At Let’s Talk About Loss, we take your privacy seriously and will always keep your personal information safe. We endeavour at all times to comply with the EU General Data Protection Regulation (GDPR), the Privacy and Electronic Communications Regulations (PECR) and other relevant legislation.
When you enquire about Let’s Talk About Loss, sign up to our email newsletter, become a volunteer, make a donation or purchase an item from our shop, we collect your personal information. We routinely collect details such as your name, address, phone number and email address as is relevant to your enquiry.
We may also collect and hold information about the activities that you take part in. This may include:
In some circumstances, we may collect data which is classified as ‘special categories of personal data’ under the GDPR. An example would be data about your date of birth. We only hold this information for specific purposes and with your explicit consent. This information is only accessible to staff authorised to see it and not to other staff or volunteers.
We may receive your information from a third party when you give a gift, fundraise for us or sign up for an event (for example JustGiving, Eventbrite or Payroll Giving). These organisations will have their own data protection and privacy policies which you should be aware of before signing up. On the Let’s Talk About Loss website, we may link to third-party websites and we are not responsible for their privacy policies.
We use the personal information you give us, where relevant, to:
Anyone who attends a meet up will not receive marketing information via email unless they have signed up for the newsletter and given consent.
We will only send you our email newsletter when you have given us your consent to do so. You can stop receiving this at any time by clicking on an ‘unsubscribe’ link at the bottom of any email you receive from us.
We will never sell your information or share it with other organisations for their marketing purposes.
You can stop receiving marketing communications from us at any time. You can click on the unsubscribe link at the bottom of any email you receive from us or you can contact us directly by emailing firstname.lastname@example.org.
Let’s Talk About Loss is fully committed to the security of your personal information. We take appropriate technical and organisational security measures to safeguard personal information. We use commercially reasonable physical, administrative and technological safeguards to preserve the integrity and security of all information collected through the Let’s Talk About Loss website, and use industry-standard high encryption security measures to protect the loss, misuse and alteration of the information under our control. All information processed on our website is transmitted using Secure Socket Layer (“SSL”) technology. SSL encrypts your information to avoid the decoding of that information by anyone other than Let’s Talk About Loss.
We engage service providers to work on our behalf, who will be employed under strict contractual arrangements and only have access to the specific information they need to undertake the service required. For example sending emails and processing credit card payments. We will only provide those companies with the information they need to deliver the specific service and we ensure that your data is treated with the same level of care as if we were handling it directly.
Otherwise, we will only disclose your personal information to another party if required to by law. Sharing of information under safeguarding policies will be discussed with all families at initial contact.
The personal information you provide to us is stored on our secure electronic systems within the UK. Your information may be transferred to one of our reputable service providers who may store and process this information outside the European Economic Area (EEA).
We ensure that personal information is not transferred to countries outside the European Economic Area (EEA) without suitable safeguards; namely that suppliers/service providers are certified under the EU-US Privacy Shield framework, or sign data processing agreements consisting of the standard contractual clauses under Directive 95/46/EC of the European Parliament and of the Council of 1995.
We will retain your information for as long as necessary for the relevant activity, and meet any legal or regulatory requirement. If you cease to have an active relationship with us or request to receive no further contact, we will retain some basic information in order to avoid sending you unwanted materials in the future.
Under the GDPR you have the right to request a copy of the personal information we hold about you. This is known as a Subject Access Request. If you would like to submit such a request please contact us at email@example.com.
We may request proof of your identity, this is to ensure we do not pass personal information to anyone else other than the person making the request. The statutory time for our response is one calendar month, but we will endeavour to respond sooner.
If you believe any of the personal information we hold about you is out of date or incorrect, or you wish it to be deleted please contact us at: firstname.lastname@example.org.
Any request to have your information deleted will be assessed on a case-by-case basis, as we may be under a requirement to retain it.
From time to time we may make changes to this policy. If any significant changes are made regarding how we collect and use your personal information we will update this policy.
If you have any questions regarding this policy, please email: email@example.com
This policy was last updated: 10/2020