1. Privacy Notice Policy
The charity together in dementia everyday (tide), also known as Life Story Network (CiC), promises to respect and protect the personal information (or data) you or your family have provided us with or that we get from other organisations and to keep it safe. We will manage this data effectively and securely so that we can deliver better services to and for you, including our fundraising activities.
We are Tide 151 Dale Street, Liverpool, L2 2AH. Registered Charity Number 1186976. We are the Data Controller for the purposes of data protection legislation.
· the Data Protection Act 1998, which will be read in conjunction with the General Data Protection Regulation effective from 25 May 2018; and
· the Privacy and Electronic Communications (EC Directive) Regulations 2003.
As members of our carers network, volunteers, contractors, current, prospective, ex-employees and users of our website and social media platforms, we ask you to confirm you have read and understood this Privacy Notice Statement, confirming your consent for tide to hold your personal data. We hold your information so that we can keep you informed and signpost you to events, activities and information that may help to develop you in your unpaid or paid caring role or in using your experience as a former carer to help others.
If you have any questions about our use of your personal information, or you wish to exercise one of your rights under data protection legislation, please contact us. A summary of your rights is detailed in this notice.
This policy details how we use information you provide to us, including when you join our network on our website https://www.tide.uk.net/ referred to in this notice as our website.
The website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
We do not store credit card details nor do we share financial details with any Third Parties.
2. Data Collection
2.1 Direct Information
We may collect and store information about you when you interact with us. For example, this could be when you:
· Join as a member of our online network;
· Register for or attend an event online, or in person;
· Participate in our Carer Development Programs;
· Support our Campaigns;
· Support our work through a Donation or Fundraise on our behalf;
· Share your Story with us;
· Phone or Email for Help and Advice;
· Direct Message us on our Social Media Channels;
· Sign up to Receive our Newsletter or any other Communications;
· Support our Work to Co-Produce Products, Services and Resources;
· Enquire about a Product for Professional Services;
· Give us Feedback
· Make a Complaint;
· Apply for a Job;
· Become a Member of tide Advisory Group (TAG);
· Enter into a Contract with Us;
· Support us with Funding, from a Grant, Trust or Sponsorship.
2.2 Indirect Information
When you interact with us on social media platforms such as Facebook, Twitter or LinkedIn we may also obtain some personal information about you. The information we receive will depend on the privacy preferences you have set on each platform and the privacy policies of each platform. To change your settings on these platforms, please refer to their privacy policies. We may obtain information about your visit to our website, for example the pages you visit and how you navigate the site, by using cookies. We use this information to help us improve the products and services we offer, and to ensure our website remains accessible to all.
2.3 Types of Information
This may also include details about the person that you care for or previously cared for or the organisation that you work for, which will help us to direct you to the services best suited to your needs. You may choose to provide additional information in the course of events, which will be treated confidentially.
2.3 Sensitive Information
Data Protection recognises that certain types of personal information are more sensitive. This is known as ‘sensitive’ or ‘special category’ personal information and covers information revealing racial or ethnic origin, religion or information concerning health or data concerning a person’s sex life or sexual orientation. Sensitive information will only be collected where necessary. Clear notices will be provided at the time we collect this information, stating what information is needed, and why.
With your explicit consent, we may also collect sensitive personal information if you choose to tell us about your experiences relating to your caring experience for use in a case study or as part of co-production work. If you are aged 16 or under, you must get your parent/guardian’s permission before you provide any personal information to us.
3. Data Processing
3.1 Legitimate Interests
We may process your personal data because it is necessary for our or a third party’s legitimate interests. This will always be weighed against your rights, interests and expectations. Our legitimate interests include the operation of tide in accordance with our charitable objects.
Examples of where we process personal data in accordance with our legitimate interests include:
· To correspond with you about our charitable services, including sharing details of courses, events or campaigns that you have requested from us;
· To process donations and payments, and to ask for further support by post, email or telephone if you have done so in the past;
· To share tailored information with you (unless it requires explicit consent);
· To inform you of development opportunities or opportunities to be directly involved in events or courses, or opportunities for you to feature in a newsletter and other tide resources, and to send you these newsletters and other similar updates;
· Processing technical information about your use of our website to ensure that content on our website is presented in the most effective manner;
· Processing enquiries and complaints;
· To carry out research and analysis, either in house or via a third party, of the services we provide so that we can improve these in future.
3.2 Tailored Communications
We may use analytical techniques to ensure communications are relevant and timely, and to provide an improved experience for our service users and supporters. Analysis also allows us to target our resources effectively, which attendees to our programs and donors consistently tell us is a key priority for them. We do this because it allows us to understand who, how and why people support us and helps us to make appropriate requests to our supporters.
