- Who we are
- How we collect information about you
- Information we collect and why we use it
- Legal basis for using your information
- Sharing your information
- Keeping your information safe
- How long we hold your information for
- Your rights
1. Who we are
Here at Heart of the Travellers in Scotland, we are committed to protecting your personal information and making every effort to ensure that your personal information is processed in a fair, open and transparent manner.
We are a ‘data controller’ for the purposes of the EU General Data Protection Regulation 2016/679, 2018 [‘Data Protection Law, 2018’]. This means that we are responsible for, and control the processing of, your personal information.
For further information about our privacy practices, please contact our Data Protection Officer by:
- Writing to Lynne Tammi at: Burnbank, Ogilvie Terrace, Ferryden, Montrose, DD10 9RG
- Calling Lynne Tammi on 07919376109
- Emailing us at [email protected]
2. How we collect information about you
Everything we do, we do to ensure that people who contact us get the relevant information and support they require. We want to make sure you receive the communications that are most relevant to you, be it through visiting our website or receiving emails, post or phone calls. We want to make sure you receive the best attention when you book or attend an event or workshop or register for a learning programme.
We collect information from you in the following ways:
When you interact with us directly: This could be if you ask us about our activities, register with us for a learning programme or an event, ask a question about human rights and equalities, apply for a job or volunteering opportunity or otherwise provide us with your personal information. This includes when you phone us, visit our website or get in touch through the post, or in person.
When you interact with us through partners working with us or on our behalf: This could be if you attend a workshop delivered by one of our trusted partner organisations who are using our resources and/or our workers to co-deliver information and learning or who are working without our presence but on our behalf.
When you visit our website: We gather general information which might include which pages you visit most often and which services, events or information is of most interest to you. We may also track which pages you visit when you click on links in emails from us. We also use ‘cookies’ to help our site run effectively. There are more details below – see ‘Cookies’. We use this information to personalise the way our website is presented when you visit, to make improvements and to ensure we provide the best service and experience for you. Wherever possible we use anonymous information which does not identify individual visitors to our website.
From other information that is available to the public: This could be on our Facebook or Twitter pages.
3. Information we collect and why we use it
Personal information we collect includes details such as your name, date of birth, email address, postal address and telephone number, as well as information you provide in any communications between us. You will have given us this information whilst registering for an event, contacting us via our website or any of the other way you interact with us.
We will mainly use this information:
- To provide the information or support that you have requested;
- To update you with important administrative messages about an event, training or learning programme you have registered for;
- To keep a record of your relationship with us;
- Where you volunteer with us, to administer the volunteering arrangement;
- If you do not provide this information, we will not be able to sign you up for a particular event or training or learning programme you have requested.
We may also use your personal information to invite you to participate in surveys or research.
Sensitive Personal Information
You can of course decide to remain anonymous in any of your experiences we share as part of our work [for example, in our case studies or annual reports].
Additional note about the Sensitive Personal Information
Data Protection Law recognises that some categories of personal information are more sensitive. Sensitive personal information can include information about a person’s health, race, ethnic origin, political opinions, sex life, sexual orientation or religious beliefs.
We recognise that when you contact us you may choose to provide details of a sensitive nature. We will only use this information for the purposes of dealing with your enquiry, training or learning.
We will not pass on your details to anyone else without your express permission except in exceptional circumstances. Examples of this might include anyone reporting serious self-harm or posing a threat to others or children contacting us and sharing serious issues such as physical abuse or exploitation.
4. Legal basis for using your information
In some cases, we will only use your personal information where we have your consent or because we need to use it in order to fulfil a contract with you [for example, because you have registered for an event or a learning programme or fulfil a website product order].
However, there are other lawful reasons that allow us to process your personal information and one of those is called ‘legitimate interests’. This means that the reason that we are processing information is because there is a legitimate interest for Heart of the Travellers in Scotland to process your information to help us to achieve our vision of ensuring that all Scotland’s children and young people enjoy their full set of rights and entitlements.
Whenever we process your personal information under the ‘legitimate interest’ lawful basis we make sure that we take into account your rights and interests and will not process your personal information if we feel that there is an imbalance.
Some examples of where we have a legitimate interest to process your personal information are where we contact you about our work via post, use your personal information for data analytics, to improve our services, for our legal purposes [for example, dealing with complaints and claims] or for complying with guidance from the Office of the Scottish Charity Regulator [OSCR].
5. Sharing your Information
The personal information we collect about you will mainly be used by workers [and volunteers] at Heart of the Travellers in Scotland so that they can support you.
We will never sell or share your personal information with organisations so that they can contact you for any marketing activities. Nor will we sell any information about your web browsing activity.
Heart of the Travellers in Scotland may however share your information with our trusted partner organisations and agencies who work with us, on or on our behalf, to deliver our services. Processing of this information is always be carried out under our instruction. We make sure that they store the data securely, delete it when they no longer need it and never use it for any other purposes.
We enter into contracts with these partners that require them to comply with Data Protection Laws and ensure that they have appropriate controls in place to secure your information.
We may disclose your information if required to do so by law [for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority].
6. Keeping your information safe
We take looking after your information very seriously. We’ve implemented appropriate physical, technical and organisational measures to protect the personal information we have under our control, both on and off-line, from improper access, use, alteration, destruction and loss, this includes encrypted portable storage devices.
Unfortunately the transmission of information using the internet is not completely secure. Although we do our best to protect your personal information sent to us this way, we cannot guarantee the security of data transmitted to our site.
7. How long we hold your information for
We only keep it as long as is reasonable and necessary for the relevant activity.
8. Your rights
You have various rights in respect of the personal information we hold about you – these are set out in more detail below. If you wish to exercise any of these rights or make a complaint, you can do so by contacting our Data Protection Officer by: Writing to Lynne Tammi at: Burnbank, Ogilvie Terrace, Ferryden, Montrose, DD10 9RG; calling Lynne Tammi on 07919376109 or emailing us at: [email protected] You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office: https://ico.org.uk/.
Access to your personal information: You have the right to request access to a copy of the personal information that we hold about you, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making. You can make a request for access free of charge. Please make all requests for access in writing, and provide us with evidence of your identity.
Right to object: You can object to our processing of your personal information where we are relying on a legitimate interest [or those of a third party] and there is something about your particular situation which makes you want to object to processing on this ground. Please contact us as noted above, providing details of your objection.
Consent: If you have given us your consent to use personal information you can withdraw your consent at any time.
Rectification: You can ask us to change or complete any inaccurate or incomplete personal information held about you.
Erasure: You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.
Portability: You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
Restriction: You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.
No automated-decision making: Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless you have given us your consent, it is necessary for a contract between you and us or is otherwise permitted by law. You also have certain rights to challenge decisions made about you. We do not currently carry out any automated decision-making.
Please note, some of these rights only apply in certain circumstances and we may not be able to fulfil every request.
What are cookies?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server, to provide the users with a tailored experience within the website. A cookie, by itself, can’t be used to identify you.
What cookies do we use?
We use anonymous session cookies [short-term cookies that disappear when you close your browser] these are necessary to help you navigate the website and make the most of the features.