The processing of your personal data is carried out by or on behalf of EachOther, a registered charity (number 1167370).
The Data Protection Officer
2.4, Resource for London
356 Holloway Road
Telephone: 020 7697 4019
EachOther is committed to data protection and to operating in a way that complies with the General Data Protection Regulation. We promise to:
These rights include:
By using our website, our social media pages (such as Facebook, Twitter, YouTube, Google+ and Instagram), subscribing to our services, and/or donating to us, you agree that, unless you have set your computer’s browser to reject them, we can place the types of cookies set out below on your device and use that data in accordance with this policy.
We may collect information about you directly whenever you interact with us. For example, when you contact EachOther regarding our activities, register as a supporter, send or receive information, engage with our social media or make a donation to us, you may provide us with your personal information.
We may also receive information about you when you interact with third parties with whom we work. For example, where you’ve made a donation to us through a third-party website (eg Stripe or IndieGogo) and given them permission to share your information with us.
We may supplement what we know about you with information that is available to the public. For example, in order to ensure that our communication with you is relevant and tailored to your background and interests, we may collect information about you from publicly-available sources either directly or through third-party subscription services or service providers. See ‘How will we combine and analyse the information we collect about you?’
The information we collect from you directly or from third parties with whom we work, may include:
We may also collect and process information about your interactions with us, including details about our contacts with you through email, SMS, post, on the phone, or in person (i.e., the date, time, and method of contact), details about donations you make to us, events or activities that you register for or attend, and any other support you provide to us.
We may also collect and record any other relevant information you share with us about yourself, including your interests or your affiliations with other charities, community groups, your employer or a corporate partner. If you are a minor, we may collect the name and contact details of a parent or guardian and, where appropriate, the name and location of your school.
In order to ensure that our communication with you is relevant and tailored to your background and interests, we may supplement what we know about you with information that is available to the public. This allows us to better understand your interests, preferences, and level of potential engagement and/or donation, so that we can contact you in the most appropriate way and to ensure that we do not send you unwanted communications. The information we collect and process about you from publicly-available sources may include demographic information associated with your postcode or your address and an estimate of your age. We may collect this information ourselves or through third-party service providers.
Where we have identified that you may have the capacity or affinity to support RightsInfo at a higher level, we may use the information we hold about you to identify connections between you and our existing circle of key supporters. We may also review other information about you that is available to the public through internet searches, subscription services, or public databases (eg, Companies House, the electoral register, or the land registry), such as information about corporate directorships, shareholdings, published biographic information, employment and earnings, philanthropic interests and networks, charitable giving history and motivations and relevant media coverage, so that we can engage with you in a more personalised way.
Under data protection law, certain categories of personal information are recognised as sensitive, including health information and information regarding race, religious beliefs, and political opinions (‘sensitive personal data’). In limited cases, we may collect sensitive personal data about you. We would only collect sensitive personal data if there is a clear reason for doing so, such as where we need this information to ensure that we provide appropriate facilities at an event.
We may use your information in a number of ways, including:
In particular, we may contact you for marketing purposes by email if you have agreed to be contacted in this manner. We provide information about how you can change your marketing preferences below.
We are committed to communicating with you using an approach that is right for you. This means that we carefully manage the communications we send you to ensure that we are contacting you in the most appropriate way and that we are not sending you unwanted communications. In order to do this, we may combine the information that we collect about you and analyse what we know about your interests, preferences and level of potential engagement or donation. We may also use statistical analysis to analyse this data and understand the likelihood that you will be interested in or responsive to a campaign or message. We may use third party service providers to assist us in this process.
Where we have identified that you have the capacity or affinity to support EachOther at a higher level, we may collect additional information about you (see ‘What information do we collect?’) and combine and analyse that information in a profile of you that will assist us in engaging with you in a more personalised way.
You can opt out of your data being combined and analysed for marketing purposes by contacting our Supporter Care Team or our Data Protection Officer as described below. However, this may mean that you stop receiving marketing communications from us more generally.
In accordance with our legal and regulatory obligations and our internal policies and procedures, we may also use personal information to carry out due diligence on potential or actual donors. If you opt out of analysis of your data for due diligence purposes, we may not be able to accept donations from you.
RightsInfo may provide your information to our service providers. Subject to your communication preferences and our internal policies and procedures, this would include providing your information to third parties that work with us to deliver on our charitable purposes, and other entities that act as fundraisers for RightsInfo, or provide RightsInfo with marketing information and services.
Where you have agreed to receive email marketing communications from us, we may provide your email address in an encrypted format to social media companies, such as Facebook, Instagram, Twitter or YouTube, or to digital advertising networks that are providing services to us by displaying our advertising to you on those social media platforms and other websites, as well as identifying audiences with interests similar to yours. You can opt out of your data being used to display advertising to you by contacting our Data Protection Officer as described above. However, this will not prevent our advertisements being shown to you on a randomised basis or based on cookie data and may mean that you stop receiving marketing communications from us more generally.
