Members Data Protection
The Georgian Group is committed to protecting the privacy of your personal data. We will respect any personal data you share with us, keep it safe and not do anything with it that you would not reasonably expect.
1. Who we are
“The Georgian Group” refers to two entities.
- “The Georgian Group”. A registered charity under charity number 209934. The core activities of the Georgian Group include its casework as a statutory consultee as well as membership, education and fundraising activities.
- “Georgian Enterprises and Trading Limited”. A private registered company registered under number 06458515, whose principal activity is the provision of location hires agency services.
We refer to these two entities collectively as “The Georgian Group” throughout this policy, and references to “we” and “us” refer to these entities collectively. Both entities may be data controllers of your personal data due to any overlap that may require personal data may be shared internally to facilitate, support and integrate their respective activities.
The Georgian Group’s address is 6 Fitzroy Square, London, W1T 5DX.
2. How do we collect and use personal data?
2.1 What personal data do we hold?
Some examples of the type of information we may collect and hold about you are as follows:
- your full name and your title;
- birth date or alternatively a relevant age range;
- postal address;
- telephone number(s);
- email address;
- records of your correspondence with us;
- bank or credit card details (if you purchase something from us or donate to us);
- donation and gift aid details (if you donate to us);
- information you enter into our websites and digital products and details of how you use those websites and digital products;
- dietary, accessibility, and mobility information;
- CCTV footage of those visiting our premises at 6 Fitzroy Square
- Photographs and digital images of individuals
- Data about you that will enable us to be more precise in what we send you or how we approach you
We do not collect sensitive personal data. We will only process sensitive personal data also known as special categories of data (e.g. in relation to your health), with your explicit consent, for reasons of substantial public interests or where necessary for the establishment, exercise or defence of legal claims.
2.2. How will we use your personal data?
- To administer all aspects of our membership programme.
- To provide you with the information, product or service you have requested from us.
- To provide you with other information which we feel may interest you. This may include newsletters, information in relation to events we think you may be interested in attending, fundraising campaigns, and details of relevant volunteering opportunities.
- To keep in contact with you in the ways that you have requested or agreed to.
- To keep a record of our relationship with you.
- To notify you about changes to our services.
- To administer and process payments you make for products, services and charitable donations made to any of our entities.
- To verify your identity where required to use some of our services and benefits.
- To comply with applicable laws and regulations and requests from statutory agencies including for such purposes as health and safety; the detection and prevention of crime and safeguarding.
Charitable giving is very important to the Georgian Group’s ability to achieve its mission. We carry out a wide variety of activities, ranging from appeals for small one-off donations to large fundraising initiatives. We want to ensure that we are contacting you with tailored and appropriate communications and to communicate with you from time to time to thank you for your support.
3. What lawful bases do we rely on to use your personal data?
The legal bases that we rely on for processing your personal data are either:
3.1. You have provided your consent to us using your personal data for a specific purpose
We will ask for your consent to use your personal data to send you specific types of communication and you always have the right to withdraw your consent at any time.
3.2. It is necessary in connection with the performance of a contract with you
Sometimes it is necessary to process your personal data so that we can enter into contractual relationships with you. For example, if you become a member of the Georgian Group we will require your personal data to enable us to perform our agreement.
3.3. It is necessary for compliance with a legal obligation to which we are subject
This would include where we have to retain certain records, for example, to ensure we comply with health and safety requirements or for tax reasons (such as those related to gift aid donations).
3.4. It is within our legitimate interests
Applicable law allows personal data to be collected and used if it is reasonably necessary for our legitimate interests and we will rely on this ground to process your personal data when it is not practical or appropriate to ask for your consent, and where we are confident that this will not impact your rights. We will rely on our legitimate interests for the proper administration of the Georgian Group, and to manage our operations – for example, maintaining appropriate records and databases.
4. How we collect personal data
We collect information about you when:
4.1. It is given to us directly by you
You may give us your personal data for a number of reasons. This includes in order to receive information from us about our activities, for the administering and renewing of your membership, to participate in volunteering activities with us, when you donate to us, or when you engage with us on our website.
4.2. When a third party provides us with your personal data
This may include individuals who may purchase a membership as a gift on your behalf.
4.3. When it is available publicly
We may combine personal data you provide to us with personal data available from external publicly available sources such as company websites, published articles and social media sites. We use this personal data to improve our communications.
4.4. When you use our website
We may collect personal data about you when you use our website. Whenever you input personal data into our website (for example, if you become a member or renew a membership online or book an event), we will collect the personal data that you give to us.
We use “cookies” to identify you when you visit our websites and digital products. Amongst other things this helps us to understand our website users and may enable us to improve the website experience for you and/or other users. We may collect other personal data from your use of the website, such as your IP address and access times.
5. Communications and marketing
We may contact you by post, telephone or email where you have provided consent, or where we have a legitimate interest. We provide the opportunity for you to opt-out from receiving our marketing communications at any point by contacting email@example.com
6. Data sharing
We do not sell your information under any circumstances, nor share your personal data with third parties for marketing purposes.
Whilst we may allow our staff, consultants and/or external service providers acting on our behalf to access and use your personal data for the activities we have described in this policy (e.g. to provide services or products to you or to deliver mailings), we only permit them to use it to deliver the relevant information, goods or services, and only if they apply an appropriate level of security protection.
We may need to disclose your personal data upon request to regulatory and government bodies as well as law enforcement agencies. Unfortunately, the transmission of personal data via the internet is not completely secure and any transmission through our website or via email is at your own risk.
7. Data safety and access
We are committed to ensuring that there are appropriate technical controls in place to protect your personal data including protection from misuse and unauthorised access. For example our network is protected and routinely tested.
Your information is only accessible by staff, volunteers and contractors who are bound by appropriate policies and procedures to protect your information.
8. Your rights
In certain circumstances you have a right to require us to stop processing your personal data in a particular way including rights to:
- Erasure of your data;
- Access to your data record in a portable format; and
- Rectification your data record.
For more information, we suggest that you consult guidance from the Information Commissioner’s Office (ICO): https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
If you are unhappy with the way in which we have handled your personal data please contact us at firstname.lastname@example.org.
You are also entitled to make a complaint to the Information Commissioner’s Office. For further information see: https://ico.org.uk/for-the-public/personal-information.
10. Data retention
We keep personal data for as long as there is a need to keep it in connection with the purposes for which it was collected. We may keep your personal data after a particular matter or exchange has concluded but purely for record keeping purposes and to be able to respond to queries. In some cases, we are also obliged to retain your personal data to comply with legal or statutory obligations (for example, to keep records of contractual or financial matters).
Whilst the specific time periods vary depending on the circumstances, in general we will not keep records that include personal data for more than 8 years after a particular matter or exchange has concluded. In the event that you ask us to stop sending you marketing communications, we may retain certain details, such as your name and email address, but only to ensure that you are not contacted again.