PRIVACY & DATA PROTECTION POLICY

Who we are

For over 400 years, ScotsCare has been in London giving a helping hand to Scots and the children of Scots; and is the longest established charity for Scots outside of Scotland. ScotsCare (also known as The Royal Scottish Corporation) is registered as a charity in England and Wales (registered charity number 207326).

How we use your information

This policy covers how ScotsCare will use personal information that is collected when you apply for one of our services, volunteer or support us in other ways, or donate to ScotsCare. We are committed to protecting and respecting your privacy and letting you know how we use your personal information.

What personal information do we collect?

Personal information is information that can be used to identify you. It can include your name, date of birth, email address, postal address, telephone number, mobile telephone number, fax number, bank account details, credit/debit card details and whether you are a UK tax payer so that we can claim Gift Aid (please rest assured we do not collect information about your actual tax payments, just whether you are a tax payer). We collect personal information about you when you ask about our activities, make a donation to us, register for an event, benefit from our services, or otherwise give us personal information.

We only collect “sensitive personal information” about you if there is a clear reason for doing so, such as tenancy in one of our sheltered housing sites, provision of one or more of our services, or participation in an event where we need this information to ensure we provide appropriate facilities for you. We may collect health information (for example, if you agree to be a case study for us); however, we will make it clear to you when collecting this information what we are collecting and why.

Payment information

Online donations are processed securely through Online Express (Blackbaud) and you can find their Privacy Policy here: https://www.blackbaud.co.uk/privacy-policy

Why do we collect and how do we use your information?

We may collect your personal information for a number of reasons, such as:

• to provide you with the services, products or information you have applied for;
• to process any donation(s) we may receive from you;
• to provide you with information about our work or our activities, that you have asked to receive;
• to send you the items we have provided for you;
• to invite you to participate in surveys or research;
• for administration purposes e.g. we may contact you about a donation you have made or event you have
  expressed an interest in or registered for;
• for internal record keeping, such as the management of feedback or complaints;
• to analyse and improve the services we offer;
• the use of IP addresses to record website traffic;
• where it is required or authorised by law.

We may contact you for marketing purposes by mail, e-mail, telephone, mobile telephone, text or social messaging; in all cases, this will require getting your permission. We may also send you service communications via e-mail, text or social posting, for example where you make an online application for services on our website.

The type of communications and information you receive about our charity and the ways in which you can get involved are your choice. You can change your mind at any time by contacting us at Comms Officer, ScotsCare, 22 City Road, London EC1Y 2AJ or on 020 7240 3718 or via e-mail: info@scotscare.com.

We will never use your information for marketing purposes without your explicit permission.

However, if you no longer wish us to contact you, we will retain your details on an inactive list to help ensure
we do not continue to do so.

Information sharing and disclosure

We will not sell or swap your information with any third party.

We may share your information with our data processors. These are trusted partner organisations that work with us in connection with our charitable purposes; and other entities that send out printed material on our behalf (such as newsletters), fundraise for us, sell products to us for us to provide to our clients, are contractors who work on our sheltered housing sites, or provide us with information and marketing (subject to your communication preferences and our internal policies and procedures). All our trusted partners are required to comply with data protection laws and our high standards and are only allowed to process your information in compliance with our instructions. We will always make sure appropriate contracts and controls are in place.

We may disclose your personal information to third parties if we are required to do so through a legal obligation (for example to the police or a government body); to enable us to enforce or apply our terms and conditions or rights under an agreement; or to protect us, for example, in the case of suspected fraud or defamation.

We do not share your information for any other purposes.

The accuracy of your information

We aim to ensure that all information we hold about you is accurate and, where necessary, kept up to date. If any of the information we hold about you is inaccurate and either you advise us or we become otherwise aware, we will ensure it is amended and updated as soon as possible.

You can contact us at Comms Officer, ScotsCare, 22 City Road, London EC1Y 2AJ or on 020 7240 3718 or
via e-mail: info@scotscare.com.

Storing your information

All of the information we store and process stays within the UK.

Our outsourced IT support company (OneStop) has a robust and detailed Cyber Security Statement, covering everything from firewalls and internet gateways, through protection from malware to physical security of servers and backup appliances, based on government guidelines and the Cyber Essentials Scheme. A copy of this will be made available on request.

We will keep your information for as long as required to enable us to operate our services but we will not keep your information for any longer than is necessary. We will take into consideration our legal obligations and tax and accounting rules when determining how long we should retain your information. When we no longer need to retain your information we will ensure it is securely disposed of, at the appropriate time.

Our website

For all areas of our website which collect personal information, we use a secure server (see para 8 above on ‘Storing your information’). Although we cannot 100 per cent guarantee the security of any information you transmit to us, we enforce strict procedures and security features to protect your information and prevent unauthorised access.

Our website contains links to other websites belonging to third parties and we sometimes choose to participate in social networking sites including but not limited to You Tube and Facebook. We may also include content from sites such as these on our website however, we advise that we do not have any control over the privacy practices of these other sites. You should make sure when you leave our site that you have read and understood that site’s privacy policy in addition to our own.

Website analytics

ScotsCare uses Google Analytics to monitor usage of our website. Google Analytics captures locations using IP addresses, but does not make the addresses available to us, which means we cannot identify visitors to our site. We use analytics to let us know the numbers of new and repeat visitors to our website so we can assess how we are doing in spreading the word about our services to potential new clients and supporters.

Changes to the policy

We may revise this privacy policy at any time in response to changes in the law or other factors. We encourage you to periodically visit this page to review the most current policy.

Links within our website and social media to other websites are not covered by this privacy policy.

Your rights

You have the right to:

• Ask us not to process your personal data
• See information we hold about you
• Ask for inaccurate personal data to be corrected
• Ask us to erase all data we have about you (the right to be forgotten)

If you wish to obtain a copy of the information we hold about you, or would like to make a complaint, please contact our team at:

Private Information Request
ScotsCare
22 City Road
London
EC1Y 2AJ

Tel: 020 7240 3718

Email: info@scotscare.com

When we are satisfied with your proof of identity, we will send you a copy of your personal information which we are legally required to disclose.

Privacy queries

If you have any questions or queries about this Privacy and Data Protection Policy, please contact our Chief Executive using the above address and contact details.