We enter into contracts with all of these service providers that require them to comply with data protection laws and to ensure that they have appropriate controls in place to protect the security of your information.
We will never sell your details and, except as indicated below, will only share your details with third parties (who are not service providers working at our direction) if you ask us to. We will not make cold telephone calls to members of the general public and, therefore, will not purchase your data in order to do so.
We may disclose your personal information if we are requested or required to do so by a regulator or law enforcement or in order to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect RightsInfo, for example in cases of suspected fraud or defamation, or in order to comply with any other applicable legal obligation.
We take appropriate physical, electronic and managerial measures to ensure that we keep your information secure, accurate and up to date, and that we only keep it as long as is reasonable and necessary.
Although we use appropriate security measures once we have received your personal information, the transmission of information over the internet is never completely secure. We do our best to protect personal information, but we cannot guarantee the security of information transmitted to our website, so any transmission is at the user’s own risk. However, any payment card details (such as credit or debit cards) we receive on our website are passed securely to our payment processing provider according to the Payment Card Industry Security Standards.
If you do not wish us to use your personal data for marketing purposes as outlined above, you can use the relevant box on the online form on which we collect your data to indicate your preference.
You can also change any of your marketing preferences at any time (including telling us that you don’t want us to contact you for marketing purposes) by:
If you have indicated that you do not wish to be contacted for marketing purposes, we will maintain your details on a suppression list to help ensure that we do not continue to contact you for marketing purposes. However, we may still need to contact you for administrative purposes, including (but not limited to):
Similarly, if your contact details have changed or you think any information we have about you is incorrect or incomplete, you can always update or correct the information we hold about you by contacting us.
You can make a complaint or raise a concern about how we process your personal data by contacting our Data Protection Officer. In some circumstances, you have the right to object to our processing of your personal data or to stop us from continuing to make active use of personal data that we retain in our records.
If you are not happy with how we have handled your complaint, you can contact the Office of the Information Commissioner, which oversees the protection of personal data in the UK, or the Fundraising Regulator, which is responsible for overseeing fundraising activities carried out by charities in the UK.
Alternatively, you may choose to contact either the Information Commissioner or the Fundraising Regulator directly about your complaint, regardless of whether you have raised it with us first.
You also are entitled to request a copy of the personal information relating to you which is kept on file by RightsInfo (a Subject Access Request or SAR) by contacting our Data Protection Officer.
Our Privacy and Cookie Policies take into account several laws, including:
If you apply to work or volunteer at RightsInfo, we will only use the information you give us to process your application and to monitor recruitment statistics. If we want to disclose information to someone outside the RightsInfo – for example, if we need a reference, plan to use an external supplier to run background checks or need to get a ‘disclosure’ from the Disclosure and Barring Service (DBS) – we will make sure we tell you beforehand, unless we are required to disclose this information by law. If you apply for a job or volunteering opportunity we may also collect information so we can assess your suitability for the role.
If you are unsuccessful in your job or volunteering application, we will hold your personal information for 6 months after we’ve finished recruiting the post you applied for. After this date we will destroy or delete your information.
If you begin employment with us, we will put together a file about your employment. We keep the information in this file secure, and will only use it for matters that apply directly to your employment.
Once you stop working for us, we will keep this file for 6 months. You can contact us to find out more about this.
If you use your credit or debit card to donate to us, buy something or make a booking online, we pass your card details securely to our payment processing partner as part of the payment process. We do this in accordance with the Payment Card Industry Security Standard (PDF download), and don’t store the details on our website or databases.
When you register with us, you are stating that you are 16 years of age or over, or are a minor acting with parental consent. You agree that any information you provide to us about yourself upon registration or at any time is true.
We cannot be held responsible for the privacy of data collected by websites not owned or managed by RightsInfo, including those linked through our website.
Emails aren’t always secure, and they may be intercepted or changed after they’ve been sent. RightsInfo doesn’t accept liability if this happens. The contents of emails reflect their author’s views and not necessarily those of RightsInfo.
Please do not send RightsInfo any financial data through email.
The information in emails is confidential, so if you’ve received one by mistake, please delete it without copying, using, or telling anyone about its contents.
RightsInfo’s data controllers will notify data breaches to the DPA without undue delay and within 72 hours of awareness.
Data controllers will communicate data breaches to the data subject without undue delay, where the breach is likely to result in a high risk to the rights and freedoms of individuals. Any data processor we may use will report personal data breaches to RightsInfo’s data controllers without undue delay after becoming aware.
We gather and process data with the help of a number of different software vendors. Here are links to each of their Data Protection/Privacy Policies: