us;
⚫ To invite you to participate in interactive features on our website; To process donations we may receive from you;
⚫ To fundraise in accordance with our internal policies and procedures;
⚫ For administrative purposes (for example, we may contact you regarding an event for which you have registered, to provide information requested from us through Supporter Care or with a query regarding a donation you may have made to us);
⚫ For internal record keeping relating to any donations, feedback or complaints;
⚫ To invite you to participate in voluntary surveys or research; To analyse and improve the operation of our website;
⚫ To analyse the personal information we collect about you and use publicly available information to better understand your interests, preferences and level of potential donations so that we can contact you in the most appropriate way and to ensure that we do not send you unwanted communications;
⚫ To tailor advertising that is presented to you on the Internet according to your interests, preferences and other characteristics;
⚫ To direct advertisements and other communications to other people who may have similar interests or other characteristics to yours; To assess your personal information for the purposes of credit risk reduction or fraud prevention; and Where it is required or authorised by law.
We may use your information in a number of ways and for a number of purposes including:
⚫ To provide you with information, products or services that you have requested from us or that we feel may be of interest to you where you have consented to being contacted; To provide you with information about our work or our activities where you have agreed to receive communications from us;
⚫ To invite you to participate in interactive features on our website; To process donations we may receive from you;
⚫ To fundraise in accordance with our internal policies and procedures;
⚫ For administrative purposes (for example, we may contact you regarding an event for which you have registered, to provide information requested from us through Supporter Care or with a query regarding a donation you may have made to us);
⚫ For internal record keeping relating to any donations, feedback or complaints;
⚫ To invite you to participate in voluntary surveys or research; To analyse and improve the operation of our website;
⚫ To analyse the personal information we collect about you and use publicly available information to better understand your interests, preferences and level of potential donations so that we can contact you in the most appropriate way and to ensure that we do not send you unwanted communications;
⚫ To tailor advertising that is presented to you on the Internet according to your interests, preferences and other characteristics;
⚫ To direct advertisements and other communications to other people who may have similar interests or other characteristics to yours; To assess your personal information for the purposes of credit risk reduction or fraud prevention; and Where it is required or authorised by law.
In particular, we may contact you for marketing purposes by email or text message if you have agreed to be contacted in this manner. We may also send you service communications via email or text, for example where you place an order for goods or services on our website, or you have made a donation by text.
If you have provided us with your postal address or telephone number, we may send you information about our work by direct mail or telephone unless you have told us that you would prefer not to receive information in this way.
If you have indicated that you do not wish to be contacted for marketing purposes, we will maintain your details on a suppression list to help ensure that we do not continue to contact you.
How we share our information
We disclose information we collect about you on our site to the following third parties on the understanding that they will keep the information confidential: The organisation, who provides us with guidance on how to improve our website through interpreting anonymised user data on website use. We may also disclose information we collect about you if we are under a duty to disclose or share your personal information to comply with any legal obligation, or to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Stifford, our site users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection. We may transfer information about you to other group companies for purposes connected with your employment or the management of the organisation’s business. In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our legal or contractual requirements. There are currently no plans for this. We do not employ automated decision-making processes. Your personal data will be stored for a maximum period of 10 years, though in some cases a particular funder (in particular the European Union) may typically require us to hold this data for up to fifteen years and on rare occasions longer. Some of our funders require us to keep data relating to your racial or ethnic origin, religious and philosophical beliefs, sexual orientation and other equalities data. You will always have the option not to provide this if you do not wish to do so. If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information about that purpose and any other relevant information.
Where information is stored
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Specifically:
Emails are stored in secure Office 365 mail servers
Cookies are stored in your browser Google Analytics data is saved in Google’s servers
All other data is stored, managed and used in Stifford Centre’s internal secure server.
We do not store personal identifiable information (name, address, date of birth, phone number, email address etc) outside of the European Economic Area (“EEA”), although anonymised user data will be stored on Google’s servers which may be outside of the EEA.
How will we disclose the information we have collected to outside parties?
Stifford Centre may provide your information to our service providers. Subject to your communication preferences and our internal policies and procedures, this would include providing your information to third parties that work with us to deliver on our charitable purposes, and other entities that act as fundraisers for Stifford Centre, sell Stifford Centre products or provide Stifford Centre information and marketing. Where you have agreed to receive email marketing communications from us, we may provide your email address to social media or similar companies in an encrypted format in order to tailor relevant advertising to you on those social media platforms and other websites, as well as identify audiences with interests similar to yours.
We enter into contracts with all of these service providers that require them to comply with data protection laws and to ensure that they have appropriate controls in place to protect the security of your information.
We will never sell your details and will only share your details with third parties (who are not service providers working at our direction) if you ask us to.
