This Privacy Policy sets out how we collect, use and store your personal information (this means any information that identifies or could identify you).

The CAfS Privacy Policy may change so please remember to check back from time to time. Where we have made any changes to this Privacy Policy, we will make this clear on our website or contact you about any changes.

This Privacy Policy covers the following:

  1. Who we are
  2. How we collect information about you
  3. Information we collect and why we use it
  4. Profiling: making our work more unique to you
  5. Legal basis for using your information
  6. Marketing
  7. Sharing your information
  8. Keeping your information safe
  9. How long we hold your information for
  10. Your rights
  11. Cookies

 

  1. Who we are

Here at CAfS (Cumbria Action for Sustainability), we are committed to protecting your personal information and making every effort to ensure that your personal information is processed in a fair, open and transparent manner.

We are a “data controller” for the purposes of the Data Protection Act 1998 and (from 25 May 2018) the EU General Data Protection Regulation 2016/679 (“Data Protection Law”).  This means that we are responsible for, and control the processing of, your personal information.

 

  1. How we collect information about you

We want to make sure you receive the communications that are most relevant to you, be it through visiting our website, receiving our newsletter, receiving emails about events we are holding or receiving general information emails.

We collect information from you in the following ways:

When you interact with us directly: This could be if you ask us about our activities, register with us for training or an event, make a donation to us, ask for information or advice on suppliers, apply for a job or volunteering opportunity or otherwise provide us with your personal information. This includes when you phone us, visit our website or get in touch through the post, or in person.

When you interact with us through partners or suppliers working on our behalf: This could be if you access a service such as Energy Saving at Home which is delivered through a trusted contractor working on our behalf and always under our instruction.

When you interact with us through third parties: This could be if you provide a donation through a third party such as Just Giving or one of the other third parties that we work with and provide your consent for your personal information to be shared with us.

When you visit our website: We gather general information which might include which pages you visit most often and which services, events or information are of most interest to you. We also use “cookies” to help our site run effectively. There are more details below – see ‘Cookies’.

From other information that is available to the public: In order to tailor our communications with you to your background and interests we may collect information about you from publicly available sources or through third-party subscription services or service providers (we have provided further details about this below – see ‘Profiling: Making our work unique to you’).

 

  1. Information we collect and why we use it

 Personal Information

Personal information we collect includes details such as your name, date of birth, email address, postal address, telephone number and credit/debit card details (if you are making a donation), as well as information you provide in any communications between us.  You will have given us this information whilst making a donation, registering for an event or any of the other ways to interact with us.

We will only use this information:

  • To process your donations, to claim Gift Aid on your donations and verify any financial transactions.
  • To provide the services or goods that you have requested.
  • To update you with important administrative messages about your donation, an event or services you have requested.
  • To comply with the Charities (Protection and Social Investment) Act 2016 and follow the recommendations of the official regulator of charities, the Charity Commission, which require us to identify and verify the identity of supporters who make major gifts so we can assess any risks associated with accepting their donations.
  • To keep a record of your relationship with us.
  • Where you volunteer with us, to administer the volunteering arrangement.

If you do not provide this information, we will not be able to process your donation, sign you up for a particular event or provide services you have requested.

We may also use your personal information:

  • To contact you about our work and how you can support CAfS (see section 8 on ‘Marketing’ below for further information).
  • To inform you of events that may be of interest to you

 

  1. Profiling: making our work more unique to you

 We want to improve how we talk to you and the information we provide through our website, services, products and information. To do this we sometimes use profiling and screening methods so that we can better understand our supporters, your preferences and needs to provide a better experience for you. For example, we might send you details about an event we think you’d be interested in, based on CAfS events you’ve been to in the past – if you’ve given us permission to do so when you signed up for our newsletters.

We may carry out targeted fundraising activities using profiling techniques based on the information that we hold about you – for example, the length of time you’ve been a supporter of CAfS or whether you’ve donated to CAfS in the past.

We do not use any third-party services to acquire additional information about you.

If you’d prefer that we did not use the data we hold about you to tailor information we provide you, you can of course opt out at any time. To do this, email office@cafs.org.uk with the subject line ‘Please stop analysis of my data’ or call us on 01768 210276 or contact us at Eden Rural Foyer, Old London Road, Penrith, Cumbria, CA11 8ET.

 

  1. Legal basis for using your information

 In some cases, we will only use your personal information where we have your consent or because we need to use it in order to fulfil a contract with you.

However, there are other lawful reasons that allow us to process your personal information and one of those is called ‘legitimate interests’. This means that the reason that we are processing information is because there is a legitimate interest for CAfS to process your information to provide you with a service.

