This privacy notice was published on 25th May 2018 and provides you with details of how we collect and process your personal data. It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes using the contact details below and we will update our records.
We may change this privacy notice from time to time and you should check them to ensure you are happy with any changes.
Who are we?
The Amelia-Grace Rainbow Fund (also known as Amelia’s Rainbow) is a charity registered in England and Wales and is a data controller under The General Data Protection Regulation.
Our full details are:
Full name of Charity: The Amelia-Grace Rainbow Fund
Date controller: The Amelia-Grace Rainbow Fund
Telephone: 01202 512176
Registered address: 21 Daws Avenue, Bournemouth, BH11 8SB.
What data do we collect?
We will only collect information from you that is relevant to the service that we are providing. In particular we may collect the following information from you which is defined as personal data:
- Personal details
- Family, lifestyle and social circumstances
- Financial details
We may also collect information that is referred to as being in a special category. This could include:
- Physical or mental health details
- Racial or ethnic origin
- Religious beliefs
Basis for processing
The basis on which we process your personal data is one or more of the following:
- It is necessary for us to comply with a legal obligation
- It is in our legitimate interests to do so
- You have given us your consent (this can be withdrawn at any time by contacting us using the details above)
How will we use your data?
We may use your information for the following purposes:
- Promotion of events and fundraising opportunities
- Administration of grants and gifts
- Administration of Amelia’s Retreat holiday home and beach hut
- Maintaining accounts and records
- Supporting and managing staff
We do not carry out automated decision making or any type of automated profiling.
Requests for assistance from The Amelia-Grace Rainbow Fund as well as booking our holiday home and beach hut are made using our referral forms. This may include personal data and special category data. The data we process is required to ensure we administer our funds consistently and in line with our Administration of Grants policy. Referral forms are processed and stored securely, and the details are only shared with the trustees who make decisions and administration staff.
If you contact us using any of our social media platforms, such as; Facebook, Twitter and Instagram, we may contact you back using the same platform (unless you have specified differently). However, we won’t store your details on one of our databases unless we have obtained your consent to do so.
The privacy notices for Facebook, Twitter and Instagram can be found by following the links below:
Facebook Data Policy https://www.facebook.com/privacy/explanation
Amelia’s Rainbow Website
To help make communicating with us easier, our website contains a contact form. When you submit this form, the details you provide are stored on one of our databases to enable us to respond to your request.
Who will we share your information with?
We take your privacy very seriously and recognise the sensitive nature of the information you share with us. Unless legally obliged to, we won’t share the information you provide with anyone else without your prior consent.
As an employer we will only share your information with our accountants, payroll processors and bookkeepers; HMRC and pension providers to maintain appropriate support for you in your employment and to comply with legal obligations.
How long will we keep your information for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
In the event of a personal data breach we have in place procedures to ensure that the effects of such a breach are minimised and shall liaise with the Information Commissioner’s Office and with you as appropriate. Further information is available upon written request using the contact details above.
What rights do you have?
You have the following rights under the General Data Protection Regulations:
- Right to be informed about how we collect and use your data
- Right of access to your personal data
- Right to have inaccurate personal data rectified, or completed if it’s incomplete
- Right to request personal data be erased also known as the right to be forgotten. This is not an absolute right and only applies in certain circumstances.
- Right to request the restriction or suppression of personal data. This is not an absolute right and only applies in certain circumstances.
- Right to data portability in a safe and secure way without it affecting its usability
- Right to object to the processing of personal data.
- Rights concerning automated decision-making and profiling
More specifically, you have a right to see the information we hold about you. To access this, you need to provide a request in writing using the contact details above, together with proof of identity. We will usually process your request free of charge and within 30 days, however, we reserve the right to charge a reasonable administration fee and to extend the period of time by a further two months if the request is vexatious or very complex.
You also have a right to complain to a data protection authority. In the UK, the authority is the Information Commissioner’s Office (ICO).