This Privacy Notice explains how we collect, use and share your personal data and your rights in relation to the personal data we hold about you.
Venice in Peril Fund CIO acts as a Data Controller for the personal data you provide to us and we are always on hand to answer any questions about the protection of your personal data by email at firstname.lastname@example.org or by telephone on +44 (0)20 7736 6891.
Taking your Data Protection seriously
We have reviewed and updated our policies, processes and procedures to comply with the General Data Protection Regulation (EU) 2016 / 679 (“GDPR”) and have updated this Privacy Notice and our operations accordingly.
The types of Information we collect
We collect personal data from you necessary for us to be able to communicate with you as a member/Friend/Patron of Venice in Peril, donor (which may include your partner where you are jointly in touch with us) or supporter of Venice in Peril, to process your donations or membership fees and to fulfil our obligations or purposes as a charity. The personal data we collect includes the following:
Friends and Patrons of Venice in Peril and donors
- Title, forename and surname.
- Contact and communications information, including email addresses, telephone numbers and postal addresses, as well as records of communication and interactions we have had with you.
- Financial information, including Standing Order details and Gift Aid Declarations.
- Other correspondence which you freely enter into with us.
- Email addresses.
- Records of communication and interactions we have had with you.
- Other correspondence which you freely enter into with us.
Where you have consented to us sending you e-Newsletters as part of the registration process and no longer wish to receive them, you can do so by emailing us at email@example.com or telephoning us on +44 (0)20 7736 6891.
Financial Data – Credit/Debit Card payments
We never collect or store your payment card details, because they are processed through a third-party payment gateway for online transactions. For credit card transactions made by telephone, the payment card details are cross-shredded immediately.
The credit/debit card information you provide for any transaction whether for tickets, donations, memberships or merchandise will be used by us solely to process that transaction. We cannot accept credit/debit card payments by email and will decline to accept payment by that means.
We only use PCI-DSS compliant payment systems procured from reliable third- party providers.
Our technology systems do not directly collect or store any payment card information and our online payment solutions are carried out using a ‘payment gateway’. This is a direct connection to a payment service provided by a bank.
This means that when you input your payment card data you are communicating directly with the bank. As such your payment card information is handled by the bank only.
Where you send us a paper form authorizing us to set up a Standing Order, we keep that information securely stored, it is accessed by a limited number of staff and deleted one month after the first payment has been received. We are required to keep an electronic copy to prove the instruction is from you. This is stored securely until the Standing Order is cancelled.
Venice in Peril will always act upon your wishes in respect of what type of communications you want to receive and how you want to receive them.
There are some communications that we need to send you regardless of your marketing preferences. These are to fulfil our obligations to you if you are a Friend or Patron of Venice in Peril or a donor.
- Correspondence relating to Standing Orders and Gift Aid.
- Membership and donor related mailings.
- Updating and amending your personal information.
Source of your data. How we collect your information
We may collect your personal information in a few limited ways:
Directly from you with your consent
- When you join as a Friend or Patron of Venice in Peril.
- When you sign up for e-Newsletters on our website.
- When you donate via the website, or by post with a cheque and letter, or by telephone with a credit card.
- When you buy tickets to our events, or merchandise online or at an event.
- When you offer to volunteer or contact us for professional interest reasons
- From someone else who has brought a gift membership for you.
- On occasion when we receive information about you from our Trustee board or a member (for example as someone who might be interested in donating or joining or assisting with one of our campaigns).
- Where you have been referred to us from other organisations, you will have consented to your information being sent to us prior to us accepting the referral. We check that your consent has been provided.
- We do not receive or buy in lists of personal data from other sources.
- If at any point you do not wish to be contacted by us, please email us on firstname.lastname@example.org and we will action your request promptly.
The legal basis for using your information
The following sets out each lawful basis we rely on to process your personal data:
- Consent: Where you have become a Friend or Patron of Venice in Peril, have made a donation, expressed an interest in our work, attended one of our events or have otherwise consented to us processing your personal data.
- Performance of Contract: When you have purchased tickets or made donations online.
- Legitimate interest: Where we have determined that it is in our legitimate interests having undertaken an appropriate balancing exercise. For example, where we are working with you as part of our charitable activities.
Retention of your personal data
Recipients of your personal data
We do not pass on your personal data to any other party, unless they are data processors under our direct control, for example we use certain third parties/platforms to communicate with you electronically and may be required to provide information to third parties as part of organizing Venice in Peril events.
In addition, we may disclose your personal data if we are under a duty to disclose or share your information in order to comply with any legal obligation.
For the avoidance of doubt, we never sell your personal data.
Automated decision making
We do not undertake any automated decision making using your data, nor do we use your data for profiling or any other investigative purposes.
Security of your data
We have taken all reasonable steps to ensure that we and our Data Processors adapt Industry standard security protection systems to ensure the security of your data.
Where personal data is stored in locations other than the EEA, we have assured ourselves that the Data Processor is aware of their responsibilities for the privacy and security of your data under GDPR.
Your rights under GDPR
GDPR provides the following rights for individuals: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
- The right to be informed.
- The right of access*.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
Rights in relation to automated decision making and profiling.
If you would like to exercise any of your rights under GDPR, please email us at email@example.com.
*You have the right to ask us in writing for a copy of all the personal data held about you (this is known as a ‘subject access request’). A copy will be sent to you as soon as possible and this will be no later than one month after your request.
We will make every attempt to ensure you are satisfied with our handling of your requests about the protection of your data. However, you have the right to complain to the Information Commissioners Office (ICO) by following the link here to report a concern https://ico.org.uk/concerns/.
If you would like access to your personal data held by us, please contact us:
Email: firstname.lastname@example.org Tel. +44 (0)20 7736 6891
Post: Venice in Peril Fund CIO, Unit 11, Hurlingham Studios, Ranelagh Gardens, London SW6 3PA