This document is written to comply with the General Data Protection Regulation (GDPR) and describes in plain English and without legal terminology what happens with any individual’s personal data when they use or interact with the Summerfield Charitable Trust (“SCT”).
When you contact us by email or through the website
Please remember that email is not a secure way of communication and should not be used to communicate anything confidential.
When you email us or contact us on the website, your name, contact number and email address, as well as your message, are relayed between different servers, where log files may be kept. This includes your own email provider. The contact you make with us (whether by email or webform) is downloaded and stored on an encrypted computer held by our webhosts: The Gallery Partnership, a UK-registered company whose contact details and privacy statement is available at www.gallerypartnership.co.uk.
Why we hold your Personal Data
We do not send out newsletters or marketing information and we do not use third party email communication providers. We do not sell, rent, or loan personal data details to anyone. Your information is held simply for the purpose of processing your grant application/s and communicating with you and occasional internal reviews carried out within SCT. If you wish to contact us about the information you provided to us please do so via e-mail at: firstname.lastname@example.org
When you make an application to us
The data SCT collects, stores and processes through our website consists of any personal information you provide to us (such as name, address and contact details) and any relevant data, such as: what grant category you are applying for, how many times you may have applied to us previously, which other grant funders you have applied to plus contact person name and postal address details. All this is done so that we can receive, process and manage your application/s.
The GDPR rules require us to say on what lawful basis we process your data and in this case it is “performance of contract”.
We store our data on the servers of the Gallery Partnership. The only other companies that may occasionally have access to the database are Quintech Computers: www.quintech.co.uk., who look after our systems and The Trust Partnership who manages our website: www.thetrustpartnership.com. SCT trustees/directors and the management also have access to this information, which consists of your name and contact details, as well as bank transfer information.
All the above are reputable companies with the capacities and policies to keep data secure and confidential. They earn money from processing transactions and other paid-for services and not from selling data on to advertisers.
SCT secures your personal data from unauthorised access, use or disclosure by using servers operating in a controlled, secure environment, protected from unauthorised access, use or disclosure. When personal information is transmitted it is protected through the use of encryption such as the Secure Socket Layer (SSL) protocol
How long is your personal data kept?
We keep your data for as long as we need it to provide you with our services and/or as long as we have your consent and/or until you tell us to delete it.
The GDPR provides the following rights for individuals:
1. The right to be informed
2. The right of access
3. The right to rectification
4. The right to erase
5. The right to restrict processing
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling.
In simple terms this means that you can ask us what data we hold on you and that you can request any data to be corrected or deleted.
You also have the right to complain to the Information Commissioner’s Office.
Changes to this Policy Statement
SCT may occasionally update this Statement of Privacy to reflect regulatory and customer feedback. Periodic review by applicants is actively encouraged so that you remain informed as to how SCT is protecting your data.