Friends of the River Kelvin (SCIO) SC49907 (referred to in this Policy as ‘we’, ‘us’ and ‘our’) collect and process personal information shared by our Members, users of our services and visitors to our website (referred to in this Policy as ‘you’ and ‘your’).
We take seriously and respect the privacy, confidentiality, security and safety of your personal information. We aim to sustain your trust and confidence.
Friends of the River Kelvin (SCIO) is a charity registered in Scotland with the Office of the Scottish Charity Regulator (OSCR). We are regulated by The EU General Data Protection Regulation (referred to in this Policy as ‘GDPR’).
Your Personal Information
When you access our services we will collect, store, process and use the personal information you choose to provide us with. You may provide this:
We do this in compliance with GDPR.
The information you provide can include your name, email address, address and other personal information that identifies you. We will not collect any personal information from you which we do not need.
All your personal information will be treated as private and confidential and will be stored securely and safely by us on our servers within the UK and using third party data processors such as Mailchimp.
Your personal information will be accessed and used only by our Trustees, staff, contractors and volunteers for the purpose(s) we agree with you and for the stated period. Unless we hear to the contrary, your personal information will be deleted at the end of this period.
Our Trustees, staff, contractors and volunteers follow policies and procedures to ensure we protect the privacy, confidentiality, security and safety of your personal information when we collect and process it, to prevent its loss, misuse, unauthorised access, disclosure, alteration or destruction.
Collecting and Using Your Personal Information
In addition to the specifics outlined below of how we collect and use your personal information for your chosen service(s), we will use your personal information to:
a) contact you if we need to obtain additional personal information or permissions from you
b) check our records of your personal information are accurate and up to date
c) check you are happy, satisfied and still wish to receive the service(s) you have chosen
Friends of the River Kelvin (SCIO) will issue an occasional Newsletter with news about us and our opportunities, events and activities including fundraising activities, etc. that we believe are of relevance to you and in line with our charitable aims.
If you consent to receive our Newsletter we will collect personal information from you and use it for the purpose of sending you our Newsletter only.
You can unsubscribe from our Newsletter at any time by clicking the unsubscribe link in the footer of any of our Newsletters or by emailing email@example.com.
Photographs and Film
We will ask your permission before taking photographs of or filming members, Trustees, volunteers or members of the public at FORK activity. We will be clear about how we intend to use the photographs or film footage (e.g. online, in print, in press / marketing communications). You have the right to refuse to be photographed or filmed and to change your mind about an image or film footage in which you feature being used for any of the stated purposes at any time as per section 6. of this Policy.
Friends of the River Kelvin (SCIO) is a membership organisation.
On applying to become a member, you agree to us collecting and using your personal information for the purpose of communicating Membership matters, updates, news and opportunities with you, collect membership fees and share with OSCR, as required by law, and share with other Members, as per our Constitution. Further details are provided on the Membership pages of our website.
Please note, being a member of Friends of the River Kelvin (SCIO) does not automatically subscribe you to our Newsletter. You will need to subscribe to this independently.
We use WooCommerce Payments built in partnership with Stripe, a third-party payment processing platform, to manage payment of Membership Fees. If your membership application is successful, you agree to use WooCommerce Payments and Stripe to set up payment of your annual standing order of your Membership fee. Some of your data will be passed by WooCommerce Payments to Stripe, including information required to process or support the payment, such as the purchase total and your billing information. You can read WooCommerce Payment’s Terms of Service and Stripe’s End User Terms of Service.
Friends of the River Kelvin (SCIO) is run by a Board of voluntary Charity Trustees.
On applying to become a Trustee, you agree to us collecting and using your personal information to share with the Board for administrative and voting purposes.
If your application is successful, as a Board Member you agree to us using your personal information to hold on our database of Trustees, for the purposes of managing Board membership and communicating with you about Board, Constitutional and operational matters, and to our sharing information about you with OSCR. Further details are provided in our Board Membership application and Trustee onboarding documents which can be requested from firstname.lastname@example.org.
If your Board Membership application is unsuccessful, we will destroy your Board Membership application and the personal data it contains.
As a charity, Friends of the River Kelvin (SCIO) rely on donations and support from others to continue our work.
If you make a donation or leave a legacy to us, you agree to our holding and using your personal information for the purposes of managing our financial records.
We use WooCommerce Payments built in partnership with Stripe, a third-party payment processing platform, to manage donations. You agree to use WooCommerce Payments and Stripe to donate. Some of your data will be passed by WooCommerce Payments to Stripe, including information required to process or support the payment, such as the purchase total and your billing information. You can read WooCommerce Payment’s Terms of Service and Stripe’s End User Terms of Service.
Friends of the River Kelvin (SCIO) receive enquiries from individuals, organisations and groups by email and a Google Enquiry form on our website. You can read Google’s overview of privacy and safeguarding data.
If you contact us we will collect personal information from you and use it for the purpose of contacting you to respond to your enquiry only.
