Bounce Back are a Charity and Social Enterprise dedicated to the training and employment of offenders. Registered charity no. 1144297. The company is limited by guarantee (no. 07675301). Registered address: 130 Wood Street, EC2V 6DL.
At Bounce Back we are committed to protecting and respecting your privacy.
This Policy explains when and why we collect personal information about people who visit our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We will update this Policy from time to time so please check occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to email@example.com or by writing to Bounce Back, POP Brixton, Unit L05, 49 Station Road, London SW2 1SE
Personal data/personal information – any information which can identify an individual
Third Parties – those outside Bounce Back who use data from Bounce Back for defined tasks
Special Category Information – data which is more sensitive so needs more protection
(Criminal Offence Information is dealt with in a similar way)
The information we collect
We obtain information about you when we interact with you either in person, by phone, by email or when you use our website eg when you contact us about products and services, make a donation or if you register to receive our newsletter. We also receive information from Third Parties.
We collect information to carry out our charitable purpose and business. We will always have a lawful purpose for any information we collect and will let you know that purpose at the time of collection or shortly afterwards.
The personal information we collect might include your name, address, email address, telephone number, IP address, and information regarding what pages are accessed and when.
we may also have
– bank account details (e.g. from donors or employees)
– credit card details (e.g. donors)
– taxpayer status for claiming Gift Aid (donors)
– age/gender/date of birth (e.g. from service users & Trustees)
– prison details (from service users)
Some of the information we collect may be Special Category Information. This might be needed to ensure that we provide our services with adequate supervision and support.
If you make a donation online or purchase a product from us we may collect your, your card information is not held by us, it is collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.
We may use your information to:
- process a donation that you have made
- process an order for an item from our shop
- to carry out our obligations arising from any contracts entered into by you and us/provide services to you
- inform you about our services and activities
- send you communications which you have requested
- process a grant or job application
- comply with a legal requirement
We may contact you with service updates and/or marketing content, via your preferred means of communication. Our aim is to avoid sending you unwanted communications.
We review our retention periods for personal information but please be aware we are legally required to hold some types of information to fulfil our statutory obligations (for example the collection of Gift Aid). We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Who has access to your information?
We will not sell, rent or share your information to third parties for marketing or any other purposes.
Third Party Service Providers working on our behalf:
We may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process donations and send you mailings). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service. We will not release your information to third parties beyond Bounce Back for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
When you are using our secure online donation pages, your donation is processed by a third party payment processor (Virgin Money Giving), who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.
How Do We Store and Protect Your Information?
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal data stored on our website and systems.
We keep most information digitally using secure software. Special Category Information is kept in digital systems designed with additional security.
Some information (e.g. paper-based) is kept in secure physical storage.
Other information, such as phone messages, are converted to another format for storage.
The management of our charity is designed to enable and ensure compliance with the data protection laws currently in force.
When Do We Stop Using Your Information?
We keep your personal information while we need it for our charitable and business purposes or until you request removal, and always in accordance with applicable legal requirements.
Generally, we review our databases every 6-12 months to remove expired data.
Some sections of our charity are required to keep information for longer, such as financial records.
Under the General Data Protection Regulation you have the right to:
- Access your personal information. You have a right to obtain confirmation that your personal information is being processed and further to request a copy of the personal information that we hold about you.
- Amend/edit your personal information at any time.
- Request to have your personal information deleted.
- Restrict processing of your personal information/date. We will continue to store your data but not further process it, so we can ensure that the restriction is enforced in the future.
- Object to processing of your personal information in certain circumstances eg for marketing and research purposes.
- Lodge a complaint with a supervisory authority. If you wish to lodge a complaint or seek advice from a supervisory authority please contact The Office of the Information Commissioner.
- Withdraw your consent to processing at any time.
To Update, Change or Remove Your Information
Please contact us by email to firstname.lastname@example.org or by writing to Bounce Back, POP Brixton, Unit L05, 49 Station Road, London SW2 1SE.
You choose whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us please tick the relevant boxes at the point at which we collect your information.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent, or by post if you have indicated you do not want to be contacted in that way.
You can change your marketing preferences at any time by contacting us by email: email@example.com
The accuracy of your information is important. If your details change or any of the information we hold is inaccurate or out of date or you want to access the information we hold about you, please email us at: firstname.lastname@example.org
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
Use of ‘cookies’
It is possible to switch off cookies by setting your browser preferences.
Links to other websites
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
16 or Under
If you are aged 16 or under‚ please get your parent/guardian’s permission to provide us with your personal information.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
If Something Goes Wrong?
- Our Staff have received training and clear guidance on the process to be followed if a Breach occurs (including reporting and rectifying).
- If you are unhappy about our handling of your data, our teams will do their best to resolve the matter for you. If you are not satisfied, you can refer the matter to our Data Protection Officer.
- You can, if our actions seem insufficient, contact: Information Commissioner’s Office, online at ICO.org.uk or tel 0303 123 1113
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in April 2018 and will be further reviewed by the end of May 2018.
Overall Our Aims are to ensure that you:
– know what data we hold
– understand why we hold that data
– know how long we will hold the data
– can change or remove that data on request (subject to requirement of law)
– can see a clear path for help if you feel it is necessary