We may analyse your donation history, geographic, demographic and other information relating to you in order to better understand your interests & preferences, and in order to contact you with the most relevant communications. In doing this, we may use additional information from third party sources when it is available. Such information is compiled using publicly available data, and will only be used in specific and limited circumstances.
3.3 Legal Obligations
We may also process your personal data for ensuring compliance with our legal obligations. In this respect, we may use your personal data to comply with subject access requests of others, tax legislation (including processing Gift Aid claims, if and as applicable), safeguarding requirements (for example those required by the Charity Commission), for the prevention and detection of crime, and in order to assist the police and other competent authorities with investigations (including criminal investigations).
3.4 Explicit Consent
We will normally seek consent when processing your medical information in other contexts, such as dietary requirements for in person events. At times, the processing of personal data concerning your health may be necessary to protect your vital interests (such as your immediate safety) and it may not be appropriate to seek your consent in such circumstances.
If you have given your consent and you wish to withdraw it, please contact us using the contact details mentioned in Section 8.3.
In some circumstances tide may seek your specific consent to process your personal data, including, but not limited to:
· We wish to use your name, likeness or an attributed quote in our newsletter, on our website or in marketing materials or as a case study to demonstrate the impact of our work;
· Sending marketing communications in relation to our courses, services, events, appeals and resources by, electronic mail, through our database management systems, by post, by SMS, in respect of which we operate an ‘opt-in’ communications policy;
· When working with charity, public sector or corporate partners where we have a relationship that we believe could help your personal circumstances.
3.5 Data Sharing – Personal Information
We will only use your information for the purposes for which it was obtained. We will not, under any circumstances, sell or share your personal information with any third party for their own purposes, and you will not receive marketing from any other companies, charities or other organisations as a result of giving your details to us.
· Our Trustees, staff, volunteers, associates, partners and contractors where there is a legitimate reason for their receiving the information;
· Our bank, to whom payment details are provided in order to process donations and payments;
· Our website operator, who may store details such as name and email address (for example in respect of our e-newsletter mailing list);
· Internal and external auditors;
· Our professional advisers and insurers where it is necessary for us to obtain their advice or assistance;
· Professionals who assist us in putting together, printing and delivering our newsletters or other content, and our IT support and data storage providers;
3.6 Data Sharing – Research and Analytics
Additional purposes of sharing data for research, co-production or with Third Party Suppliers include:
· When carrying out research and analysis in order to improve our services.
· We may need to share your information with data hosting providers or service providers who help us to deliver our services or fundraising activities. These providers will only act under our instruction and are subject to pre-contract scrutiny and contractual obligations containing strict data protection clauses.
· We will comply with requests where disclosure is required by law and may also share your information with the emergency services if we reasonably think there is a risk of serious harm or abuse to you or someone else.
4. Google Analytics
We use Google Analytics to collect information about how people use our website. We use this to make sure we are providing the best service we can to our web visitors. Using cookies, Google Analytics stores information about how you use the website, including which pages you visited and what things you click on. Although we collect this data we do not collect any information that can be used to identify you. This information is used by tide for analytical purposes only.
5. Data Retention
We may retain your personal data for as long as it is necessary to deliver our charitable services; and to protect our legal interests (for example, where required by relevant authorities or for a reasonable legal limitation period after we have ceased providing services); or as otherwise stated to you when your data is collected; or for such period as we reasonably consider appropriate in connection with our relationship with you and the organisation you represent or previously represented; or for record-keeping and archival purposes.
6. International Transfers
As a matter of course, we do not transfer your personal data outside the European Economic Area (EEA). We may, however, transfer your personal data around the world on an ad hoc basis, for example where this is necessary for interaction with you and you are located outside of the EEA. In such circumstances, we will consider whether any additional measures are required in order to give adequate protection for the information when it is transferred outside of the EEA.
7. Data Security
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instruction, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
8. Your Rights
Your rights in connection with personal information. Under certain circumstances, by law you have the right to:
· Request access to your personal information.
· Request correction of the personal information that we hold about you.
· Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
· Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
· Request the restriction of processing of your personal information.
· Request the transfer of your personal information to another party.
· If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, or request that we transfer a copy of your personal information to another party please contact us using details in Section 8.3.
8.1 Lawful Exceptions
You can find out more about your rights under data protection legislation at the Information Commissioner’ Office website.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
8.2 Response Time
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you have queries or requests, such as unsubscribing or changing your details, or have any questions/concerns about how we process your personal data or you wish to exercise any of the General Data Protection Regulation (GDPR) rights set our above, please contact
· By email: firstname.lastname@example.org
· By telephone: 0151 237 2669
· By post: tide, 151 Dale Street, Liverpool, L2 2AH