We at the Point Foundation are committed to protecting your privacy and ensuring the personal information you have entrusted to us is processed in accordance with the EU Data Protection Regulations (GDPR), the Data Protection Act 1998 2018 and the Electronic Communications Regulations 2003. These laws clarify your privacy rights and give you control over the personal information that organisations hold about you.
2. Information We Collect
We collect your personal information in the following ways:
When you Give it to Us Directly
You may provide us with your personal information directly in the following ways:
- In person, by email, phone or through the post
- Contacting us through our websites
- Through social media
When you Give it to Us Indirectly
Your information might be shared with us through independent third party interactions. These third parties will only provide us with your information if you have given your permission for it to be shared with us.
We routinely work with trusted partners and suppliers who work with us on our behalf, such as courier services who deliver goods you order on our behalf.
When you engage with our social media accounts we may also obtain your personal information, such as through Facebook, Twitter, or LinkedIn, depending on your settings or the privacy notices of these platforms and messaging services. You can change your settings by referring to their privacy notices for details on how to do this.
When you Visit Our Websites or Social Media
When you visit our websites, we gather general information about how you use them, as well as information about the type of device you are using to access them (e.g. phone, tablet or PC). This data helps us to create a better online experience for you, to make it easier to find what you’re looking for or fix things if they are difficult to use.
When Your Information is Available Publicly
To help us to tailor the way we communicate with you about our activities and to make communications more relevant to you we may gather publicly available information about you. This area of activity is not something The Point Foundation typically does though we may do so in the future. This could be your interests or postcode based demographics, for instance so that we gain a better understanding of you and can help reduce unnecessary communications to you and be more cost-effective in our marketing. We may gather this information from social media platforms such as Facebook, LinkedIn or Twitter. This information is only accessible based on the permissions you give these services and you will be able to change those permissions at any time by reviewing your privacy settings on those platforms.
3. How We Use Your Personal Information
We collect relevant personal information depending on the interaction you have with us. Personal information is anything that can be used to identify you as an individual. It can include your name, email address, postal address, telephone numbers, and credit/debit card details.
The legal basis for processing your personal information is legitimate interest which means that we have respectfully considered the need to process your personal data and your rights as an individual when carrying out these data processes and we believe our contact with you is linked to legitimate business purposes, which may include some or all of the following:
- to process and fulfil any services, orders or enquiries you place with us
- to keep a record of your relationship with us and for administrative purposes (such as our accounting and consent record-keeping to ensure we know when you prefer not to be contacted)
- where the processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the benefit of our customers
- to identify and prevent fraud
- to enhance the security of our network and information systems
- to better understand how people interact with our websites and improve their browsing experience by personalising the websites to send marketing information to you which we think may be of interest to you by post, email, SMS or other means
- to determine the effectiveness of promotional campaigns and advertising
4. How We Store Your Information and Keep it Safe
At the Point Foundation we take data protection very seriously. We make it a priority to ensure that we have the right level of controls, interventions and processes in place to ensure we keep your personal information safe. However, the nature of data transfer – especially online – is never fully secure, so we cannot guarantee the complete security and protection of it when it is outside of our control. Be assured that once we have your personal information, we do all we can to ensure that we have the systems and processes in place to safeguard it including using encryption when needed.
Personal data you provide to us is stored on our secured servers within the EEA.
Only authorised staff have access to your personal information, and only if essential. They are trained to understand the policies, processes and protocols for keeping your information safe.
We have robust internal procedures for storing, protecting and deleting any paperwork relating to our customer orders and contacts.
At times we may share links to other websites and use social media platforms such as Facebook, LinkedIn and Twitter. We are not responsible for these sites – refer to their own privacy policies to learn more.
Credit and Debit Card Payment Information
When you order from or donate to us over the phone, the Point Foundation ensures that this is done securely and in accordance with the Payment Card Industry Data Security Standard (PCI DSS). All credit or debit card details are never stored in any of our systems on completion of your transaction. Remember; don’t send an email with any credit or debit card details.
If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org.
In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.
5. How Long We Keep Your Data
The Point Foundation will only keep your personal information for as long as it is required and in accordance with statutory requirements. For example, HMRC requires that we keep a record of your name and address for seven years from the date of your last transaction. When there is a legitimate interest for us as the Data Controller to retain your personal information such as to inform or communicate with you as a customer, we shall retain the personal information for this purpose only. Where the information is no longer required, we will ensure that it is disposed of in a secure manner.
If you have indicated that you do not wish to hear from us in the future, we will keep the minimum information necessary to ensure we avoid contacting you any further.
If we have not heard from you for a period of 2 years, your personal data will be removed from our systems.
6. Who We Share Your Information With
We reserve the right to use or disclose your personal information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.
Sharing Your Information with Trusted Third Parties
We may share your personal information with trusted partners and third parties when it is necessary to provide products and services you have requested from us (such as courier services to deliver goods you have ordered) or where they are contracted to develop or maintain our services (such as our contact management system).
We monitor information security compliance and require all partners or third party providers to process your personal information only on our instructions and in accordance with applicable data protection and privacy laws.
7. How to Access Correct or Delete Your Personal Information
The Point Foundation acknowledges that you have the right to access your personal information and we are responsible for correcting, deleting or updating information that we have collected.
Upon request the Point Foundation will provide you with information about whether we hold any of your personal information. If your contact details change, or you believe the information we hold about you is out of date or inaccurate, please get in touch to update us in the following ways:
The Point Foundation,
West Sussex, BN5 9YL.
We will respond to your request within a reasonable timeframe and notify you of the action we have taken. Actions will be carried out within a month, and the likelihood is it will be much sooner.
Your Marketing Preferences
Email marketing is only sent to you if we need to contact you about an order or enquiry you have made. We send email communications to customers infrequently so as not to overwhelm you with emails.
Postal marketing may be included with any orders you place with us including the latest special offers on products unless you have told us you would prefer not to receive this information by post.
Telephone and SMS marketing – we may contact you by telephone or SMS marketing activities to notify you about our products and services, unless you are registered on a telephone preference service not to receive marketing calls. You can opt out of receiving our calls and SMS messages at any time by letting us know.
The Point Foundation is committed to respecting your choice to receive marketing information. You can update your permissions and contact preferences at any time by calling our friendly team on+44 (0)1273 495674 or email email@example.com.
8. Changes to this Policy and Contacting Us About this Policy
If you have any questions about this policy or our treatment of the information you provide us, please write to us by mail to Data Protection Officer,
The Point Foundation,
West Sussex, BN5 9YL.
or contact us by phone or email:
You also have the right to lodge a complaint with the Information Commissioner’s Office about how we manage your data. You can contact them in the following ways:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Phone: 0303 123 1113.