"The only Professional Fundraising Organisation

to include dedicated donor monitoring as part of what we do"

SponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsorSponsor

|

StC Payroll Giving Ltd – Privacy Policy

Introduction

The purpose of this policy is to demonstrate our commitment to robust data protection processes and to show that we follow the 8 Principles of the Data Protection Act 1998 (the Act).

StC Payroll giving Ltd (“we”) promises to respect any personal data you share with us, or that we get from other organisations and keep it safe.  We aim to be clear when we collect your data and not do anything you wouldn’t reasonably expect. 

Definition of Data Protection Terms

Data is information which is stored electronically, on a computer, or in certain paper-based filing systems.

Data subjects, for the purpose of this policy, include all living individuals about whom we hold personal data. A data subject need not be a UK national or resident. All data subjects have legal rights in relation to their personal information.

Personal data means data relating to a living individual who can be identified from that data (or from that data and other information in our possession). Personal data can be factual (for example, a name, address or date of birth) or it can be an opinion about that person, their actions and behaviour.

Data controllers are the people who or organisations which determine the purposes for which, and the manner in which, any personal data is processed. They are responsible for establishing practices and policies in line with the Act. We are the data controller of all personal data used in our business for our own commercial purposes.

Data users are those of our employees whose work involves processing personal data. Data users must protect the data they handle in accordance with this data protection policy and any applicable data security procedures at all times.

Data processors include any person or organisation that is not a data user that processes personal data on our behalf and on our instructions. Employees of data controllers are excluded from this definition but it could include suppliers which handle personal data on our behalf.

Processing is any activity that involves use of the data. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring personal data to third parties.

Data Protection Principles

Anyone processing personal data must comply with the eight enforceable principles of good practice. We ensure that personal data is:
(a) Processed fairly and lawfully.
(b) Processed for limited purposes and in an appropriate way.
(c) Adequate, relevant and not excessive for the purpose.
(d) Accurate.
(e) Not kept longer than necessary for the purpose.
(f) Processed in line with data subjects' rights.
(g) Secure.
(h) Not transferred to people or organisations situated in countries without adequate protection.

How We Collect Information from You

We collect information in the following ways:

  • Like most websites, we use “cookies” to help us make our site – and the way you use it – better. Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text fields. There are more details in our Cookie Policy.
  • In addition, the type of device you’re using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, what your device settings are, and why a crash has happened. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.

 

StC Payroll Giving Ltd – Information for Payroll Giving Donors

In 2017, we moved to be an ‘opt-in only’ communication policy for payroll giving donors. This means that we will only send share information with the chosen charity/ies of those donors that have explicitly stated that they are happy for us to do so via their preferred channel(s) (email, SMS, phone or post).

We will also share your information with HMRC registered Charity Agencies and your employers, but only in so far as the needs to process your donations dictates.

We also share personal data we hold with our data processing company Bell Donor Management Ltd (BDM). We have a written agreement in place with this supplier which obliges them to meet rigorous international standards of data privacy. BDM have been accredited ISO 27001:2013 by an independent auditor.

StC is a data controller and processor and the data protection officer is:

Helen Von Trotsenburg - hvont@stcpayrollgiving.co.uk

 

How We Collect Information from You

We collect information in the following ways:

  • You may give us your information directly in order to sign up for payroll giving, either by completing our paper forms or by signing up online.
  • You may give us your information indirectly. Your information may be shared with us by independent third parties, for example, your employer.  These independent third parties will only do so with your consent. You should check their Privacy Policy when you provide your information to understand fully how they will process your data.

What Personal Data We Collect and How We Use It

We will usually collect:

Your name

Your contact details

Your date of birth

Your employers name and address

Your NI or payroll number

Your charity choice

Your donation amount

Your frequency of donation

We will mainly use your data to:

Administer your donation

Keep a record of your relationship with us

Ensure we know how you prefer to be contacted

Our paper and online forms have clear marketing preference questions. If you don’t want to hear from your chosen charity/ies, let us know when you provide your data or contact us on 01227 361960 or queries@stcpayrollgiving.co.uk.

We do not sell or share personal details to third parties for the purposes of marketing. 

How We Keep Your Data Safe and Who Has Access

We ensure that there are appropriate technical controls in place to protect your personal details.  For example, our online forms are always encrypted and our network is protected and routinely monitored. 

We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff. Data users are obliged to comply with this policy when processing personal data on our behalf. Any breach of this policy may result in disciplinary action.

None of our suppliers currently run their operations outside the European Economic Area (EEA).  However, if a situation should arise where we are obligated to use a supplier that transfers personal data to a country outside the EEA:

We ensure that one of the following conditions applies:

(a) The country to which the personal data are transferred ensures an adequate level of protection for the data subjects' rights and freedoms.

(b) The data subject has given his consent.

(c) The transfer is necessary for one of the reasons set out in the Act, including the performance of a contract between us and the data subject, or to protect the vital interests of the data subject.

(d) The transfer is legally required on important public interest grounds or for the establishment, exercise or defence of legal claims.

(e) The transfer is authorised by the relevant data protection authority where we have adduced adequate safeguards with respect to the protection of the data subjects' privacy, their fundamental rights and freedoms, and the exercise of their rights.

We will only ever share your data if we have your explicit and informed consent.

Keeping Your Information Up to Date

Where possible we use publicly available sources to keep your records up to date; for example, the Post Office’s National Change of Address database and information provided to us by other organisations as described above.

We really appreciate it if you let us know if your contact details change.

Your Right to Know What We Know About You, Make Changes or Ask Us to Stop Using Your Data

You have a right to ask us to stop processing your personal data, and if it’s not necessary for the purpose you provided it to us for (e.g. processing your donation) we will do so.  Contact us 01227 361960 or queries@stcpayrollgiving.co.uk

You have a right to ask for a copy of the information we hold about you. This would be provided without charge. If there are any discrepancies in the information we provide, please let us know and we will correct them.

If you want to access your information, send a description of the information you want to see and proof of your identity by post to:

 StC Payroll Giving Ltd, Unit 97C+D, Harvey Drive, John Wilson Estate, Whitstable, Kent, CT5 3QZ.

We do not accept these requests by email so we can ensure that we only provide personal data to the right person.

If you have any questions please send these to queries@stcpayrollgiving.co.uk, and for further information see the Information Commissioner’s guidance here https://ico.org.uk/for-the-public/personal-information/.

Changes to this Policy

We may change this Privacy Policy from time to time.  If we make any significant changes in the way we treat your personal information we will make this clear on the StC payroll Giving Website or by contacting you directly.

 

 

© Stc Payroll Giving Ltd. 2017 All Rights Reserved

This site uses cookies only with Google Analytics to monitor site traffic and provide links to common social media.

Twitter
Facebook