Our commitment to your privacy:
Personal information we collect
We collect personal information from you in various ways, for example:
• If you supply personal information about yourself when using this website;
• When you supply personal detail in the course of registering support
• When you make a donation through our website or any third-party fundraising partner, PayPal – www.paypal.com, in which PayPal will provide us with information. See also section headed Third Party Platforms below;
• When you sign-up to receive newsletters or email notifications from us;
• If you contact the drop4drop team directly via the Website or e-mail.
• The type of personal information we collect includes your name, email address, home (or work) address, phone number and other personal details which you may choose to provide.
• Any credit card or debit card data you provide is securely handled by our third-party payment processors as we use from time to time. We never have access to, or store, your payment details.
Use of personal data
We may use your Personal Data about you for the following purposes:
• By registering on the mailing list, the User’s email address will be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning drop4drop.
• Email addresses are stored and managed by third party provider MailChimp (The Rocket Science Group, LLC). This type of service makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User. These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.
• Fundraising or direct marketing purposes. Only where you have expressly consented to us doing so in accordance with applicable law, we may contact you for these purposes by email;
• Administering any on-going donations or support you provide;
• Providing you with news about us or any projects, campaigns or events that we may be involved in;
We may also contact you for other purposes that you consent to from time to time.
We aim to collect and process your Personal Data in accordance with applicable laws that regulate data protection and privacy. This includes but is not limited to national laws implementing the EU Data Protection Directive (95/46/EC), which will be replaced on 25 May 2018 by the General Data Protection Regulation (2016/679).
Disclosing personal data to third parties
We have also contracted with a third-party platform provider, Salesforce.com, Inc (‘Salesforce’) to manage our customer relationship management (‘CRM’). This means that your Personal Data may be hosted by Salesforce. Salesforce is signed up to the EU-US Privacy Shield Framework which means that they are committed to protecting personal data to standards that meet those applicable legal standards in the UK and EU. For more information about their respective privacy policies, please see:
• Salesforce: http://www.salesforce.com/company/privacy/
You should be aware that, in general, legal protection for personal data under applicable law in the United States (and other non-EU countries) may not be equivalent to the protection provided in the European Union and/or under UK law. In all cases, Personal Data you provide will only be disclosed to staff, volunteers and contractors who share our commitment to treating Personal Data responsibly and we always aim to make sure your Personal Data is treated to the same security standards you would expect in the United Kingdom.
Your access rights
In accordance with your legal rights under applicable law, you can request to receive information regarding the Personal Data that we collect about you; what we use that Personal Data for and who it may be disclosed to. Please write to our UK team @ email@example.com. Where applicable law allows, we may require further information to verify your identity or locate the specific information you seek before we can respond in full.
Security to protect personal data
We employ appropriate technical and organisational security measures to protect Personal Data from being accessed by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. We also endeavour to take all reasonable steps to protect Personal Data from external threats. However, please be aware that there are always inherent risks in sending information by public networks or using public computers and we cannot 100% guarantee the security of all data disclosed or transmitted to us.
We will make any legally-required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored Personal Information to you via email in the most expedient time possible and without unreasonable delay.
We will retain certain Personal Data in respect of financial transactions for at least as long as the law requires us to for tax or accounting purposes. In respect of the holding of Personal Data for fundraising or direct marketing purposes, we will retain this data for a limited period in line with recommendations of the ICO and other competent regulatory authorities.
Third party platforms
If you have further queries or requests relating to how we use Personal Data, please contact the UK team at firstname.lastname@example.org If you are not satisfied with our response or believe we are processing your Personal Data not in accordance with applicable law you can complain to the ICO.
Latest update: 23rd May 2018