Admin

Privacy Policy

This Privacy Policy governs the manner in which Valleys Steps collects, uses, maintains and discloses information collected from users (each, a “User”) of the http://www.valleyssteps.org website (“Site”). This privacy policy applies to the Site and all services offered by Valleys Steps.

Valleys Steps Privacy Notice

How we use your personal information for Valleys Steps Marketing & Communications purposes

Valleys Steps provides a wellbeing service for Cwm Taf’s local communities and the people who live in them.  Undertaking this work means that we must collect and use information about the people we provide services to and keep a record of those services. Because we collect and use personal information about individuals we must make sure that they know what we intend to do with their information and who it may be shared with.

We have summarised in this privacy notice some of the key ways in which we use your personal information for  Valleys Steps Marketing & Communications purposes.

Who we are, what we do.

Valleys Steps is a charitable organisation that runs Wellbeing Courses for the people of Rhondda Cynon Taf and Merthyr Tydfil.

What and whose personal information we hold?

Valleys Steps collects information from participants of our courses, information is anonymous through generating participant codes. Anonymous information gathered is used to provide third party organisations including our funders with information and reports about the organisations performance. We also use some information in marketing the service on promotional materials on social media and on this website

Personal information is collected directly from you when you interact with Valleys Steps for example signing up to our mailing lists, expressing an interest in Volunteering, calling our helpline, when attending our courses or otherwise communicating with us. Information may be collected in person, over the phone, online, or on paper.

The information we collect may include:

your name -only If volunteering or if if you send us an email. you contact details if regarding volunteering

  • your bank details if you are supporting us financially
  • if you volunteer for us or apply for a job, information necessary for us to process your application and assess your suitability (including employment status, previous experience, as well as any criminal convictions and court cases, and whether you are barred from working with vulnerable children or adults)
  • information about your activities on our websites and about the device you use to access these, such as your IP address and geographical location
  • information about events, products and information which we consider to be of interest to you
  • information as to whether you are a taxpayer to enable us to claim Gift Aid
  • any other personal information you provide to us

Certain types of personal information are in a special category under data protection laws, as they are considered to be more sensitive.  Examples of this type of sensitive data would be information about health race, religious beliefs, political views, trade union membership, sex life or sexuality or genetic/biometric information.  

We only collect this type of information to the extent that there is a clear reason for us to do so, for example asking for health information if you are taking part in a special event or volunteering or where we ask for information for the purpose of providing appropriate facilities or support.  We will also collect this type of information if you make it public or volunteer it to us.

Wherever it is practical for us to do so, we will make clear  why we are collecting this type of information clear and what it will be used for.

When you use our website, we use Google Analytics and we collect your personal information using ‘cookies’ – more details in our Cookie policy here

 What we will do with your personal information?

Valleys Steps complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

We collect this information in order to process your requests and to also keep in touch with you about Valleys Steps work. Examples include:

    • To improve customer service
    • Your information helps us to more effectively respond to your customer service requests and support needs.
    • To personalize user experience
    • We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
    • To improve our Site
    • We continually strive to improve our website offerings based on the information and feedback we receive from you.
    • To process transactions

 

  • We may use the information Users provide about themselves when engaging our services only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.

 

  • To administer a content, promotion, survey or other Site feature
  • To send Users information they agreed to receive about topics we think will be of interest to them.
  • To send periodic emails

If Users decide to opt-in to our mailing list, they will receive emails that may include service news, updates etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email or User may contact us via our Site.

We might also collect data

  • to provide you with the services or information you have requested
  • to process donations or other payments and verify financial transactions
  • to process Gift Aid donations
  • to send fundraising appeals
  • to invite you to participate in campaigns and events
  • to record any contact we have with you to help us ensure we provide you with the most appropriate communications
  • to respond to or fulfil any requests, complaints or queries you make to us
  • to understand how we can improve our services, products and information by conducting analysis and market research
  • to send marketing communications
  • to further our charitable objectives
  • send you correspondence and communicate with you
  • process your application for a job or volunteer position
  • to notify you of changes to our policies
  • to ensure that content from our site is presented in the most effective manner for you and for your computer
  • meet our legal obligations to regulators, government and/or law enforcement bodies

from time to time we may use external data sources to increase or enhance the information we hold about you.  