We will not make cold telephone calls to members of the general public; therefore, we will not purchase your data in order to do so.
We may disclose your personal information if we are requested or required to do so by a regulator or law enforcement or in order to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect Stifford Centre, for example in cases of suspected fraud or defamation, or in order to comply with any other applicable legal obligation.
How we protect your personal information?
We take appropriate physical, electronic and managerial measures to ensure that we keep your information secure, accurate and up to date, and that we only keep it as long as is reasonable and necessary.
Although we use appropriate security measures once we have received your personal information, the transmission of information over the internet is never completely secure. We do our best to protect personal information, but we cannot guarantee the security of information transmitted to our website, so any transmission is at the user’s own risk. However, any payment card details (such as credit or debit cards) we receive on our website are passed securely to our payment processing provider according to the Payment Card Industry Security Standards.
Job and volunteer applicants and current and former employees
If you apply to work at the Stifford Centre, we will only use the information you give us to process your application and to monitor recruitment statistics. If we want to disclose information to someone outside the Stifford Centre – for example, if we need a reference, plan to use an external supplier to run background checks or need to get a ‘disclosure’ from the Disclosure and Barring Service (DBS) – we will make sure we tell you beforehand, unless we are required to disclose this information by law.
If you are unsuccessful in your job application, we will hold your personal information for 6 months after we’ve finished recruiting the post you applied for. After this date we will destroy or delete your information.
If you begin employment with us, we will put together a file about your employment. We keep the information in this file secure, and will only use it for matters that apply directly to your employment.
Once you stop working for us, we will keep this file according to our record retention guidelines. You can contact us to find out more about this.
If you apply for a job or volunteering opportunity we will also collect information so we can assess your suitability for the role.
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Specifically:
Emails are stored in secure Office 365 mail servers
Cookies are stored in your browser Google Analytics data is saved in Google’s servers
All other data is stored, managed and used in Stifford Centre’s internal secure server.
We do not store personal identifiable information (name, address, date of birth, phone number, email address etc) outside of the European Economic Area (“EEA”), although anonymised user data will be stored on Google’s servers which may be outside of the EEA.
How will we disclose the information we have collected to outside parties?
Stifford Centre may provide your information to our service providers. Subject to your communication preferences and our internal policies and procedures, this would include providing your information to third parties that work with us to deliver on our charitable purposes, and other entities that act as fundraisers for Stifford Centre, sell Stifford Centre products or provide Stifford Centre information and marketing. Where you have agreed to receive email marketing communications from us, we may provide your email address to social media or similar companies in an encrypted format in order to tailor relevant advertising to you on those social media platforms and other websites, as well as identify audiences with interests similar to yours.
We enter into contracts with all of these service providers that require them to comply with data protection laws and to ensure that they have appropriate controls in place to protect the security of your information.
We will never sell your details and will only share your details with third parties (who are not service providers working at our direction) if you ask us to.
We will not make cold telephone calls to members of the general public; therefore, we will not purchase your data in order to do so.
We may disclose your personal information if we are requested or required to do so by a regulator or law enforcement or in order to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect Stifford Centre, for example in cases of suspected fraud or defamation, or in order to comply with any other applicable legal obligation.
How we protect your personal information?
We take appropriate physical, electronic and managerial measures to ensure that we keep your information secure, accurate and up to date, and that we only keep it as long as is reasonable and necessary.
Although we use appropriate security measures once we have received your personal information, the transmission of information over the internet is never completely secure. We do our best to protect personal information, but we cannot guarantee the security of information transmitted to our website, so any transmission is at the user’s own risk. However, any payment card details (such as credit or debit cards) we receive on our website are passed securely to our payment processing provider according to the Payment Card Industry Security Standards.
Job and volunteer applicants and current and former employees
If you apply to work at the Stifford Centre, we will only use the information you give us to process your application and to monitor recruitment statistics. If we want to disclose information to someone outside the Stifford Centre – for example, if we need a reference, plan to use an external supplier to run background checks or need to get a ‘disclosure’ from the Disclosure and Barring Service (DBS) – we will make sure we tell you beforehand, unless we are required to disclose this information by law.
If you are unsuccessful in your job application, we will hold your personal information for 6 months after we’ve finished recruiting the post you applied for. After this date we will destroy or delete your information.
If you begin employment with us, we will put together a file about your employment. We keep the information in this file secure, and will only use it for matters that apply directly to your employment.
Once you stop working for us, we will keep this file according to our record retention guidelines. You can contact us to find out more about this.
If you apply for a job or volunteering opportunity we will also collect information so we can assess your suitability for the role.
Your credit or debit card information
If you use your credit or debit card to donate to us, buy something or make a booking online, we pass your card details securely to our payment processing partner as part of the payment process. We do this in accordance with the Payment Card Industry Security Standard and don’t store the details on our website or databases.
