Privacy Policy

1. Introduction

This privacy policy explains what to expect when the Point Foundation collects and uses your personal information. We encourage you to read this carefully and if you’d like to learn more about our data protection and privacy policy or get further clarification, please contact our friendly team and we will be happy to assist.

We at the Point Foundation are committed to protecting your privacy and ensuring the personal information you have entrusted to us is processed in accordance with the EU Data Protection Regulations (GDPR), the Data Protection Act 1998 2018 and the Electronic Communications Regulations 2003. These laws clarify your privacy rights and give you control over the personal information that organisations hold about you.

This privacy policy governs our data collection, processing and usage practices. It also describes your choices regarding use, access and correction of your personal information. By using our websites or any other means of sharing your personal data with us you consent to the data practices described in this privacy policy. If you do not agree with the data practices described in this privacy policy, you should not use our websites.

2. Information We Collect

We collect your personal information in the following ways:

When you Give it to Us Directly

You may provide us with your personal information directly in the following ways:

  • In person, by email, phone or through the post
  • Contacting us through our websites
  • Through social media

When you Give it to Us Indirectly

Your information might be shared with us through independent third party interactions. These third parties will only provide us with your information if you have given your permission for it to be shared with us.

We routinely work with trusted partners and suppliers who work with us on our behalf, such as courier services who deliver goods you order on our behalf.

When you engage with our social media accounts we may also obtain your personal information, such as through Facebook, Twitter, or LinkedIn, depending on your settings or the privacy notices of these platforms and messaging services. You can change your settings by referring to their privacy notices for details on how to do this.

When you Visit Our Websites or Social Media

When you visit our websites, we gather general information about how you use them, as well as information about the type of device you are using to access them (e.g. phone, tablet or PC). This data helps us to create a better online experience for you, to make it easier to find what you’re looking for or fix things if they are difficult to use.

We use cookies which are text files that a web browser stores on your device to track, save and store information to understand how you interact with our websites and help improve how it works. Cookies may or may not expire when you close your browser. Further details are provided in our Cookie Policy.

When Your Information is Available Publicly

To help us to tailor the way we communicate with you about our activities and to make communications more relevant to you we may gather publicly available information about you. This area of activity is not something The Point Foundation typically does though we may do so in the future. This could be your interests or postcode based demographics, for instance so that we gain a better understanding of you and can help reduce unnecessary communications to you and be more cost-effective in our marketing. We may gather this information from social media platforms such as Facebook, LinkedIn or Twitter. This information is only accessible based on the permissions you give these services and you will be able to change those permissions at any time by reviewing your privacy settings on those platforms.

3. How We Use Your Personal Information

We collect relevant personal information depending on the interaction you have with us. Personal information is anything that can be used to identify you as an individual. It can include your name, email address, postal address, telephone numbers, and credit/debit card details.

The legal basis for processing your personal information is legitimate interest which means that we have respectfully considered the need to process your personal data and your rights as an individual when carrying out these data processes and we believe our contact with you is linked to legitimate business purposes, which may include some or all of the following:

  • to process and fulfil any services, orders or enquiries you place with us
  • to keep a record of your relationship with us and for administrative purposes (such as our accounting and consent record-keeping to ensure we know when you prefer not to be contacted)
  • where the processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the benefit of our customers
  • to identify and prevent fraud
  • to enhance the security of our network and information systems
  • to better understand how people interact with our websites and improve their browsing experience by personalising the websites to send marketing information to you which we think may be of interest to you by post, email, SMS or other means
  • to determine the effectiveness of promotional campaigns and advertising

We use the information we collect only in compliance with this privacy policy. We will never sell your personal information to any third party. Whenever we process data for these processes we will ensure that we keep your personal data rights in high regard and take account of your rights.

4. How We Store Your Information and Keep it Safe

At the Point Foundation we take data protection very seriously. We make it a priority to ensure that we have the right level of controls, interventions and processes in place to ensure we keep your personal information safe. However, the nature of data transfer – especially online – is never fully secure, so we cannot guarantee the complete security and protection of it when it is outside of our control. Be assured that once we have your personal information, we do all we can to ensure that we have the systems and processes in place to safeguard it including using encryption when needed.

Personal data you provide to us is stored on our secured servers within the EEA.

