1.1 The Martin James Foundation (“MJF”) is a registered charity (Charity Number: 1179016) and a limited company (CRN: CE014179) bearing registered address Vicarage Court, 4 Vicarage Road, Edgbaston B15 3ES, Birmingham UK.
1.2 At the Martin James Foundation, we are committed to ensuring that the privacy and personal information of our website visitors is protected. Therefore, we strictly adhere to the provisions of the Data Protection Act 2018, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and are compliant with the EU General Data Protection Regulation (GDPR) (together “the Data Protections Laws”).
1.3 This Privacy Notice sets out how we use and protect any information you give us, when you use this website. If we ask you to provide any information by which you can be identified, be rest assured that it will only be used in accordance with the terms of this Privacy Notice.
1.4 We have appointed a Data Protection Officer who shall oversee questions in relation to this Privacy Notice. If you have any questions about this Privacy Notice including any requests to exercise your legal rights, please contact the Data Protection Officer by emailing DPO@martinjames.foundation
1.5 Please note that we may change this Privacy Notice from time to time by updating this page. You should check this page from time to time to ensure you are satisfied with any changes. This Privacy Notice is effective from 27/09/2019.
2. YOUR RIGHTS IN CONNECTION WITH PERSONAL INFORMATION
2.1 In certain circumstances, you have the following under the Data Protection Legislation. You can exercise them by contacting DPO@martinjames.foundation. They do not apply in all circumstances and we will explain in writing if you exercise a right that in our view does not apply:
i. The right to be informed about processing of your personal information.
ii. The right to request access to your personal information that we hold.
iii. The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed.
iv. The right to have your personal information erased (the “right to be forgotten”). This is particularly a limited right and applies in specified circumstances.
v. The right to restrict processing of your personal information. This is particularly a limited right and applies in specified circumstances.
vi. The right to withdraw your consent, where we rely on consent.
vii. The right to object to the processing of your personal information.
viii. The right to complain to the regulator under Data Protection Legislation. In the UK, the regulator is the Information Commissioner, who can be contacted via www.ico.org.uk
ix. The right to object the use of your personal data for direct marketing.
2.2 Data Protection Legislation provides other rights, such as right to “data portability” and rights relating to automated decision-making. We do not list those rights here because we do not think they apply in the context of our website. We do not process your personal data automatically on our website based on your consent or for performance of a contract, and our website is not programmed to make automated decisions using your personal data.
2.3 For further information on these rights you can contact the regulatory and enforcement authority in the UK; The Information Commissioner’s office (ICO) via one of the options on their website https://ico.org.uk/global/contact-us/.
2.4 If we receive a request from you to exercise your rights under Data Protection Legislation, we will ensure the following:
i. A response to your request is normally provided within One (01) Month of the date we receive your request. (The date count will start on a later date if we ask you to clarify your request, or for proof of your identity, or if you act on behalf of someone else and we ask for proof of your authorization).
ii. Our response will be jargon free and in plain English.
iii. You will not normally be charged for our response to your requests. We can lawfully charge a reasonable fee (or refuse to comply) if your request access is unfounded or excessive.
2.5 We will only contact you about our work and how you can support the Martin James Foundation by phone, email or text message, if you have agreed for us to contact you in this manner. If you have provided us with your postal address we may send you information about our work and how you can support us. However, you may instruct us at any time not to process your personal information for marketing purposes. In practice, we will usually either ask for your consent to our use of your personal data for stated marketing purposes or we will provide you with an opportunity to opt out of the use of your personal data for stated marketing purposes.
2.6 You also have the right to make a complaint at any time to the Information Commissioner. We would however, appreciate the chance to deal with your concerns, before you approach the ICO, so please contact us in the first instance.
3. COLLECTING PERSONAL INFORMATION
3.1 We may collect, store and use the following kinds of personal information
(a). When you visit our website:
(i). Information that you provide to us when registering with our website (which will include your name and your email address).
(ii). Information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including your name and email address).
(iii). Information contained in or relating to any communication that you send to us or send through our website (including the communication content and metadata associated with the communication).
(iv). Any other personal information that you choose to send to us.
3.2 Please let us know if the personal information that we hold about you needs to be corrected or updated.
4. HOW WE USE YOUR PERSONAL INFORMATION
4.1 We will only use your personal information when the law allows us to. These are known as lawful bases for processing your personal information such as:
(i). Where consent has been obtained.
(ii). Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those rights.
(iii). To comply with a legal or regulatory obligation.
4.2 Where consent has been obtained or where, necessary for our legitimate interests, we have listed below examples of where we may process your personal information:
(i). To administer our website;
(ii). To send you marketing communications relating to our charity, which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications).
(iii). To send you email notifications that you have specifically requested;
(iv). To send you our email newsletter, if you have requested it (you can inform us at any time if you no longer require the newsletter).
(v). To deal with enquiries and complaints made by or about you relating to our website.
(vi). To process your donations or other payments, to claim Gift Aid on your donations and verify any financial transactions.
(vii). To update you with important administrative messages about your donation, an event or services or goods you have requested.
(viii). To comply with the Charities (Protection and Social Investment) Act 2016 and follow the recommendations of the official regulator of charities, the Charity Commission, which require us to identify and verify the identity of supporters who make major gifts so we can assess any risks associated with accepting their donations.
(ix). To keep a record of your relationship with us.
4.3 We will not, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.
5. DISCLOSING PERSONAL INFORMATION
5.1 The personal information we collect about you will mainly be used by our staff. We will not share your personal information with organizations, so that they can contact you for any marketing activities. Nor do we share any information about your web browsing activity.
5.2 Legal Disclosures: We may disclose your information if required to do so by law (for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority).
6. RETAINING YOUR PERSONAL INFORMATION
6.1 Unless we notify you otherwise on this privacy notice, we will retain your personal information based on the following criteria:
i. For as long as we are required to do so by law (if it is mandatory for us to retain the data).
ii. If we believe that the personal data is or may become relevant to any ongoing or prospective legal proceedings.
iii. For as long as necessary in order to exercise, defend or establish our legal rights (including providing our information to others for the purpose of fraud prevention or reducing credit risk).
6.2 We hope to work with you and your organization for long time, and so may hold your personal data for a long period. Please let us know if the personal information that we hold about you needs to be corrected or updated, including when your contact details change. You can contact DPO@martinjames.foundation any time with updates.
7. SECURITY OF PERSONAL INFORMATION
7.1 We are committed to ensuring that your personal information is secure. In this respect, we have put in place, all appropriate internal policies, procedures and controls, for implementing reasonable technical and organizational precautions to, prevent your information from being accidentally lost or destroyed, altered, disclosed or used/ accessed in an unauthorized way.
7.2 The technical and organizational precautions include, (but are not limited to) the following:
(i). All electronic financial transactions entered into through our website are protected by encryption technology.
(ii). We limit access to information to those employees, workers in order to perform their job duties and responsibilities.
(iii). Where information is shared with third party service providers, we require them to take appropriate technical and organizational security measures to protect information and to treat it to a duty of confidentiality in accordance with the Data Protection Laws.
(iv). We have in place procedures to deal with a suspected data security breach, in which case we notify the ICO (or any applicable supervisory authority or regulator) and the data subject of the suspected breach (where we are legally required to do so).
© Copyright 2019 Martin James Foundation. All right reserved.