QEST is committed to protecting and respecting your privacy.
For the purposes of the General Data Protection Regulations (GDPR) and any subsequent UK legislation covering data protection the Data Controller is QEST, a company limited by guarantee registered in England and Wales, registered company number: 08339899; and a charity registered in England and Wales, registered charity number: 1152032.
This Policy sets out why we collect personal information about individuals and how we use that information. It explains the legal basis for this and the rights you have over the way your information is used.
This Policy covers QEST in relation to the collection and use of the information you give us. We may change this Policy from time to time. If we make any significant changes we will advertise this on the website or contact you directly with the information. Please check this page occasionally to make sure you are happy with any changes.
If you have any questions about this Policy or concerning your personal information please contact Deborah Pocock at firstname.lastname@example.org
What type of personal information we collect
We will collect personal information from you when you or your organisation enquire about our activities, make a donation, apply for a Scholarship or Apprenticeship, subscribe to our newsletter or magazine or any other of our services, interact with us on social media or otherwise provide us with personal information. This may include your name, title, email address, physical address, telephone numbers and job title. We may also ask for some additional, non-personally identifiable information.
If you are a grant applicant the information you are asked to provide is as set out in the application and necessary for the purposes of our considering the application.
We may review publicly available information about an individual for research purposes and to help us gain a better understanding about our supporters. This may include information such as financial interactions, the area where you live or people like you, so we can better inform how we talk to you about our work and also ensure we ask you for an appropriate level of support. We believe this enables us to offer you more appropriate communications, but you can opt out of this activity at any time. To do so, please email email@example.com.
How we collect information
We may collect information from you whenever you contact us or have any involvement with us for example when you:
- visit our website (see below re cookies)
- donate to us
- enquire about our activities or services
- sign up to receive news about our activities
- create or update a profile
- post content onto our website/social media sites
- attend a meeting with us and provide us with information
- take part in our events
- contact us in any way including online, email, phone, SMS, social media or post
Where we collect information from
We collect information:
- From you when you give it to us directly: You may provide your details when you ask us for information or make a donation, attend our events contact us for any other reason.
- When it is in available on social media: Depending on your settings or the privacy policies applying for social media and messaging services you use, like Facebook, Instagram, LinkedIn or Twitter, you might give us permission to access information from those accounts or services.
How we use your information
We will use your personal information in a number of ways which reflect the legal basis applying to the processing of your data. These may include:
- providing you with the information or services you have asked for
- processing donations you make, including processing for Gift Aid purposes
- sending you communications with your consent that may be of interest including information about our events and opportunities; and other fundraising activities for which we seek support
- when necessary for carrying out your obligations under any contract between us
- seeking your views on the services or activities we carry on so that we can make improvements
- maintaining our organisational records and ensuring we know how you prefer to be contacted
- analysing the operation of our website and analysing your website behaviour to improve the website and its usefulness
- processing grant or job applications
Our legal basis for processing your information
The use of your information for the purposes set out above is lawful because one or more of the following applies:
- Where you have provided information to us for the purposes of requesting information or requesting that we carry out a service for you, we will proceed on the basis that you have given consent to us using the information for that purpose, based on the way that you provided the information to us. You may withdraw consent at any time by emailing us at firstname.lastname@example.org. This will not affect the lawfulness of processing of your information prior to your withdrawal of consent being received and actioned.
- It is necessary for us to hold and use your information so that we can carry out our obligations under a contract entered into with you or to take steps you ask us to prior to entering into a contract.
- Where the purpose of our processing is the provision of information or services to you, we may also rely on the fact that it is necessary for your legitimate interests that we provide the information or service requested, and given that you have made the request, would presume that there is no prejudice to you in our fulfilling your request.
How we keep your information safe
- We understand the importance of security of your personal information and take appropriate steps to safeguard it (encryption where appropriate, in particular for financial or sensitive personal information).
- We always ensure only authorised persons have access to your information, which means only our staff and some contractors (eg website maintenance and for our magazine); and that everyone who has access is appropriately trained to manage your information.
- No data transmission over the internet can however be guaranteed to be 100% secure. So while we strive to safeguard your information, we cannot guarantee the security of any information you provide online and you do this at your own risk.
Who has access to your information?
- Third parties who provide services for us. We select our third party service providers with care. We provide these third parties with the information that is necessary to provide the service and we will have an agreement in place that requires them to operate with the same care over data protection as we do.
- Third parties if we run an event in conjunction with them. We will let you know how your data is used when you register for any event.
- Analytics and search engine providers that help us to improve our website and its use.
- We may also disclose your personal information if we are required to do so under any legal obligation and may use external data for the purposes of fraud prevention and credit risk reduction, or where doing so would not infringe your rights, but is necessary and in the public interest.
- Other than this, we will not share your information with other organisations without your consent.
Keeping your information up to date
We really appreciate it if you let us know if your contact details change. You can do so by contacting us at email@example.com
Our use of “cookies”
“Cookies” are small pieces of information sent by a web server to a web browser, which enable the server to collect information from the browser. They are stored on your hard drive to allow our website to recognise you when you visit.
How long we keep your information for
We will hold your personal information for as long as it is necessary for the relevant activity. By way of example, we hold records of donations for at least six years so we can fulfil our statutory obligations for tax purposes.
You have the following rights:
- the right to request rectification of information that is inaccurate or out of date
- the right to erasure of your information (known as the “right to be forgotten”)
- the right to restrict the way in which we are dealing with and using your information; and
- the right to request that your information be provided to you in a format that is secure and suitable for re-use (known as the “right to portability”)
If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here.
This Policy may be changed from time to time. If we make any significant changes we will advertise this on our website or contact you directly with the information.
Do please check this Policy each time you consider giving your personal information to us.
This document was last updated on 24 May 2018