Privacy Policy

Child-Friendly Privacy Policy

Introduction

At Tearfund we are committed to keeping your data safe, and your privacy and peace of mind are important to us.

We only collect data from people for specific purposes, and once that purpose has finished, we won’t hold on to the data. We also won’t let anyone else access your data unless you’ve specifically asked us to.

This document tells you how, when and why we collect data from people, and what we use it for. We also have website Terms and Conditions, which you should read as well.

We’d love to hear from you if you have any feedback or questions on any of this. Just call us on 020 3906 3906 or email info@tearfund.org

Who we are

Tearfund is a Christian relief and development charity called to follow Jesus where the need is greatest. We are a charity registered in England and Wales (number 265464) and Scotland (SCO 37624). Our company number is 994339 and our registered office is 100 Church Road, Teddington, TW11 8QE.

For the purposes of this policy, ‘us’, ‘we’ and ‘our’ refer to Tearfund. References to Tearfund include Tearfund Trading Limited, our trading company.

When and how we collect information

Directly with us

Firstly, and most obviously, when you give us your personal information, we save it and use it to communicate with you. Personal information means things like your name and contact details.

You give us this information when you make a donation, request materials or information, sign up for an event, provide comments or complete surveys.

When you visit our website

We collect non-personal data about people who visit our website. That’s things like IP addresses (which tell us, for example, the places where people are logging on), which pages people visit and which files they download. This helps us find out if our website is working well and helps us improve it. This information is collected using cookies – see the section on cookies below.

Information you put online

Sometimes we gather information that people make available on places like Twitter, Facebook or LinkedIn. You can check these organisations’ privacy policies to make sure you’re happy with how they handle your data.

Indirectly from third parties

If you give them your consent, we collect information from third parties such as event organisers (for example, a marathon organiser) or sites like Just Giving when you fundraise for Tearfund. You can check their privacy policies to see how they handle your data.

Publicly available data

Sometimes we also collect publicly available information from Companies House, the Charity Commission and from articles, newspapers or blogs.

Sensitive data

If you give us sensitive information about yourself, for example about your religious beliefs, or your physical or mental health, please be aware that we may keep this information unless you tell us not to. We will only keep this information where it is relevant to your interaction with us and we promise to keep it secure.

Our basis for processing

If you engaged with us for the first time on or after 28 September 2017

We will only use your data in the ways you’ve asked us to.

You can change your preferences at any time – see the section ‘Your choices and telling us when things change’ below.

If you were an existing supporter by 28 September 2017

We will still only email you if you have given consent. But we may also contact you by post or telephone if we have a legitimate reason to.

For example, if you make a donation we may send you information about how your donation is helping, or about other work we want to do. But we won’t contact you in this way if you’ve asked us not to. And you can change your preferences any time by contacting us by phone, post or email. See the section ‘Your choices and telling us when things change’ below.

Partnerships and major donors

If you show us you might be in a position to partner our work in a greater capacity, we will collect further information based on our legitimate interest. There are more details in the next section, ‘What do we do with it?’ This helps us recommend initial discussions with a relationship manager to supporters that might value it and ensure we use our supporters’ money in the most effective ways.

What do we do with it?

Processing requests and donations

We may use your personal data to:

  • keep you up-to-date on news and stories about our work
  • ask for financial support and non-financial support such as volunteering or prayer
  • process donations you give us, or support your fundraising for us, including Gift Aid
  • provide information or packs, for example church packs you’ve asked for
  • provide a personalised service, such as customised website content or personalised emails
  • improve your browsing experience and use of the website
  • keep records of your relationship with us, for example questions you’ve asked or complaints you’ve made

Personalised marketing

We might use your data to:

  • let you know about campaigning opportunities, such as writing to your MP
  • send you fundraising and emergency appeals
  • tell you about our work, and opportunities such as volunteering, praying and community fundraising
  • deliver digital advertising about our work to you on social media websites such as Google and Facebook. We may also reach out to people who have similar interests to you. For example, we might use Facebook’s Custom Audience Programme. In this case, if you have agreed to receive email marketing communications from us, we send Facebook your email address. Facebook then delivers our advertising to you and to others with similar interests to yours. If you don’t have a Facebook account, Facebook just deletes the information. There are more details on Custom Audiences at Facebook Business, and you can read Facebook’s Privacy policy here.
  • help guide our marketing. For example, we will look at location and interests so we can invite you to a local event or tell you about an emerging need in an area you’re interested in.
  • engage with your church (if you have given us information about it), for example by providing speakers or offering church packs
  • understand whether you might want and be able to support us with a larger gift. This may involve looking at personal information about you, through in house desk research or by using third parties.
  • approach you in your professional capacity, for example as a Trustee or church leader, to talk about supporting our work
  • carry out market research

Partnerships and major donors

If you make a major gift to our work, we’ll offer you a relationship manager. They will discuss and agree with you how you want us to contact you. We will do this at the earliest convenient opportunity. If you don’t want to have a partnership relationship with us, we will destroy any additional, publicly sourced, personal data about you which we have collected for this purpose.