Where we work with external companies to collect and process your data for us on your behalf we ensure these companies adhere to our privacy policy and have rigorous security and data protection processes in place.

Only authorised staff have access to your personal information, and only if essential. They are trained to understand the policies, processes and protocols for keeping your information safe.

We have robust internal procedures for storing, protecting and deleting any paperwork relating to our customer orders and contacts.

At times we may share links to other websites and use social media platforms such as Facebook, LinkedIn and Twitter. We are not responsible for these sites – refer to their own privacy policies to learn more.

Credit and Debit Card Payment Information

When you order from or donate to us over the phone, the Point Foundation ensures that this is done securely and in accordance with the Payment Card Industry Data Security Standard (PCI DSS). All credit or debit card details are never stored in any of our systems on completion of your transaction. Remember; don’t send an email with any credit or debit card details.

If you have any questions about the security of your personal information, you can contact us at team@pointfoundation.co.uk.

Data Breaches

In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.

5. How Long We Keep Your Data

The Point Foundation will only keep your personal information for as long as it is required and in accordance with statutory requirements. For example, HMRC requires that we keep a record of your name and address for seven years from the date of your last transaction. When there is a legitimate interest for us as the Data Controller to retain your personal information such as to inform or communicate with you as a customer, we shall retain the personal information for this purpose only. Where the information is no longer required, we will ensure that it is disposed of in a secure manner.

If you have indicated that you do not wish to hear from us in the future, we will keep the minimum information necessary to ensure we avoid contacting you any further.

If we have not heard from you for a period of 2 years, your personal data will be removed from our systems.

6. Who We Share Your Information With

Compelled Disclosure

We reserve the right to use or disclose your personal information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.

Sharing Your Information with Trusted Third Parties

We may share your personal information with trusted partners and third parties when it is necessary to provide products and services you have requested from us (such as courier services to deliver goods you have ordered) or where they are contracted to develop or maintain our services (such as our contact management system).

We monitor information security compliance and require all partners or third party providers to process your personal information only on our instructions and in accordance with applicable data protection and privacy laws.

7. How to Access Correct or Delete Your Personal Information

The Point Foundation acknowledges that you have the right to access your personal information and we are responsible for correcting, deleting or updating information that we have collected.

Upon request the Point Foundation will provide you with information about whether we hold any of your personal information. If your contact details change, or you believe the information we hold about you is out of date or inaccurate, please get in touch to update us in the following ways:

team@pointfoundation.co.uk

The Point Foundation,
Ashleigh House,
Sands Lane,
Small Dole,
West Sussex, BN5 9YL.

We will respond to your request within a reasonable timeframe and notify you of the action we have taken. Actions will be carried out within a month, and the likelihood is it will be much sooner.

Your Marketing Preferences

Email marketing is only sent to you if we need to contact you about an order or enquiry you have made. We send email communications to customers infrequently so as not to overwhelm you with emails.

Postal marketing may be included with any orders you place with us including the latest special offers on products unless you have told us you would prefer not to receive this information by post.

Telephone and SMS marketing – we may contact you by telephone or SMS marketing activities to notify you about our products and services, unless you are registered on a telephone preference service not to receive marketing calls. You can opt out of receiving our calls and SMS messages at any time by letting us know.

The Point Foundation is committed to respecting your choice to receive marketing information. You can update your permissions and contact preferences at any time by calling our friendly team on+44 (0)1273 495674 or email team@pointfoundation.co.uk.

8. Changes to this Policy and Contacting Us About this Policy

We will regularly review and update this privacy policy and you should check it from time to time to see future updates. If there are significant changes in the way we process your personal information, we will provide a prominent notice on our website or send you a notification. This privacy policy was last updated in May 2018.

If you have any questions about this policy or our treatment of the information you provide us, please write to us by mail to Data Protection Officer,

The Point Foundation,
Ashleigh House,
Sands Lane,
Small Dole,
West Sussex, BN5 9YL.

or contact us by phone or email:

Phone: +44 (0)1273 495674 or Email: team@pointfoundation.co.uk

You also have the right to lodge a complaint with the Information Commissioner’s Office about how we manage your data. You can contact them in the following ways:

https://ico.org.uk/concerns/

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Phone: 0303 123 1113.