This privacy notice is designed to tell you, as the user of our services – whether that’s because you receive our newsletters or mailings about our events, because we share information with you, or any other activities – about how we collect, use and disclose personal and other information about you, your enterprise or your organisation. You may provide this information to us via our website or through other means like an email or a phone call.
Our full privacy notice is detailed below, but the main points to note are:
- We will only ever ask for what we really need to know.
- We will collect and use the personal data that you share with us transparently, honestly and fairly.
- We will always respect your choices around the data that you share with us and the communication channels that you ask us to use.
- We will put appropriate security measures in place to protect the personal data that you share.
- We will never sell your data.
A quick note on terminology: when we use the phrases “we” or “us” in this notice, they refer only to Pause Creating Space for Change, a charitable company limited by guarantee in England and Wales, with registered office Ground Floor, 209-211 City Road, London, EC1V 1JN, with company number 09703298 and charity number 1170310.
Please note: Pause Practices are separate organisations and have their own privacy arrangements. This does not apply to the Pause Practices operating in the Liverpool City Region, which are delivered by Pause Creating Space for Change. Click here to read the privacy notice related to our work in the Liverpool City Region.
Your information: what we collect, use, keep and share
The way we manage the information we might collect about you depends on the capacity in which you contact us, whether you’re a stakeholder, partner or professional, a member of the public, someone who may benefit from our services or a donor. In the links below, we explain how this works for you.
Stakeholders, partners and professionals
Potential beneficiaries and/or their family members
For any category of personal information not specified above, and unless otherwise specified by applicable law, the required retention period for any personal information will be deemed to be seven years from the date of receipt by us of that information.
The retention periods stated in this Notice can be prolonged or shortened as may be required (for example, in the event that legal proceedings apply to the information or if there is an on-going investigation into the information).
We review the personal information (and the categories of personal information) we are holding on a regular basis to ensure the information we are holding is still relevant to our business and is accurate. If we discover that certain information we are holding is no longer necessary or accurate, we will take reasonable steps to correct or delete this information as may be required.
You always have the right to request that personal information we hold about you is amended or deleted, please refer to the Your Rights section.
We do not disclose any information you provide to any third parties other than as follows:
- where you have opted to share any of your information with any other user of our services or third party, you authorise us to deliver that content via email, or other communication system. We also store some information on a secure database called “Salesforce”;
- where we run a joint event with another organisation. We would only share personal information that is necessary in order to run the event.
- where we may engage third party companies or individuals, such as third party payment processors, mailing houses etc, to process information on our behalf.
- where information such as email addresses is passed to MicroNet Infotech LTD who provide us with technical support;
- if we are under a duty to disclose or share your personal information in order to comply with any legal obligation (for example, if required to do so by a court order or for the purposes of prevention of fraud or other crime);
- in order to enforce any agreements for our services that may apply;
- we may transfer your personal information to a third party if we merge or restructure but we will take steps to ensure that your privacy rights continue to be protected, (this only applies to information that hasn’t already been deleted under the provision above;
- to protect our rights, property and safety, or the rights, property and safety of our users or any other third parties. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where we do supply your personal information to a third party we will take steps to ensure that your privacy rights are protected and that third party complies with the terms of this notice.[/accordion-item
Legal basis on which we use personal information
Personal information we hold about you will be collected/used either because:
- you have consented or explicitly consented to the use for the specific purposes described in this notice or via a separate document;
- the use is necessary in order for us to perform our obligations under a contract between you and us;
- we need to comply with a legal obligation;
- it is in yours or another person’s vital interests (including where you or the other person may not be able to give consent);
- it is necessary to perform a public interest task;
- the use is necessary in pursuit of a “legitimate interest”, a legitimate interest in this context means a valid interest we have, or a third party has, in use of your personal information which is not overridden by your interests in privacy and security. For example, when contacting you because you work for an organisation and want to engage with us. We will use personal information to administer our relationship with you and deliver the services you have told us you wish to use or to send you information that you have requested. We may also offer you the opportunity to receive additional information about our activities or those of our members, supporters, service providers and partners.