Applying for a job or volunteering with us

When you apply for a job, you send us personal information through your CV or by completing an application form. We will store and use this to:

  • recruit for the role
  • make it easy for you to submit your CV online for jobs, and to subscribe for job alerts
  • answer your questions
  • do reference checks, qualifications checks, criminal referencing, service checks and verify your information. We’ll also use it for health screening and psychometric evaluation or skills tests. This is all done using third parties.
  • automatically stop online applications if you don’t meet the basic requirements. For example, if you tell us you don’t have the right to work in the UK, and the job is based in the UK, the system won’t allow you to submit an application. You have the right to: (1) ask for an explanation of the decision that was automatically reached; (2) contest the automated decision; and (3) ask for your application to be reviewed by a Tearfund staff member and not be subject to automated decision making. To exercise any of these rights please email recruitment@tearfund.org.
  • check we’re following our equal opportunities policy

If you are volunteering or travelling on a trip with us, you may need to send us personal or sensitive personal data – things like information about your dietary requirements, mobility requirements or your health. We’ll keep and use this information to:

  • make the volunteering opportunity possible. This includes sharing sensitive data, such as medical information, with our partner(s) for your safety.
  • provide information, including fundraising materials, in accordance with the ‘What do we do with it?’ section, or equivalent information for the volunteer role description
  • organise these events or other opportunities to serve
  • check the volunteering opportunity or trip is a good one
  • answer any questions or feedback you may have
  • check we’re following our equal opportunities policy

How and where we store your information

How long?

We keep your personal information only for as long as we need it for each activity. What we have to do by law, accounting and tax all come into play. We also have a separate data retention policy to guide us.

If you tell us you’re happy for us to send you marketing materials, we’ll keep contacting you for up to five years, unless you tell us not to. We decided on this length of time by asking our supporters what they thought.

If you have questions on any of this, or want to see the data retention policy, just get in touch:

Data Protection Officer
Tearfund
100 Church Road
Teddington
TW11 8QE

Or email: info@tearfund.org

Security

We do all we can to protect your personal data, and this includes having the right technology. For example, online forms are encrypted and our network is protected and regularly monitored.

The only people who can access personal data are those Tearfund staff members or volunteers who can’t do their jobs without it. These people are all trained in data protection.

Occasionally we also use external companies to help us with personal data tasks. We do checks on these companies, have them sign contracts, and keep checking them regularly. When we do use external companies, we are still the ones responsible for keeping your data safe.

But please remember, despite all of this, the internet is never 100 per cent secure. When you submit data there is always a risk.

Credit / debit card security

If you use your debit or credit card to donate, purchase something or pay for a trip, whether online, over the phone or by mail, we’ll process your information securely in accordance with the Payment Card Industry Data Security Standard (PCIDSS). You can find out more about the standard here.

We never store your debit or credit card details once your transaction is complete – they are all securely destroyed.

We do keep bank account details so we can collect direct debits in accordance with direct debit mandate rules. You can find out more here.

Where we store your personal information

We use cloud-based systems to process data – that means data may be processed outside of the European Economic Area (EEA). We only let this happen when we believe your data will be kept safe. We do everything we can to make sure your data is looked after as described in this policy.

By giving us your personal data you’re agreeing to us using the cloud-based systems to process it.

If you travel overseas with us, we may share personal information with partners in overseas locations. This may include sensitive personal data – things like medical information. When we do this we’ll let you know what we’re sharing and check you’re happy.

Where we share your information

We want you to know that we don’t share or swap your information with any other charities for them to send you marketing. That decision is informed by beliefs and our values and by how important your privacy is to us.

When we have to share information by law

We may need to pass on information if required by law or if a regulatory body, like HMRC, or the police ask us to.

Our service providers and third parties

Sometimes we use agents to help us with tasks such as fulfilling orders or processing donations. They are bound by contract to protect your data and we are still the ones responsible for keeping your data safe.

Sometimes we give external companies information about the people using our website, to help us make sure the website is working well and to find out how we can improve it. But this information is both anonymous and delivered in bulk. We’ll only use IP address information to identify someone if we feel they may cause safety/security issues, or if we have to give this information by law.

Cookies

What are cookies?

Every time you visit our website, it sends us a cookie. Warm, crumbly and delicious? Sadly not. This is a text file that tells us about your visit. The information is all anonymous, so we’re told about your computer, not you. And when the data comes to us it’s bulked together with information from all the other visitors to our site. Cookies tell us, for example, about traffic data, location data, device information, the date and time people visit and the pages they visit.

Most major websites use cookies. You can find out more at http://www.allaboutcookies.org/ or https://www.aboutcookies.org/.

How we use cookies on our website

To make the most of our website you should leave cookies turned on, otherwise you might not be able to see all of our lovely site.

Cookies help us:

  • customise what you see when you visit our site, and help us understand what would interest you
  • process any requests, applications or transactions
  • do our internal administration and analysis

Managing cookies

You can turn off cookies on most browsers. To find out how, use the help function.