Can you gain access to your personal information?
You may request a copy of the personal information relating to you which is kept on file by Stifford Centre (for which we may charge a small fee) by contacting the Stifford Centre.
Children’s data
When you register with us, you are stating that you are 18 years of age or over, or are a minor acting with parental consent. You agree that any information you provide to us about yourself upon registration or at any time is true. See Terms and Conditions for more information.
Confidentiality
We cannot be held responsible for the privacy of data collected by websites not owned or managed by Stifford Centre, including those linked through our website.
Emails terms of use
Emails aren’t always secure, and they may be intercepted or changed after they’ve been sent. Stifford Centre doesn’t accept liability if this happens. The contents of emails reflect their author’s views and not necessarily those of Stifford Centre.
The information in emails is confidential, so if you’ve received one by mistake, please delete it without copying, using, or telling anyone about its contents.
Your rights
Under the EU General Data Protection Regulation (GDPR) you have a number of rights with regard to personal data. You have the right to: (1) request access to your personal data; (2) request that we rectify any errors in your personal data; (3) request erasure of your personal data; (4) request that we restrict processing of your personal data; (5) object to our processing your personal data; and, (6) request that we provide your personal data to you in a portable format.
If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
You have the right to register a complaint to the Information Commissioners’ Office (ICO) if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.
If you use your credit or debit card to donate to us, buy something or make a booking online, we pass your card details securely to our payment processing partner as part of the payment process. We do this in accordance with the Payment Card Industry Security Standard and don’t store the details on our website or databases.
Can you gain access to your personal information?
You may request a copy of the personal information relating to you which is kept on file by Stifford Centre (for which we may charge a small fee) by contacting the Stifford Centre.
Children’s data
When you register with us, you are stating that you are 18 years of age or over, or are a minor acting with parental consent. You agree that any information you provide to us about yourself upon registration or at any time is true. See Terms and Conditions for more information.
Confidentiality
We cannot be held responsible for the privacy of data collected by websites not owned or managed by Stifford Centre, including those linked through our website.
Emails terms of use
Emails aren’t always secure, and they may be intercepted or changed after they’ve been sent. Stifford Centre doesn’t accept liability if this happens. The contents of emails reflect their author’s views and not necessarily those of Stifford Centre.
The information in emails is confidential, so if you’ve received one by mistake, please delete it without copying, using, or telling anyone about its contents.
Your rights
Under the EU General Data Protection Regulation (GDPR) you have a number of rights with regard to personal data. You have the right to: (1) request access to your personal data; (2) request that we rectify any errors in your personal data; (3) request erasure of your personal data; (4) request that we restrict processing of your personal data; (5) object to our processing your personal data; and, (6) request that we provide your personal data to you in a portable format.
If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
You have the right to register a complaint to the Information Commissioners’ Office (ICO) if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.
Identity and contact details of the Controller
Stifford Centre s the Data Controller and Processor of data for the purposes of the EU General Data Protection Regulation and the Data Protection Bill.
Identity and contact details of the Data Protection Officer If you need further assistance or would like to make a comment, you can contact our Data Protection Officer: Email: info@stifford.org.uk Post: 2-6 Cressy Place, London, E1 3JG COOKIE POLICY
Stifford Centre s the Data Controller and Processor of data for the purposes of the EU General Data Protection Regulation and the Data Protection Bill.
Identity and contact details of the Data Protection Officer If you need further assistance or would like to make a comment, you can contact our Data Protection Officer: Email: info@stifford.org.uk Post: 2-6 Cressy Place, London, E1 3JG COOKIE POLICY
What are cookies?
Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device.
You can find more information about cookies at: www.allaboutcookies.org
Do we use cookies?
Yes.
Types of cookies
There are two broad types of cookies – ‘first party cookies’ and ‘third party cookies’:
First party cookies are cookies that are served directly by the website operator to your computer, and are often used to recognise your computer when it revisits that site and to remember your preferences as you browse the site. Basically, these are our cookies.
Third party cookies are served by a service provider on behalf of the website operator, and can be used by the service provider to recognise your computer when you visit other web sites. Third party cookies are most commonly used for web site analytics or advertising purposes.
In addition, cookies may be either ‘session cookies’ or ‘persistent cookies’. Your computer automatically removes session cookies once you close your browser. Persistent cookies will survive on your computer until an expiry date specified in the cookie itself, is reached. We use both session and persistent cookies.
Categories of cookies we use Strictly necessary cookies: These cookies are essential for the user to move around the website and to use its features, e.g. shopping baskets and e-billing.
Performance cookies: These cookies collect information about how the user makes use of the site, e.g. which pages the user visits most. These cookies do not collect information that identifies the user.
Functionality cookies: These cookies remember choices made by the user and enhance the features, e.g. language or users location. This cookie is also used to remember a user’s preferences for a font size, or customisable parts of a web page. Targeting or advertising cookies: These cookies collect information about the users’ browsing habits. This may also include your use of social media sites, e.g. Facebook, etc. or how you interact with our website which then shows you relevant content elsewhere on the internet. NB. These may also be used to remarket to you in limited circumstances.
Google Analytics: Google Analytics generates detailed statistics about visitors to a website for marketing purposes. Google Analytics can track users across search engines, email campaigns and display advertising giving advertisers the opportunity to optimise campaigns on multiple platforms.
Data Collected: Anonymous (ad serving domains, browser type, demographics, language settings, page views, time/date), Pseudonymous (IP address).
Data sharing: Google stores the information collected by these cookies on servers in the United States and may transfer anonymous data to third-parties.
For more information please see Google’s Privacy Policy.
Our website also collects anonymised data from our visitors’ browsers for each session to help reduce load times in case the user continuously revisits and re-uses our website.
What information do we collect?
We may collect some, or all, of this information when you visit our website, depending on how you use it. We monitor how people use our website so we can improve it. We collect this information anonymously.
However, you can use our website anonymously without giving us any information. If you visit our website, we may record information about including (but not limited to):
the areas of the website you visit the amount of time you spend on the site
whether you are new to the site, or have visited it before how you came to our website – for example, through an email link or a search engine the type of device and browser you use.
how you use the website and the quality of your experience – for example we may track your bandwidth when viewing videos.
Links to other websites Our website contains links to other websites of interest (e.g. our funders, partners and membership organisations).
Please note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. Please make sure you review the privacy statement applicable to that website.
You can find more information about cookies at: www.allaboutcookies.org
Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device.
You can find more information about cookies at: www.allaboutcookies.org
Do we use cookies?
Yes.
Types of cookies
There are two broad types of cookies – ‘first party cookies’ and ‘third party cookies’:
First party cookies are cookies that are served directly by the website operator to your computer, and are often used to recognise your computer when it revisits that site and to remember your preferences as you browse the site. Basically, these are our cookies.
Third party cookies are served by a service provider on behalf of the website operator, and can be used by the service provider to recognise your computer when you visit other web sites. Third party cookies are most commonly used for web site analytics or advertising purposes.
In addition, cookies may be either ‘session cookies’ or ‘persistent cookies’. Your computer automatically removes session cookies once you close your browser. Persistent cookies will survive on your computer until an expiry date specified in the cookie itself, is reached. We use both session and persistent cookies.
Categories of cookies we use Strictly necessary cookies: These cookies are essential for the user to move around the website and to use its features, e.g. shopping baskets and e-billing.
Performance cookies: These cookies collect information about how the user makes use of the site, e.g. which pages the user visits most. These cookies do not collect information that identifies the user.
Functionality cookies: These cookies remember choices made by the user and enhance the features, e.g. language or users location. This cookie is also used to remember a user’s preferences for a font size, or customisable parts of a web page. Targeting or advertising cookies: These cookies collect information about the users’ browsing habits. This may also include your use of social media sites, e.g. Facebook, etc. or how you interact with our website which then shows you relevant content elsewhere on the internet. NB. These may also be used to remarket to you in limited circumstances.
Google Analytics: Google Analytics generates detailed statistics about visitors to a website for marketing purposes. Google Analytics can track users across search engines, email campaigns and display advertising giving advertisers the opportunity to optimise campaigns on multiple platforms.
Data Collected: Anonymous (ad serving domains, browser type, demographics, language settings, page views, time/date), Pseudonymous (IP address).
Data sharing: Google stores the information collected by these cookies on servers in the United States and may transfer anonymous data to third-parties.
For more information please see Google’s Privacy Policy.
Our website also collects anonymised data from our visitors’ browsers for each session to help reduce load times in case the user continuously revisits and re-uses our website.
What information do we collect?
We may collect some, or all, of this information when you visit our website, depending on how you use it. We monitor how people use our website so we can improve it. We collect this information anonymously.
However, you can use our website anonymously without giving us any information. If you visit our website, we may record information about including (but not limited to):
the areas of the website you visit the amount of time you spend on the site
whether you are new to the site, or have visited it before how you came to our website – for example, through an email link or a search engine the type of device and browser you use.
how you use the website and the quality of your experience – for example we may track your bandwidth when viewing videos.
Links to other websites Our website contains links to other websites of interest (e.g. our funders, partners and membership organisations).
Please note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. Please make sure you review the privacy statement applicable to that website.
You can find more information about cookies at: www.allaboutcookies.org