Ways we may collect your personal information, including from third parties
We may collect the following personal information (information that can be uniquely identified with you) about you in the following ways:
- information provided to sign up to any of our services, such as receiving member briefings and updates, joining email lists and networks, or taking part in workshops, conferences and seminars;
- information you may have created or provided through your use of our services, including by email;
- payment information you may provide, or we may need to collect, when you make a donation to us;
- a record of any correspondence between you and us;
- replies to any surveys or questionnaires that we may use for research purposes;
- details of your visits to the website, the resources and pages that you access and any searches you make;
- any information we may require from you when you report a problem or complaint;
- the number of communications you make with us;
- taking photos or making audio or video recordings;
- information you may have provided when requesting advice/guidance.
We may collect information when you choose to supply it to us but please note there may be instances where we process your personal information which has been provided to us by a third party.
Examples of such personal information and where we obtain such information are as follows
- When you donate via Just Giving;
- When you sign up to an event via Eventbrite;
- When you subscribe to a newsletter via MailChimp;
- When you respond to a survey using Survey Monkey.
If we do obtain your personal information from a third party your privacy rights under this notice are not affected and you are still able to exercise the rights contained within this notice.
You do not have to supply any personal information to us but our services may not be operable without the provision of personal information. You may withdraw our authority to process your personal information (or request that we restrict our use) at any time (but our services may not be fully operable should you do so).
How do we protect the security
We will take all reasonable steps to ensure that appropriate technical and organisational measures are carried out in order to safeguard the information we collect from you and protect against unlawful access and accidental loss or damage.
We will ensure that our employees are aware of their privacy and information security obligations. We will take reasonable steps to ensure that the employees of third parties working on our behalf are aware of their privacy and information security obligations.
This notice and our procedures for handling personal information will be reviewed on a regular basis.
Although we will do our best to protect your personal information, because the transmission of information via the internet is not completely secure, we cannot guarantee the security of your information transmitted to the website or via email; any transmission is at your own risk. Once we have received your information, we will use our strict procedures and security features to try to prevent unauthorised access.
A cookie is a small file of letters and numbers that is stored on your browser or device. Cookies contain information that is transferred to your computer’s hard drive. Cookies cannot be used by themselves to identify you.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
How to control cookies
You can restrict or block cookies using your browser settings. For instructions on how to control or disable cookies, please visit https://www.aboutcookies.org.uk/
Your rights and contacting us
- If you would like to update your personal information, or let us know the personal information we hold is incorrect, you can do so by contacting us on the details below.
- You have a right to know how we protect your personal information (as set out in this policy).
- You always have the right to unsubscribe from our newsletter or any other services where we rely on your consent for holding your personal information. We will ensure you are unsubscribed as soon as possible, but at least within one month.
- You also have a right to restrict our use of your personal information and the right to object to your personal information being processed, please contact us on the details below if you wish to do so.
- You have the right to ask us to stop using your personal information in certain ways (as set out in the notice).
- You have the right to ask us to delete your personal information. Unless we have reasonable grounds to refuse to delete your personal information, we will securely delete the personal information in question within one month. The personal information may continue to exist in certain backup, but we will take steps to ensure that it will not be accessible.
- You have the right to request access to the personal information that we hold about you.
- We will endeavour to comply with such requests as soon as possible but in any event we will comply within one month of receipt (unless a longer period of time to respond is reasonable by virtue of the complexity or number of your requests).
- If a breach is likely to result in a risk to your information rights and freedoms, we will notify you as soon as possible and we may also report it to the ICO.
- If we are unable to resolve any issues you may have or you would like to make a further complaint, you can contact the ICO by visiting http://www.ico.org.uk/for further assistance.
- Please also feel free to contact us if you have any questions about our Privacy Notice or working practices:
- by phone on 020 3011 1948
- by email on firstname.lastname@example.org
- by post at Pause Creating Space for Change, Ground Floor, 209-211 City Road, London, EC1V 1JN
Transferring your information outside Europe
Pause’s operations are based in the UK and we store our data in the UK. However, as part of the services offered to you, we will sometimes use third-party platforms to collect and process information, whose servers may be located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Notice (e.g. that the servers adhere to the Privacy Shield Framework).
The third-party platforms we use include:
All of these platforms have the EU/US Privacy Shield Certification, which provides appropriate safeguards to individuals’ personal data.
Notification of changes to this notice
We will post details of any changes to our policy on the website to help ensure you are always aware of the information we collect, how we use it, and in what circumstances, if any, we share it with other parties.
Last updated: March 2021