Whenever we process your personal information under the ‘legitimate interest’ lawful basis we make sure that we take into account your rights and interests and will not process your personal information if we feel that there is an imbalance.

 

  1. Marketing

 We will only contact you about our work and how you can support CAfS by email, if you have given us permission to contact you in this way.

You can update your choices by clicking on the ‘Update Profile’ link at the bottom of our email newsletters, or if you’d like us to stop sending you these communications, click the unsubscribe link.

 

  1. Sharing your Information

 The personal information we collect about you will mainly be used by our staff (and volunteers) at CAfS so that they can support you.

We will never sell or share your personal information with organisations so that they can contact you for any marketing activities. Nor do we sell any information about your web browsing activity.

CAfS may however share your information with our trusted partners and suppliers who work with us on or on our behalf to deliver our services, but processing of this information is always carried out under our instruction. We make sure that they store the data securely, delete it when they no longer need it and never use it for any other purposes.

We enter into contracts with these service providers that require them to comply with Data Protection Laws and ensure that they have appropriate controls in place to secure your information.

Legal disclosure

We may disclose your information if required to do so by law (for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority).

 

  1. Keeping your information safe

 We take looking after your information very seriously. We’ve implemented appropriate physical, technical and organisational measures to protect the personal information we have under our control, both on and off-line, from improper access, use, alteration, destruction and loss.

Unfortunately the transmission of information using the internet is not completely secure. Although we do our best to protect your personal information sent to us this way, we cannot guarantee the security of data transmitted to our site.

Our websites may contain links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. Please be aware that advertisers or websites that have links on our site may collect personally identifiable information about you. This privacy statement does not cover the information practices of those websites or advertisers.

Any debit or credit card details which we receive are passed securely to Quickbooks (our accountancy provider) and Unity Trust Bank (our payment processing partner), according to the Payment Card Industry Security Standards. We also use trusted partners Paypal and Eventbrite for some transactions, and they also adhere to these standards.

 

  1. How long we hold your information for

 We only keep it as long as is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations (for example, the collection of Gift Aid).

 

  1. Your rights

 You have various rights in respect of the personal information we hold about you – these are set out in more detail below.  If you wish to exercise any of these rights or make a complaint, you can do so by contacting our office at Eden Rural Foyer, Old London Road, Penrith and by phone on 01768 210276.  You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office, https://ico.org.uk/

  • Access to your personal information: You have the right to request access to a copy of the personal information that we hold about you, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making. You can make a request for access free of charge.  Please make all requests for access in writing, and provide us with evidence of your identity.
  • Right to object: You can object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.  Please contact us as noted above, providing details of your objection.
  • Consent: If you have given us your consent to use personal information (for example, for marketing), you can withdraw your consent at any time.
  • Rectification: You can ask us to change or complete any inaccurate or incomplete personal information held about you.
  • Erasure: You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.
  • Portability: You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
  • Restriction: You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.
  • No automated-decision making: Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention.  You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless you have given us your consent, it is necessary for a contract between you and us or is otherwise permitted by law.  You also have certain rights to challenge decisions made about you.  We do not currently carry out any automated decision-making.

Please note, some of these rights only apply in certain circumstances and we may not be able to fulfil every request.

 

  1. Cookies

 ‘Cookie’ is a name for a small file, usually of letters and numbers, which is downloaded onto your device, like your computer, mobile phone or tablet when you visit a website.

They let websites recognise your device, so that the sites can work more effectively, and also gather information about how you use the site. A cookie, by itself, can’t be used to identify you.

How do we use cookies?

We use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you come to our website and also allows us to improve the user experience.

The cookies we use

We use the categorisation set out by the International Chamber of Commerce in their UK Cookie Guide.

We use all four categories of cookies:

  • ‘Strictly necessary’ cookies are essential for you to move around our website and to use its features, like your account.
  • ‘Performance’ cookies collect anonymous information about how you use our site, like which pages are visited most.
  • ‘Functionality’ cookies collect anonymous information that remember choices you make to improve your experience, like your text size or location. They may also be used to provide services you have asked for such as watching a video or commenting on a blog.
  • ‘Targeting or advertising’ cookies collect information about your browsing habits in order to make advertising relevant to you and your interests. As such if you visit the CAfS website you may then be more likely to see adverts about CAfS’s work on other websites as your browsing suggests that this is an area of interest.

 

No cookies, please

You can opt out of all our cookies (except the strictly necessary ones). Find out how to control and delete cookies in your browser.

But, if you choose to refuse all cookies, our website may not function for you as we would like it to.

If you have any questions about how we use cookies, please contact us.