The Trimontium Trust promises to respect any personal data you share with us, or that we get from other organisations and keep it safe. We aim to be clear when we collect your data and not do anything you wouldn’t reasonably expect.
Developing a better understanding of our supporters through their personal data allows us to make better decisions, fundraise more efficiently and, ultimately, helps us to deliver our charitable mission. With the introduction of new General Data Protection Rules in May 2018, we will be moving to be an ‘opt-in only’ communication policy. This means that we will only send marketing, membership and fundraising communications to those that have explicitly stated that they are happy for us to do so via their preferred channel(s) (email, SMS, phone or post).
Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).
Who are we?
The Trimontium Trust is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.
What Personal Data do we Collect and How do we Use it?
The Trimontium Trust complies with its obligations under [the GDPR] by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
The type and quantity of information we collect and how we use it depends on why you are providing it. If you support us, for example make a donation, volunteer, register to fundraise or sign up for an event we will usually collect:
- Your name
- Your contact details
- Possibly Your date of birth
- Your bank or credit card details.
Where it is appropriate we may also ask for:
- Why you have decided to donate to us. We will never make this question mandatory, and only want to know the answer if you are comfortable telling us.
We will mainly use your data to:
- Provide you with the services, products or information you asked for
- Administer your donation or support your fundraising, including processing gift aid
- Keep a record of your relationship with us
- Ensure we know how you prefer to be contacted
- Understand how we can improve our services, products or information.
We may also use your personal information to detect and reduce fraud and credit risk.
With your consent, we will contact you to let you know about the progress we are making and to ask for donations or other support. Occasionally, we may include information from partner organisations or organisations who support us in these communications. We make it easy for you to tell us how you want us to communicate, in a way that suits you. Our forms have clear marketing preference questions and we include information on how to opt out when we send you marketing. If you don’t want to hear from us, that’s fine. Just let us know when you provide your data.
We do not sell or share personal details to third parties for the purposes of marketing. But, if we run an event in partnership with another named organisation your details may need to be shared. We will be very clear what will happen to your data when you register.
We sometimes collect and manage information from children and aim to manage it in a way which is appropriate to the age of the child. Information is usually collected when children attend our events or fundraise for us. Where possible and appropriate we will seek consent from a parent or guardian before collecting information about children. Our events have specific rules about whether children can participate, and we‘ll make sure advertising for those events is age appropriate.
Our processing also includes the use of CCTV systems for the prevention of crime
How we keep your data safe and who has access
We ensure that there are appropriate technical controls in place to protect your personal details and all your data is held securely physically and digitally. We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors.
We may need to disclose your details if required to the police, regulatory bodies or legal advisors.
We will only ever share your data in other circumstances if we have your explicit and informed consent.
How long do we keep your personal data
We keep your personal data for no longer than reasonably necessary for a period of seven years in case of any legal claims/complaints; for safeguarding purposes and in accordance with our financial obligations.
Your rights and your personal data
You have a right to ask us to stop processing your personal data, and if it’s not necessary for the purpose you provided it to us for (e.g. processing your donation or registering you for an event) we will do so.
You have a right to ask for a copy of the information we hold about you, although we may charge a small fee to cover the costs involved. If there are any discrepancies in the information we provide, please let us know and we will correct them.
If you want to access your information, send a description of the information you want to see and proof of your identity by post to us as detailed below under contact details.
If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will contact you prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
To exercise all relevant rights, queries of complaints please in the first instance contact the Trimontium Trust at:
The Trimontium Trust
C/o The Ormiston Institute
You can contact the Information Commissioners Office at:
Scottish Information Commissioner
St Andrews, Fife
Tel: 01334 464610