Improving the lives of young people and supporting families affected by child bereavement

DONATE

Privacy Policy

Donate

1. Introduction

The Amy Robinson Foundation is committed to protecting the privacy and personal data of individuals in accordance with the General Data Protection Regulation (GDPR). This policy outlines our approach to data protection, including how we collect, use, store, and disclose personal data.

2. Definition of GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that governs the processing of personal data of individuals within the European Union (EU) and the European Economic Area (EEA). It aims to give individuals control over their personal data and harmonise data protection regulations across EU member states.

3. Lawful Processing of data

The Amy Robinson Foundation processes personal data lawfully, fairly, and transparently. We collect personal data only for specified, explicit, and legitimate purposes. We do not process data in a manner that is incompatible with those purposes.

4. How we collect your personal data

The Amy Robinson Foundation collects personal information in the following ways:

  • When you give it to us directly: e.g., when you donate, fundraise or apply for a grant  
  • When you give permission to other parties to share it with us: for example, we may receive your information from other organisations, such as fundraising sites like JustGiving. These independent third parties will only do so when you have given them permission to share your information with us.

5. What personal data we collect – grant applications

The Amy Robinson Foundation will ask you to provide personal information to determine whether you (or the applicant you are completing the form for) is eligible to be considered for a bereavement support grant. Information is provided on a standard application form that we request from all applicants. We may also request additional information (by email or telephone) which can be provided in written format or verbally. We may keep a record of any conversations relating to grants that are awarded. 

We process this personal information on the lawful basis of your legitimate interests so that the Amy Robinson Foundation can consider whether a grant for bereavement support will be awarded. We expressly ask applicants/parents to provide their consent to the processing of personal information by confirming within the application form that they have read and agree to the privacy policy. 

Through asking grant applicants how a bereavement support grant will benefit them, we may collect special category data concerning an applicant’s physical or mental health. The schedule 1 condition identified for processing this special category data is 31) not-for-profit bodies. We will be processing the data as part of the charity’s legitimate activities set out in our governing document. 

6. How we use your personal data

The Amy Robinson Foundation may use the information you provide to:

  • Consider whether a grant for bereavement support should be awarded
  • Fulfil your requests and to give you the information or support you ask for
  • Comply with our administrative duties, financial regulations and legal obligations 
  • Process donations/sponsorship, invoices and other financial payments including sending thank you letters and receipts
  • Make claims for Gift Aid on your donations with HM Revenue and Customs 
  • Manage our fundraising events

7. Who we share your information with

We will never sell any of your personal information to any organisation for any reason. Who we may share your information with depends on your relationship with us and why you are providing this information. We may share your information with:

  • HM Revenue and Customs, to enable us to make Gift Aid claims on donations 
  • Banks and payment providers – to authorise and complete payment transactions 
  • Therapy providers you have appointed if you receive a grant from us 
  • Providers of file hosting services/cloud storage which we may use for the purposes of sharing data with Our Trustees who have a legal responsibility to the organisation and volunteers who provide administrative support to us 
  • Our financial and legal advisers in the event we need to obtain advice and protect or defend our legal rights 
  • Law enforcement bodies to comply with any legal obligation, if we believe we need to disclose your information for such purposes. 

    We will only ever share your data in other circumstances if we have your explicit and informed consent.

    8. How long we keep your personal information

    We keep records for as long as required to provide you with the services you ask for, to administer your relationship with us and to operate our services in accordance with legal, tax and accounting requirements. Where your information is no longer required, we will ensure it is disposed of in a secure manner.

    If you apply for a grant or support us financially (via donations or fundraising) we will hold your data for up to 6 years after your last transaction or donation to comply with our statutory obligations. If there is evidence that you continue to actively engage with us, we will continue to hold your data if we have your consent. If you choose to be considered as a supplier with us, we will hold your data for up to 6 years after your last transaction to comply with our statutory obligations.

    Personal data that has become inaccurate or out of date will be disposed of securely. For example, we will shred paper-based records and over-write or delete electronic files.

    9. How we protect your information

    We place significant importance on keeping your information secure, accurate and up to date. We have security measures in place to attempt to protect against the loss, misuse, and alteration of personal data under our control. Whilst we cannot ensure or guarantee that loss, misuse, or alteration of data will not occur while it is under our control, we use our best efforts to try to prevent this.

    10. Individual Rights

    Under GDPR, individuals have certain rights regarding their personal data, including:

    • Right to be informed: Individuals have the right to be informed about the collection and use of their personal data. 
    • Right of access: Individuals have the right to access their personal data and information about how it is being processed. 
    • Right to rectification: Individuals have the right to have inaccurate or incomplete personal data rectified. 
    • Right to erasure: Individuals have the right to have their personal data erased in certain circumstances, also known as the “right to be forgotten.” 
    • Right to restrict processing: Individuals have the right to restrict the processing of their personal data in certain situations. 
    • Right to data portability: Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format. 
    • Right to object: Individuals have the right to object to the processing of their personal data in certain circumstances, such as direct marketing. 
    • Rights related to automated decision-making and profiling: Individuals have the right not to be subject to decisions based solely on automated processing.

    11. Personal data breaches

    The Amy Robinson Foundation will make all reasonable endeavours to ensure that there are no personal data breaches.  When appropriate, we will report the data breach to the ICO within 72 hours after becoming aware of it.

    12. Anonymous information 

    We may anonymise the personal information that you give us for statistical purposes about the grants that have been awarded. For example, to collate the data and provide statistics regarding the magnitude of grants made to certain age groups of applicants and/or the type of therapy providers used. 

    13. Conclusion

    The Amy Robinson Foundation is committed to ensuring the privacy and security of personal data in compliance with the GDPR. We regularly review and update our data protection practices to ensure continued compliance with applicable data protection laws and regulations. If you have any questions or concerns about our GDPR compliance or the processing of your personal data, please contact us at [email protected]

    You also have the right to contact the Information Commissioner’s Office (ICO) if you have any concerns about Data Protection. Details are at www.ico.org.uk.

    14. Version Control – Approval and Review 

    Version No 

    Approved By 

    Approval Date 

    Main Changes 

    Review Period 

    1.0 

    All Trustees 

    October 2024 

    Initial draft approved 

    Annually 

     

     

     

     

     

     

     

     

     

     

    This policy will be reviewed as part of any data protection investigation, to test that it has been complied with and to see if any improvements might realistically be made to it.  

    About the charity

    Therapy grants

    How you can help

    Reach out to us

    stay up to date

    Follow us on Facebook to stay up to date with the latest news

    our facebook page