We may aggregate and anonymise personal data so that it can no longer be linked to any particular person. This information can be used for a variety of purposes, such as recruiting new supporters, or to identify trends or patterns within our existing supporter base. We might use this for reports or for measuring impact. This type of information can help us apply for funding. This information helps inform our actions and improve our campaigns, products / services and materials.
Please note, anonymised information cannot be accessed, corrected, updated or deleted.
Friends of the River Kelvin (SCIO) deliver events to support and sustain our aims and ambitions.
Whether booking in advance of an event or attending on the day, we will ask you to complete a form that clearly states the personal information we will collect from you, for what purpose, how we will use it, how long for and request your clear and affirmative consent to share it with us. We use third-party processors, such as Eventbrite and Google Forms for event registration, who have their own Privacy Policies.
Sometimes we run events in partnership with other groups, charities or businesses. We will always clearly state who our partner organisation(s) is. In the instance our partner organisation(s) wish to collect your personal information, they will request your clear and affirmative consent to share it with them directly.
Please note, signing up to or attending one of our events does not automatically subscribe you to our Newsletter. You will need to subscribe to this independently.
When users visit our website we use Google Analytics, a third-party provider, to collect standard internet log information and behaviour patterns of visitors. We do this to find out things like how many visitors we get to various web pages. This information is processed anonymously. We do not make, and do not allow Google to make, any attempt to find out the identities of visitors to our website.
You can read Google’s overview of privacy and safeguarding data.
Users under the age of 16
If you are under 16, please ensure you obtain your parent / guardian’s permission before sending any personal information to any website or Friends of the River Kelvin (SCIO).
We will not knowingly accept online donations or orders for goods from persons under the age of 16.
How long we store information
We regularly and continually review the records and information we hold and delete what is no longer required, depending on the information you originally provided, and why you gave it to us. At the end of the stated time periods below, we will remove any personal details of you from our records.
You can unsubscribe from our Newsletter at any time by clicking the unsubscribe link in the footer of any of our Newsletters or by emailing email@example.com. If you request we unsubscribe you from the Newsletter, we will delete your personal information from Mailchimp within 30 days from the date you informed us you no longer wish to receive the Newsletter.
If you no longer wish to be a Friends of the River Kelvin (SCIO) Member you can contact us or write to firstname.lastname@example.org to let us know. We are required by OSCR to retain your information, including your personal information, on Friends of the River Kelvin’s (SCIO) Members Register for six years from the date you ceased to be a member.
If you cease to be a Trustee and continue to be a Friends of the River Kelvin (SCIO) Member we will retain your information, including your personal information, for the period stated in Membership above.
Information, including personal information, about donations will be kept for seven years after you last made a donation to us. This ensures that we keep the information we need for any financial audit (including Gift Aid audits).
Information, including personal information, about legacies will be kept for 10 years after your legacy case is closed. This ensures we have the records we need to administer any legacy gifts in the way you want.
We will retain anonymised data for the period required to undertake the identified task (e.g. recruiting new members, identifying trends, applying for funding) and delete 6 years from the end date of the task or during a regular review of our records, whichever is sooner.
We will delete the information, including personal information, about event attendees one year after the date of the event or the last date of the event in a series.
Accessing, Correcting, Updating and Deleting Your Personal Information
Under GDPR you have the right to contact us to access (also known as a ‘Data Subject Access Request’), correct, update or delete the personal information we hold about you. To do this, please email your request to the Secretary, Helen Voce email@example.com.
On receipt of a reasonable request from you to access the personal information we hold about you, we will provide you with a copy within 30 days free of charge. If we believe a request from you is unreasonable (e.g. it is a repeat request or for a large amount of personal information), we will explain why we are unable to respond as per your request, what we can reasonably provide, or why we will apply a reasonable charge.
On receipt of a request from you to correct or update the personal information we hold about you, we will carry out your requested corrections or updates within 30 days, and will let you know when we have done so. If we disagree with your request we will contact you and explain why.
On receipt of a request from you to delete personal information we hold about you, we will assess if we are required to hold this personal information for the duration of the reasonable period for the purpose we originally agreed with you. If we do not need to hold your personal information we will delete it within 30 days, and will let you know when we have done so. If we are required to hold your personal information beyond your request we will contact you and explain why.
Compromise or Breach of Security
Unfortunately compromises or breaches of security can and do happen. Unauthorised entry, hardware or software failure, and other factors may compromise or breach the security of the personal information we hold about you at any time. If we become aware of such an incident, we will document it and inform the ICO (Information Commissioner’s Office) within three days of becoming aware of the incident. If appropriate we will inform individuals directly affected immediately.
Sharing and Disclosing Your Personal Information
Unless specifically stated and actively opted into by you, we do not share your personal information with others.
We may disclose information about you to law enforcement officials in the investigation of any alleged unlawful activities by you. We may also be required to disclose information to a court or regulatory body when required to do so by law.
If you are dissatisfied with our use of your personal data, you can complain by email to the Secretary, Helen Voce firstname.lastname@example.org.
If you are not happy with our response or consider that your data protection or privacy rights have been infringed, you can complain to the ICO.
Who to Contact