Two Saints Privacy Policy
We’re committed to maintaining the trust and confidence of visitors to our website. In particular, we want you to know that Two Saints are not in the business of selling, renting or trading email lists with other organisations for marketing purposes. In this Privacy Policy, we’ve provided detailed information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.
1. Website cookies
Cookies are very small files that are placed on your computer by the websites you visit. They’re common and used to make websites work more efficiently, provide a customised experience and send information back to the owners of the site.
When you use our website, we collect the following information anonymously depending on which option you chose for our cookies:
- the date and time you used our services
- the pages you visited on our website and how long you visited them for
- the internet browser and devices you’re using
- your country, city and language
- the website address from which you accessed our website
- information collected from online contact forms on the website
- if you’re a new or returning visitor
We collect this information, so we can:
- tailor our services to you
- improve your online experience
2. Financial information
Our website does not collect any financial data. Donations made through JustGiving are subject to JustGiving data processing rules. You can find their Privacy Policy at www.justgiving.com/info/privacy-policy-versions/privacy-policy-v20
3. Emails and mailing lists
When you contact us using a contact form on our website we use a third-party provider, Mailchimp to store the data listed below. We use that information for a couple of reasons: to tell you about the news you’ve asked us to tell you about and to check our records are right. We don’t rent or trade email lists with other organisations and businesses.
Mailchimp records the email address, Internet Protocol (IP) address, and timestamp associated with every subscriber or contact who completes and submits the form. When sending newsletters we use Mailchimp to gather statistics around email opening and clicks using industry-standard technologies to help us monitor and improve our e-newsletter.
Mailchimp complies with UK GDPR as it continues to protect EEA, UK, and Swiss data in compliance with the Privacy Shield Principles to which it has certified compliance. In addition, Mailchimp contractually commits to transfer and process all of its users’ Swiss, EU, and UK data in compliance with the EU’s Standard Contractual Clauses, which remain a valid data export mechanism and which automatically apply in accordance with Mailchimp’s Data Processing Addendum. For more information please see Mailchimp’s Privacy Policy: https://mailchimp.com/en-gb/gdpr/.
You can unsubscribe to our mailing list at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by emailing our data protection lead Janice Hughes.
4. Working with third parties
When working with third parties we ensure we have appropriate agreements in place to protect your information. We’ll only share information that is absolutely necessary for the purpose intended. And we don’t sell your personal information on.
If you think we need to update any of the information we hold, please let us know by contacting us using the details at the end of this document.
5. Data retention
We review the personal data (and the categories of personal data) we’re holding on a regular basis to ensure the data we’re holding is still relevant to our organisation and is accurate. If we discover that data we’re holding is no longer necessary or accurate, we’ll take reasonable steps to correct or delete the data.
When you submit and consent to your data being used in the ways described above we’ll ensure your data kept only for as long as necessary. When a newsletter is sent to your email address you can easily unsubscribe using the link at the bottom of every newsletter. We’ll take steps to keep the information safe while we hold it and when we don’t need it anymore, we’ll destroy it safely.
6. Other websites
Our website may contain links and references to other third party websites and applications. Please be aware that this Privacy Policy does not apply to those websites.
We cannot be responsible for the privacy policies and practices of sites that are not operated by us, even if you access them via our website. We recommend that you check the policy of each site you visit and contact its owner or operator if you have any concerns or questions.
In addition, if you came to our website via a third party site, we cannot be responsible for the privacy policies and practices of the owners or operators of that third party site and recommend that you check the policy of that third party site and contact its owner or operator if you have any concerns or questions.
If you contact us using the ‘contact us’ form or the details at the end of this document. We will not use your contact information to add you to any mailing lists and will only share your email with the relevant member of staff who can answer your enquiry.
7. Lawful basis for processing
In order to process personal data we must have a lawful basis to do so. Our lawful grounds for processing personal data are set out below:
- Legitimate interests: the processing is necessary for our legitimate interests, or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.
- Consent: you have given us clear consent to process your personal data for a specific purpose
We gain consent from individuals via the newsletter submission form which forms our compliance with Article 6 of the UK GDPR. This processing is necessary to keep these individuals informed of our news which they have expressed an interest in and consented to receive
We have comprehensive policies and procedures around information security and data protection which helps reduce the risk of anyone accessing or disclosing your information unlawfully.
Our employees are required to complete mandatory data protection training annually.
8. Access to your personal information
As a key transparency requirement under the UK GDPR you have the right to request to:
- view the data we hold on you
- amend your data
- ask us to delete your data
Please email your request to our data protection lead: Janice Hughes.
We’ll endeavour to comply with such requests as soon as possible but in any event, we will comply within one month of receipt (unless a longer period of time to respond is reasonable by virtue of the complexity or number of your requests).
9. Contact us
If you have any concerns or wish to express any of the above rights, please tell us and we’ll respond as soon as we can. You can contact our data protection lead by emailing: Janice.hughes@twosaints.org.uk.
The Information Commissioner’s Office (ICO) provides lots of advice on your rights and protecting your information. You also have the right to raise any concerns with them. If we are unable to resolve any issues you may have or you would like to make a further complaint, you can contact the Information Commissioner’s Office by visiting http://www.ico.org.uk/ for further assistance.
Address
Two Saints Ltd, Fareham House, 69 High Street, Fareham, Hampshire, PO16 7BB
Email: twosaints@twosaints.org.uk
10. Changes to this Privacy Policy
This policy was reviewed in August 2022 and will be reviewed again in three years’ time unless changes to legislation require updates to be made sooner.
Two Saints Ltd
Central Services
Fareham House
69 High Street
Fareham
Hampshire
PO16 7BB
01329 234600
twosaints@twosaints.org.uk