1. Who we are
Here at Islington Mind, we are committed to protecting your personal information and making every effort to ensure that your personal information is processed in a fair, open and transparent manner.
We are a “data controller” for the purposes of the Data Protection Act 1998 and (from 25th May 2018) the EU General Data Protection Regulation 2016/679 (“Data Protection Law”). This means that we are responsible for, and control the processing of, your personal information.
For further information about our privacy practices, please contact our Data Protection Officer by:
- Writing to Islington Mind, Unit 4, Archway Business Centre, 19-23
Wedmore Street, Islington, London, N19 4RU
- Calling us on 020 3301 9850
- Emailing to firstname.lastname@example.org
2. How we collect information about you
Everything we do, we do to ensure that we can help people experiencing a mental health problem get both support and respect. We want to make sure you receive the communications that are most relevant to you, be it through visiting our website or receiving emails, post or phone calls. We want to make sure you receive the best attention when you book on an event, become a member or make a donation.
We collect information from you in the following ways:
When you interact with us directly: This could be if you ask us about our activities, register with us for training or an event, make a donation to us, ask a question about mental health, purchase something, apply for a job or volunteering opportunity or otherwise provide us with your personal information. This includes when you phone us, visit our website, make a purchase from our shops, or get in touch through the post, or in person.
When you interact with us through third parties: This could be if you provide a donation through a third party such as MyDonate or one of the other third parties that we work with and provide your consent for your personal information to be shared with us.
When you visit our website: We gather general information which might include which pages you visit most often and which services, events or information is of most interest to you.
3. Information we collect and why we use it
Personal information we collect includes details such as your name, date of birth, email address, postal address, telephone number and credit/debit card details (if you are making a purchase or donation), as well as information you provide in any communications between us. You will have given us this information whilst making a donation, registering for an event, placing an order on our website or any of the other ways to interact with us.
We will mainly use this information:
- To process your donations or other payments, to claim Gift Aid on your donations and verify
any financial transactions.
- To provide the services or goods that you have requested.
- To update you with important administrative messages about your donation, an event or
services or goods you have requested.
- To comply with the Charities (Protection and Social Investment) Act 2016 and follow the recommendations of the official regulator of charities, the Charity Commission, which require us to identify and verify the identity of supporters who make major gifts so we can assess any risks associated with accepting their donations.
- To keep a record of your relationship with us.
- Where you volunteer with us, to administer the volunteering arrangement.
- Where you are a client accessing our services, to ensure we provide you with the best
services and to meet the needs of our funders’ monitoring procedures
If you do not provide this information, we will not be able to process your donation, sign you up for
a particular event or provide goods and services you have requested.
We may also use your personal information:
- To contact you about our work and how you can support Mind (see section 5 on ‘Marketing’ below for further information).
- To invite you to participate in surveys or research.
Sensitive Personal Information:
4. Legal basis for using your information
In some cases, we will only use your personal information where we have your consent or because we need to use it in order to fulfil a contract with you (for example, because you have placed an order on our website). However, there are other lawful reasons that allow us to process your personal information and one of those is called ‘legitimate interests’. This means that the reason that we are processing information is because there is a legitimate interest for Islington Mind to process your information to help us to achieve our vision of ensuring that everyone experiencing a Mental Health problem gets both support and respect. Whenever we process your Personal Information under the ‘legitimate interest’ lawful basis we make sure that we take into account your rights and interests and will not process your personal information if we feel that there is an imbalance. Some examples of where we have a legitimate interest to process your Personal information are where we contact you about our work via post, use your personal information for data analytics, conducting research to better understand who our supporters are, improving our services, for our legal purposes (for example, dealing with complaints and claims), or for complying with guidance from the Charity Commission.
We will only contact you about our work and how you can support Islington Mind by phone, email or text message, if you have agreed for us to contact you in this manner. However, if you have provided us with your postal address we may send you information about our work and how you can support Islington Mind by mail unless you have told us that you would prefer not to hear from us in that way. You can update your choices or stop us sending you these communications at any time by contacting email@example.com
6. Sharing your Information
The personal information we collect about you will mainly be used by our staff (and volunteers) at Islington Mind so that they can support you. We will never sell or share your personal information with organisations so that they can contact you for any marketing activities. Nor do we sell any information about your web browsing activity. Islington Mind may however share your information with our trusted partners and suppliers who work with us on or on our behalf to deliver our services, but processing of this information is always carried out under our instruction. We make sure that they store the data securely, delete it when they no longer need it and never use it for any other purposes. Some examples of where we may share your information are with our partners who help us to process donations and claim Gift Aid and our partners who help us to manage our social media accounts. We enter into contracts with these service providers that require them to comply with Data Protection Laws and ensure that they have appropriate controls in place to secure your information.
7. Legal disclosure
We may disclose your information if required to do so by law (for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority); or, in order to enforce our conditions of sale and other agreements.
8. Keeping your information safe
We take looking after your information very seriously. We have implemented appropriate physical, technical and organisational measures to protect the personal information we have under our control, both on and off-line, from improper access, use, alteration, destruction and loss. Unfortunately the transmission of information using the internet is not completely secure. Although we do our best to protect your personal information sent to us this way, we cannot guarantee the security of data transmitted to our site. Our websites may contain links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. Please be aware that Web sites that have links on our site may collect personally identifiable information about you. This privacy statement does not cover the information practices of those websites. Any debit or credit card details which we receive on our website are passed securely to Sage Pay our payment processing partner, according to the Payment Card Industry Security Standards.
9. How long we hold your information for
We only keep it as long as is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations (for example, the collection of Gift Aid).
10. Your rights
You have various rights in respect of the personal information we hold about you – these are set out in more detail below. If you wish to exercise any of these rights or make a complaint, you can do so by contacting us at Islington Mind, unit 4, Archway Business Centre, 19-23 Wedmore Street, Islington, London,N19 4RU, by email at firstname.lastname@example.org or by phone on 020 3301 9850. You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s
- Access to your personal information: You have the right to request access to a
copy of the personal information that we hold about you, along with information on what
personal information we use, why we use it, who we share it with, how long we keep it for
and whether it has been used for any automated decision making. You can make a request
for access free of charge. Please make all requests for access in writing, and provide us
with evidence of your identity.
- Right to object: You can object to our processing of your personal information where we
are relying on a legitimate interest (or those of a third party) and there is something about
your particular situation which makes you want to object to processing on this ground.
Please contact us as noted above, providing details of your objection.
- Consent: If you have given us your consent to use personal information (for example, for
marketing), you can withdraw your consent at any time.
- Rectification: You can ask us to change or complete any inaccurate or incomplete
personal information held about you.
- Erasure: You can ask us to delete your personal information where it is no longer necessary
for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping
- Portability: You can ask us to provide you or a third party with some of the personal
information that we hold about you in a structured, commonly used, electronic form, so it
can be easily transferred.
- Restriction: You can ask us to restrict the personal information we use about you where
you have asked for it to be erased or where you have objected to our use of it.
- No automated-decision making: We do not currently carry out any automated decisionmaking.
Please note, some of these rights only apply in certain circumstances and we may not be able to
fulfil every request.
Your communications with our teams (including by telephone or email) may be monitored and/or recorded for training, quality control and compliance purposes to ensure that we continuously improve our customer service standards.
Revised May 2018