 

What is the legal basis for the use of this information?

Data protection laws mean that each use we make of personal information must have a “legal basis”.  The relevant legal bases are set out in the General Data Protection Regulation (EU Regulation 2016/679) and in current UK data protection legislation.

  • Specific consent
  • Consent is where we ask you if we can use your information in a certain way, and you agree to this (for example when we send you marketing material via e-mail).  Where we use your information for a purpose based on consent, you have the right to withdraw consent for any future use of your information for this purpose at any time.
  • Legal obligation
  • We have a basis to use your personal information where we need to do so to comply with one of our legal or regulatory obligations.  For example, in some cases we may need to share your information with our various regulators such as the Charity Commission or Fundraising Regulator, or to use information we collect about you for due diligence or ethical screening purposes.
  • Performance of a contract / take steps at your request to prepare for entry into a contract
  • We have a basis to use your personal information where we are entering into a contract with you or performing our obligations under that contract.  Examples of this would be if you are buying something from us (for instance some branded merchandise or, in some cases, an event place), applying to work/volunteer with us, or being funded to undertake any work or activity.
  • Vital interests
  • We have a basis to use your personal information where it is necessary for us to protect life or health.  For instance if there were to be an emergency impacting individuals at one of our events, or a safeguarding issue which required us to contact people unexpectedly or share their information with emergency services.
  • Legitimate interests
  • We have a basis to use your personal information if it is reasonably necessary for us (or others) to do so and in our/their “legitimate interests” (provided that what the information is used for is fair and does not unduly impact your rights).

We consider our legitimate interests to include all of the day-to-day activities  Valleys Steps carries out with personal information. Some examples not mentioned under the other bases above where we are relying on legitimate interests are:

  • use of personal information when we are monitoring use of our website or apps for technical purposes;

We only rely on legitimate interests where we consider that any potential impact on you (positive and negative), how intrusive it is from a privacy perspective and your rights under data protection laws do not override our (or others’) interests in us using your information in this way.

When we use sensitive personal information we require an additional legal basis to do so under data protection laws, so will either do so on the basis of your explicit consent or another route available to us at law for using this type of information (for example if you have made the information manifestly public, we need to process it for employment, social security or social protection law purposes, your vital interests, or, in some cases, if it is in the public interest for us to do so).

We will hold data given to us via mailing list sign up or volunteering  for as long as the user wishes to have an active relationship with Valleys steps. Anonymised Data in terms of feedback and course performance data will be held indefinitely.    

Does the service share my personal information with any other organisation?

No we don’t routinely share your personal  data with anyone else.

Certain third party organisations collect data on our behalf as well as for their own use. We may receive your personal details from third party organisations for our marketing purposes where you have consented for this information to be shared.

Third party organisations we currently receive data from are Local Giving, This organisation will have their own data protection and privacy policies which you should be aware of before signing up.

We may also disclose or use personal information if required to do so by law and may use external data for the purposes of fraud prevention, for example to comply with money laundering regulations, or otherwise to protect the rights, property or safety of individuals.

Anonymous information gathered is used  to provide third party organisations including our funders with information and reports about the organisations performance. We also use some information in marketing the service on promotional materials sich as  on social media and on this website.

 

How long will my information be kept?

Data protection laws mean that each use we make of personal information must have a “legal basis”.  The relevant legal bases are set out in the General Data Protection Regulation (EU Regulation 2016/679) and in current UK data protection legislation. They are detailed above.

We will hold data given to us via mailing list sign up or volunteering  for as long as the user wishes to have an active relationship with Valleys Steps. Anonymised Data in terms of feedback and course performance data will be held indefinitely.  

 

How secure is the information I give you?

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.

Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures. Our Site is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users.  

Your information, your rights

The General Data Protection Regulation (GDPR) gives you important rights, including the right to access the personal information the services hold about you.

  Contact us

If you have any concerns or would like to know more about how Valleys Steps uses your personal information please contact us in one of the following ways:

By email : Info@valleyssteps.org

By telephone : 01443 803048

In writing : Valleys Steps Ltd

Ty Antur, Navigation Park
Abercynon, CF45 4SN

©2017-2018 All Rights Reserved
Valleys Steps Ltd Reg No 09473917 | Registered Charity No 1166003 | Privacy Policy | Cookies