CHELMSFORD BASED HOMELESS COMMUNITY PROJECT. INC. THE RUCKSACK PROJECT CHELMSFORD

Privacy, Cookies & GDPR

Tackling Homelessness Together

COOL TO BE KIND –PRIVACY POLICY

Policy last updated: [December 2018]

INTRODUCTION

Please read this Privacy Policy to understand how Cool to be Kind (the “c2bk”) may process your personal data before using our website (the “Website”). By visiting our Website, you are accepting the terms of this Privacy Policy. Any external links to other websites are clearly identifiable, and we are not responsible for the content or the privacy policies of these other websites.

We may change this Privacy Policy from time to time by updating this page. Please check back frequently to see any updates or changes to this Privacy Policy.

WHO WE ARE

We are a community project based in Chelmsford who provides help for rough sleepers. Our aim is to provide help and support to rough sleepers in the South East. The c2bk is the controller of your personal data via our Website and the services we provide.

WHAT DO WE DO WITH YOUR INFORMATION?

We collect the following from you, which depends on how you use our services: name, address, telephone number, email address, contact preferences (so we can make contact with you); password (if you choose to sign up with us); bank account details, gift aid status (for you to make donations), records of your correspondence and engagement with us; survey responses (if you choose to complete a survey for); details of your relationship to other supporters, if applicable; your computer’s internet protocol (IP) address (to provide us with information that helps us learn about your browser and operating system).

We may collect your personal data via:

  • Communications via our Website: When you contact us through our Website or sign up with us. Please see below for more details about the specific cookies we collect.
  • Registration form at our events: We collect your personal data when you complete a registration form at one of our events.
  • [Any paper forms which you may complete]: when you complete one of our paper forms and send it to us.
  • Telephone conversations: when you wish to make an enquiry with us over the telephone.
  • Communication via social media: when you contact via our social media pages.

PURPOSES FOR PROCESSING YOUR PERSONAL DATA

We may process any personal data you provide to us with your consent, to ensure compliance with legal and regulatory requirements and for the purposes of our legitimate business interests, including:

  • to enable us to fulfil volunteer requests for events;
  • to respond to any enquiries you make;
  • to administer your donation or support your fundraising and processing any gift aid;
  • to enable you to participate in features such as surveys and message boards;
  • to further our charitable aims; and
  • to provide you with newsletters and email.

EMAIL MARKETING

We may send you emails about our projects, upcoming events and other updates. We use Mailchimp for email marketing and to communicate with our clients. Mailchimp offers a double opt-in service and offers full visibility of any of your information used by this service and the option to unsubscribe which will delete any of your personal data.

You may opt out of receiving our marketing communications at any time by contacting us at [dan@c2bk.co.uk] or by using the unsubscribe link in any of our communications.

STORING YOUR PERSONAL DATA

We will only store your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

YOUR RIGHTS

You may have the right to request: (a) access the to your personal data we hold about you; (b) request we rectify any inaccurate personal data we hold about you; (c) request we erase any personal data we hold about you; (d) restrict the processing of personal data we hold about you; (e) object to the processing of personal data we hold about you; and/or (f) receive any personal data we hold about you in a structured and commonly used machine-readable format or have such personal information transmitted to another company.

We may ask you for additional information to confirm your identity and for security purposes, before disclosing information requested to you.

To exercise any of your rights in connection with your personal data, please contact [dan@c2bk.co.uk]. We will process any request in line with any local laws and our policies and procedures. You also have the right to lodge a complaint about how we process your personal data with the supervisory authority in the United Kingdom which is the Information Commissioner’s Office. We would appreciate the chance to deal with your concerns before you approach your local supervisory authority so please contact us in the first instance.

SHARING YOUR PERSONAL DATA

We may share your personal data with:

  • Our service providers that we engage with to provide services for us, such as for data storage, for payment services, for marketing. The third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. Where we provide your personal data to third party services providers, they are required to keep your personal data confidential and secure, and must only use your personal data as instructed by us;
  • Our selected commercial partners and sponsors where you have chosen to participate in surveys, opinion groups or other marketing-related initiatives relating to your use of our services;
  • A prospective seller or buyer in the event of a sale or purchase of c2bk so that the buyer can continue to provide you with information and services;

We may also disclose your personal data where required to respond to authorised requests from government authorities or where required by law. Where we are required by law, we may also disclose your personal data where it is necessary to enforce or apply this Privacy Policy or other agreements, to investigate or protect the rights, property or safety of c2bk or our services and our volunteers, users of this Website, supporters of our charity, business partners or to prevent or take action regarding illegal activities or fraud, situations involving potential threats to the safety of any person or as evidence in litigation.

PAYMENT

If you choose a direct payment gateway to complete a purchase or pay an invoice, Stripe stores your credit or debit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is processed, including stored, only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

SECURITY

We will take all reasonable steps (including an SSL Certificate, Firewall and any other appropriate technical and organisational measures) to ensure your personal data is processed securely to protect the confidentiality, integrity and availability of your personal data and in accordance with this Privacy Policy.

The nature of the internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the internet and any transmission is at your own risk.

If you provide us with your credit or debit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

COOKIES

This site uses only anonymous cookies, meaning that our cookies are not collecting any information which would enable you to be to identified personally.

Cookies are small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better.

However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.

These are the cookies we use:

(i) Category: Necessary (1)
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
COOKIE NAME PROVIDER TYPE EXPIRY local_storage_support_test twitter.com HTML Persistent First found URL: https://www.c2bk.co.uk/sponsorship/ Cookie purpose description: The cookie is used in context with the local-storage function in the browser. This function allows the web site to load faster by pre-loading certain procedures. Initiator: Script tag, page source line number 219 Source: https://platform.twitter.com/widgets.js Data is sent to: United States (adequate)

(ii) Category: Preferences (1)
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
The following cookies are third party cookies:

lang
Remembers the user’s selected language version of a website

To review the use of third-party cookies or to opt-out, please refer to the third party website.

(iii) Category: Statistics (5)
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

The following cookies are first-party cookies from c2bk.co.uk:
Cookie Retention Description

_ga 2 years
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

_gat
1 day Used by Google Analytics to throttle request rate

_gid 1 day
Registers a unique ID that is used to generate statistical data on how the visitor uses the website.

The following cookies are third party cookies. For example Google Analytics and Vimeo:

collect
pixel Session Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.

vuid 2 years
Collects data on the user’s visits to the website, such as which pages have been read.

To review the use of third-party cookies or to opt-out, please refer to the third party website.

(iv) Category: Marketing (3)
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

The following cookies are third party cookies. For example, www.twitter.com:

__widgetsettings Persistent
Unclassified

i/jot Pixel Session
Unclassified

i/jot/syndication Pixel Session
Unclassified

To review the use of third-party cookies or to opt-out, please refer to the third party website.

Revoke cookies

QUESTIONS AND CONTACT INFORMATION

If you have any questions about the processing of your personal data via our Website or if you would like to access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, please contact our Privacy Compliance Officer at dan@c2bk.co.uk. If you contact us, we will do our utmost best to address any concerns you may have about our processing of your personal data.