The Rainy Day Trust is committed to protecting and respecting your privacy. For the purposes of the General Data Protection Regulations (GDPR) and any subsequent UK legislation covering data protection the Data Controller is the Chief Executive Officer.
This Policy sets out why we collect personal information about individuals and how we use that information. It explains the legal basis for this and the rights you have over the way your information is used.
This Policy Rainy Day Trust and the Royal Metal Trades Benevolent Society in relation to the collection and use of the information you give us. We may change this Policy from time to time. If we make any significant changes we will advertise this on the website or contact you directly with the information. Please check this page occasionally to make sure you are happy with any changes.
If you have any questions about this Policy or concerning your personal information please contact the Data Protection Officer at firstname.lastname@example.org or by post to Federation House, 10 Vyse Street, Birmingham, B18 6LT.
What type of personal information we collect
The type and amount of information we collect depends on why you are providing it.
The information we collect when you make an enquiry includes your name, date of birth, email address, postal address and phone number as well as banking information if we need to make an electronic bank transfer to you for any reason.
If you are a supporter, for example making a donation, volunteering, registering to fundraise, signing up for an event in addition to asking for your name and contact details (your full address, email address [and your phone number]) we may also ask you for any marketing preferences.
If you gift aid any donation, we will hold your data so that we can comply with our HMRC obligations and to claim gift aid.
If you are a grant or job applicant the information you are asked to provide is as set out in the application and necessary for the purposes of our considering the application.
How we collect information
We may collect information from you whenever you contact us or have any involvement with us for example when you:
Where we collect information from
We collect information:
How we use your information
We will use your personal information in a number of ways which reflect the legal basis applying to processing of your data. These may include:
Our legal basis for processing your information
The use of your information for the purposes set out above is lawful because one or more of the following applies:
If you want to contact us about your marketing preferences please contact email@example.com or call on 07939 541289.
How we keep your information safe
We understand the importance of security of your personal information and take appropriate steps to safeguard it.
We will always use up to date cyber-security measures such as firewalls and anti-virus software. In addition, the transmission of personal data will be minimised at every step of our processing and all information is password protected and locked away when not in use. All cloud storage is EU based.
We always ensure only authorised persons have access to your information, which means only our staff, volunteers and contractors, and that everyone who has access is appropriately trained to manage your information.
No data transmission over the internet can however be guaranteed to be 100% secure. So while we strive to safeguard your information, we cannot guarantee the security of any information you provide online and you do this at your own risk.
Who has access to your information?
Owing to matters such as financial or technical considerations the information you provide to us may be transferred to countries outside the European Economic Area (EEA), which are not subject to the same data protection regulations as apply in the UK. We meet our obligations under GDPR by ensuring that the information has equivalent protection as if it were being held within the EEA. We do this by ensuring that any third parties processing your data outside the EEA either benefits from an adequacy determination for GDPR purposes and/or, where appropriate, we have entered into a Data Processing Agreement which contains model EU clauses.
We may also disclose your personal information if we are required to do so under any legal obligation and may use external data for the purposes of fraud prevention and credit risk reduction, or where doing so would not infringe your rights, but is necessary and in the public interest.
Other than this, we will not share your information with other organisations without your consent.
Keeping your information up to date
We really appreciate it if you let us know if your contact details change. You can do so by contacting us at firstname.lastname@example.org.
Our use of “cookies”
A cookie consists of information sent by a web server to a web browser and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may use both “session” cookies and “persistent” cookies on the website. We will use the session cookies to keep track of you whilst you navigate the website. We will use the persistent cookies to enable our website to recognise you when you visit.
Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
We use analytics to analyse the use of this website. The analytics generate statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website.
Most browsers allow you to refuse to accept cookies. (For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector). This will, however, have a negative impact upon the usability of many websites.
You can delete the cookies we store on your computer at any time.
We do not hold personal data on any children.
How long we keep your information for
We will hold your personal information for as long as it is necessary for the relevant activity. By way of example, we hold records of donations you make for at least six years so we can fulfil our statutory obligations for tax purposes.
Where we rely on your consent to contact you for direct marketing purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for [two] years. We may periodically ask you to renew your consent.
If you ask us to stop contacting you with marketing or fundraising materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.
You have the right to request details of the processing activities that we carry out with your personal information through making a Subject Access Request. Such requests have to be made in writing, [and are subject to a charge of £10 – On or AFTER 25 May 2018 no charge may be made under GDPR except in very limited circumstances which will be explained to you if relevant]. More details about how to make a request, and the procedure to be followed, can be found in our Data Protection Policy. To make a request contact us at email@example.com.
You also have the following rights:
All of these rights are subject to certain safeguards and limits or exemptions, further details of which can be found in our Data Protection Policy. To exercise any of these rights, you should contact the Chief Executive Officer at the above address.
If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here.
The data controller responsible for our website is Rainy Day Trust.
This Policy may be changed from time to time and will be reviewed at least annually. If we make any significant changes we will advertise this on our website or contact you directly with the information.
Do please check this Policy each time you consider giving your personal information to us.
This Policy was last updated in April 2018.
 The Fundraiser Regulator states that the period should be assessed having regard to how long the individual would consider it reasonable to be contacted before they are asked to renew consent. (See Fundraiser Regulator’s Personal Information and Fundraising: Consent, Purpose and Transparency 21 February 2017 www.fundraisingregulator.org.uk).
Enter your details below to sign up for our newsletter, keep up to date with the latest news, events and ongoings at Rainy Day Trust.