Third party cookies

There are a few external companies that Tearfund works with who set cookies on our website. These cookies are mainly used for reporting and advertising so we can improve the way we communicate.

We use websites like Youtube and Vimeo to embed videos, and they may send you cookies too. We don’t control the setting of these cookies, so check those websites for more information.

Tearfund also uses companies like Facebook, HotJar and Google Analytics, which may use cookies. They may also use tracking pixels, which tell us how effective our adverts are.

You can opt out of Google's tracking cookies any time you want. Google uses cookies to match adverts with your preferences so they’re more relevant to you. If you don’t want to see adverts from us based on that information, you can use Google's Ad Personalisation Tool.

All information we get through Google's cookies is anonymous, it just helps us understand how people use our website and which pages are more popular. If you don’t want Google to include you in this information, you can install the Google Analytics Opt Out Tool.

You can also visit the Digital Advertising Alliance website to personalise your advertising preferences.

As some of these services may be based outside of the UK and the European Union, they might not fall under the jurisdiction of UK courts. If you’re worried about that, you can change your cookie settings (see above). Or for more information, visit https://ico.org.uk/

Children and vulnerable people

Aged 12 or under

If we are sent a child’s data, eg if they sign up for a Tearfund Action, or a community event such as Mean Bean Challenge, we’ll ask for their date of birth.

If they’re 12 or under, we’ll ask their parent or guardian to sign up on their behalf.

Supporters in vulnerable circumstances

We want to do all we can to support anyone we engage with who is in vulnerable circumstances. Our public-facing staff are all trained to identify signs of vulnerable circumstances and engage with the person in the right way. We have a separate vulnerable circumstances policy to guide us in this.

Information about the person will be recorded so we can respond appropriately in future, eg by no longer making fundraising requests or calls.

Your choices and telling us when things change

Preferences

If you want to change what we send you or how we contact you, just let us know – eg you can tell us you no longer want fundraising materials, or ask us to contact you by email rather than post.

Call us on: 020 3906 3906

Email us on: info@tearfund.org

Write to us at:
Supporter Care
Tearfund
100 Church Road
Teddington
TW11 8QE

Updating your details

It’s really helpful if you keep your details with us up-to-date. Just get in touch and let us know if things change, using the same details (above).

Sometimes we use a Post Office address search or postcode lists etc to check data you send us. This could be when, for example, we are unsure of what address you’ve written on a form.

We won’t use these sources to gather information you haven’t given us, for example if you’ve left a telephone number blank. Nor will we automatically update changes of address – we will normally only update your address when you tell us it’s changed. But if you are a regular giver, and items such as Tear Times are returned to us, we may use external sources to update your address details. This is so we can let you know how your money has been spent through our news and stories.

Your rights (for example, telling us to stop using your data)

At any time you can:

  • ask us to delete your personal data
  • limit how we keep and use your personal data
  • disagree with our reasons for keeping and using your personal data, eg where we have said we have a legitimate reason for processing it
  • disagree with automated decision making in online job applications and personalised marketing, where we build up a profile of you (see the section on ‘What do we do with it?’ above). If you don’t want us to use profiling we might not be able to send you the information you’d find most interesting or useful.
  • ask us to give you an electronic copy of the information we have about you so you can send it to another organisation (data portability)
  • ask to see what information we have about you. We’ll respond within one month.

If you do want to do any of the above, just get in touch and let us know.

Write to us at:
Data Protection Officer
Tearfund
100 Church Road
Teddington
TW11 8QE

Email us on: info@tearfund.org

Call us on: 020 3906 3906

For more information about your rights under the General Data Protection Regulation, visit the Information Commissioner’s Office website at https://ico.org.uk.

Changes to Tearfund's privacy and security policy

Changes to this policy

We last updated this policy in May 2018. We’ll amend this policy if there are any changes to how we do things or changes to data protection or other legislation. If we make any significant changes we’ll show you clearly on our website, in our publications or by writing to you.

Whenever you engage with us through our websites, social media, email or telephone, or send us your personal information in any other way, we’ll process your information as explained in this policy. When you provide your information, you’re agreeing to this policy. If you don’t agree, please don’t give us your data.

Feedback

We’d love to hear from you with any feedback or questions.

Call us on: 020 3906 3906

Email us on: info@tearfund.org

Write to us at:
Data Protection Officer
Tearfund
100 Church Road
Teddington
TW11 8QE

Complaints

You can also contact us if you’re worried about anything in this policy or if you want to make a complaint.

Call us on: 020 3906 3906

Email us on: info@tearfund.org

Write to us at:
Data Protection Officer
Tearfund
100 Church Road
Teddington
TW11 8QE

You can also make a complaint about the use of your personal data with the Information Commissioners Office (ICO), the UK data protection regulator. You can do this by calling the ICO helpline or through the ICO website. For details, visit https://ico.org.uk/concerns/

Terms and conditions

Please read through our Terms and Conditions. If you do not agree with them, please do not use the website. If you do use the website, your conduct…

Continue Reading