Starfish Asia is committed to protecting your privacy and keeping your personal information safe, in accordance with the General Data Protection Regulations (GDPR) which came into force on 25th May 2018. We do not share your personal information with anyone other than HMRC (for the purpose of processing Gift Aid) and with our database provider.
What personal information do we store?
If you support us – for example, make a donation, sign up to receive our news, volunteer for us, or take part in an event – we will collect and store all or some of the following information:
- Your name, postal address, email address and phone number, along with your preference as to which of these we should use to contact you.
- Bank account details if you choose to make a regular donation by standing order.
- Your Gift Aid status.
- Your position within an organisation or charitable trust (if relevant).
- Other personal information or sensitive data if you choose to share it with us (such as your family information; home church; relationships to other supporters). We will not store any information about children under 18.
- Records of all donations (these can be recorded anonymously, if you prefer).
- Records of correspondence (postal or email) and telephone calls.
How do we collect information about you?
We collect information about you when you contact us to make a donation, sign up to receive our news, attend an event, apply for a job or voluntary post, fundraise on our behalf, or when your details are given to us as the contact person for an organisation. Data may come from a sign-up form, letter, email, phone call, personal conversation, or via social media or our website.
Sometimes your information is given to us by third parties, for example fundraising sites like Virgin Money Giving and Just Giving; and giving agencies such as Charities Aid Foundation and Stewardship. These organisations have their own Privacy Policies, which explain how they will process your data and in what circumstances they may share it with us.
How do we use (‘process’) this information?
We use this information to thank you for donations and to keep you up-to-date with our work via the following methods, as per your express preferences and/or our legitimate interests (see below):
- Quarterly Newsletter (by post or email).
- Monthly Prayer Bulletin (email only).
- Occasional other communications (for example: reports of trips to Pakistan; sharing urgent needs in Pakistan; invitations to events near you).
We also use your information to do our accounts and so that we can process Gift Aid, for which purpose your data will be shared securely with HMRC.
Legal bases for processing your data
We have attempted to get consent from existing supporters (those who started their contact with us prior to May 25th 2018) regarding their contact preferences. Where consent has been given, either in writing or verbally, this is the basis on which we will continue to process your data.
In cases where we have not had a response, we have carried out a “Legitimate Interest Assessment” to determine which supporters have a “history of interest” in Starfish Asia – for example, by making a donation or contacting us within the last three years. Supporters who meet these criteria will continue to receive our postal mailings, unless you opt out (see the section “Your Rights” below).
After May 25th 2018, we will rely on legitimate interest to process the name, contact details and financial data of new donors on the grounds that it is necessary to do so to process donations. However, we will aim to gain explicit consent if we wish to send you information about Starfish Asia.
We may also rely on legitimate interest to contact potential supporters, but we will always aim never to do so in an insensitive or intrusive manner, and we will not add you permanently to a mailing list without your consent. In this matter we have relied on the following guidance from the Information Commissioner’s Office (ICO).
Protecting your personal information
We take appropriate steps to protect your data both online and off-line. Our database provider stores your information on servers within the UK, and is subject to the requirements of the General Data Protection Regulations. For the purposes of these regulations, we are the ‘Data Controller’ and they are the ‘Data Processor’. Our computers are password protected and have up-to-date anti-virus software installed.
Using our website
By using our website, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site will be deemed your acceptance of this policy.
Under the General Data Protection Regulations you have the following rights (among others):
- To be given a copy of any information we hold about you.
- To opt out of receiving communications from us, or to change your preferences at any time.
- To have incorrect data corrected.
- To be told why we store your data and how we use it.
- For the data to be deleted (unless we need to keep it for legal reasons – eg financial information).
To exercise any of these rights, or if you have a complaint about how we process your data, please contact us by post, email or phone and we will be happy to help you.
32, Beck Lane,
Kent BR3 4RE
Phone: 00 44 (0)208 402 0914