Your privacy matters to us
Alternative Angels (“us”, “we”, or “our”) is a registered charity in England and Wales, Charity Commission No. 1204095, dedicated to suppling hot meals, essentials and support to the most vulnerable in Swindon and the surrounding area.
We are the ‘Data Controller’ for the personal data we process about our enquirers, volunteers, donors, website users, trustees and employees. This privacy notice tells you what to expect when we handle personal data as a data controller.
We will always give you control over the communications you receive from us and you can stop or tell us you no longer wish to receive these, at any time.
If you have any queries about our Privacy Notice, or would like to exercise any of your rights, please email us at firstname.lastname@example.org.
How we get information
Most of the personal data we process is provided to us directly by you for one of the following reasons:
you make an enquiry by email, phone, through our website, through social media (Facebook) or through professional networking sites (LinkedIn) about how to get involved.
work with us as a volunteer, donator, employee or trustee.
use our website.
We may also collect personal information about you indirectly, for example through:
public sources such as social media and professional networking sites (e.g. LinkedIn) so we can tell you about our services
our partners (your employer) as their nominated representative.
Information we collect and how we use it
Enquirers & Donators
When someone contacts us asking about how to get involved through our website, by email, over the telephone, via social media or professional networking sites, we collect their name, contact details and the nature of their enquiry. We collect this information for our legitimate interests as a charity, i.e. to be able to respond to their enquiry and keep a record of our communications with them. We keep this information for 2 years from the date of the last communication.
We collect information about our volunteers, such as their name, contact details, experience and outcome of their criminal record check (DBS) (where required). We collect this information for our legitimate interests, to be able to assess the suitability of the individual, delivery of supplies and to uphold our safeguarding policy around working with vulnerable adults. We keep this information for 2 years from the date of their last volunteering action.
Partners and suppliers
We collect limited personal data about our partners. This may include their name, email address, work address and contact telephone number, along with a description of the service they provide to us. It may also include bank account information where we are paying for a service. We will only collect relevant information where it is necessary for our legitimate interests to provide effective services to our patrons, or where it is necessary for us to enter into a contract or for the performance of a contract with the individual or company they work for.
Prospective employees and trustees
We collect personal information about individuals who want to work for us or be a member on the Board of Trustees. This will include the personal information they have included in their CV and supporting application, such as their name, contact details, employment history and work experience. We need this information so we can assess the suitability of the individual to join our team and where they are successful, for taking steps into entering into a contract with them. We collect this information from the individual directly.
If an individual is unsuccessful in their application to work for us, we will keep their personal data on file for 1 year and delete that information after that period has ended.
Employees and trustees
Alternative Angels collect information about our employees and trustees, such as their name, date of birth, contact details, recruitment information, outcome of their criminal record check (DBS), contract, bank details (where required) and other employment information. We only collect information which is necessary for us to assess a person’s suitability to work for us and to enter into an employment contract with them and for the on-going performance of that contract.
Where we obtain ‘special category data’, such as health information, we will only do this where it is necessary for us to carry out our obligations or exercise our rights in relation to employment, social security or social protection law or where appropriate, the individual has provided explicit consent.
We hold employee and trustee data for 7 years after the date their employment contract or involvement with the charity has ended.
Who we share information with
We do not share your data with other organisations, unless it is necessary for legal, contractual, regulatory or law enforcement purposes. Where we use ‘data processors’ to help us manage and store our data (cloud storage providers and website hosting providers); promote our services (advertising/marketing companies) or help us deliver our services (partners and suppliers), we have Data Processor Agreements or confidentiality agreements in place, to protect any personal data they may have access to on our behalf.
There may be times when we need to disclose personal data to other data controllers, for example:
In the event that we sell any business or assets
If we or substantially all of our assets (including data) are acquired by a third party
If we are under a duty to disclose or share your personal data to comply with any legal obligation
To protect the rights, property, or safety of Alternative Angels, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
We will never sell your personal data or share it in a way you would not reasonably expect.
Where we store data
Our offices are located in the United Kingdom. Your Personal Information may be processed, transferred to, and maintained on, servers and databases located outside of the UK or EEA where the privacy laws may not be as protective as the UK GDPR. We have put in place appropriate safeguards (such as contractual commitments) to ensure that your Personal Data is adequately protected. For more information on the appropriate safeguards in place, please contact us by email at email@example.com.
How we protect your information
We have put in place physical, technical, and administrative controls to help protect the confidentiality, accuracy, and availability of your Personal Data. We also make sure that third parties who need to handle your data when helping us to deliver our services are subject to suitable confidentiality and security standards.
Your data protection rights
You have the following rights under the data protection laws:
The right to be told how your personal data is being processed
The right of access to your personal data
The right to rectify personal data held about you which you think is inaccurate or incomplete
The right to erase your personal data in certain circumstances
The right to restrict the processing of your information in certain circumstances
The right to object to your information being used for public interest or direct marketing purposes
The right to ask that your personal data is transferred from one organisation to another or given to you, in certain circumstances
The right to complain to the organisation processing your personal data if you are not happy with the way it has been handled, and to escalate this to the Information Commissioner if you remain dissatisfied
To exercise these rights, please contact us by emailing firstname.lastname@example.org. You can expect to receive a response within one calendar month (unless there is a legal reason to take longer, for example where your request is particularly complex). We may also need you to confirm your identity before we proceed with your request if it is not clear who is making the request.
Further information about your data protection rights, can be found on the Information Commissioner’s Office website at www.ico.org.
Changes to this privacy notice
We may need to update this privacy notice periodically, so we recommend that you revisit this information from time to time. This version was last updated on 23 September 2023.
Complaints and feedback
We hope you will always be happy with the way we handle your information, however if we have not met your expectations, please let us know so we can put things right by emailing email@example.com. If you remain unsatisfied, you have the right to complain to the Information Commissioner’s Office (ICO). The ICO’s contact details are available at https://ico.org.uk/concerns/.