This privacy statement explains the data processing practices of Bethel such as why we collect the information we ask from you, how we use the information, our storage use and the purposes of using the information in order the fulfil the objectives of the charity.
If you have any questions regarding our Privacy Notice and our use of personal data or you would like to exercise any of your rights, please get in touch via the following information:
Email us: firstname.lastname@example.org
Telephone us: 0121 661 4276
Write to us: Data Protection Enquiry, Bethel Health and Healing Network, 196-198 Edward Road, Balsall Heath, Birmingham, B12 9LX.
If you are unhappy with the way we process your data, you can also make a complaint to the Information Commissioners Office (ICO) who regulates the use of information in the UK. They can be contact by:
Telephone: 0303 123 1113
Or by going online to: www.ico.org.uk/make-a-complaint
Write to the ICO: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK95AF.
We are Bethel Health and Healing Network, “we” “us” “our”, a registered charity under registration number 1116225 and for the purposes of UK data protection law we are a data controller. We offer a range of services such as our Doula Service and Rapha Listening Service that enable and empower people to become physically, emotionally and spiritually healthy.
1) What Information Do We Hold?
1.1 The personal information we collect, store and use might include:
- When filling in forms on our websites
- Your name and contact details (including postal address, email address and telephone number
- Your date of birth, if you were to enrol in one of our services we provide, we may ask how far along your pregnancy is
- If you register to use our site, participate in discussion boards or other social media functions on our site, surveys, campaigns and when you report a problem with our site.
- The information you give us may include your name, postal address, e-mail address, phone number, your place of worship – if applicable
- Your financial and credit card information
- Your personal description and/or photographs
- Any other information that you may choose to share with us
Data protection law recognises certain categories of personal information as sensitive or special categories of data and therefore requiring greater protection, for example, information about your health, religion, sex life or sexual orientation. We do not usually collect sensitive data about you unless there is a clear and valid reason for doing so, and data protection laws allow us.
If you are a Bethel employee or volunteer, or a Bethel Doula Service or Rapha Service user; we may also hold certain categories of sensitive information such as personal financial details, age, gender, marital status, date of birth, full employment and educational history, references, religion, medical and criminal records. This will depend upon whether you are delivering our services, or whether you are a service user.
1.2 Information we collect about you relating to each of your visits to our website when we will automatically collect the following information:
1.2.1 Technical information, Details of your visit to the website, and interaction with our email communications, including your IP address.
1.2.2 Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call our offices and staff members.
1.3 Information we receive from other sources. We may also receive information about you from our partners, other websites that we control, third parties who work closely with us including, for example, service delivery partners, payment and delivery services and search information providers.
2) How Will We Use Your Information?
2.1 To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
2.2 Providing you with the services, products or information you have asked us for.
2.3 As part of our efforts to keep our sites safe and secure.
2.4 To measure or understand the effectiveness of our promotional activities, and to deliver relevant information to you.
2.5 To send you news and information about Bethel and its associated work.
2.6 To maintain accurate and up to date records of our service users, and our employees, volunteers and partners.
2.7 To run Disclosure and Barring Service (DBS) checks on employees and volunteers in accordance with our safeguarding and employment policies.
2.8 Keeping a record of your relationship with us.
3) Where Do We Store Your Personal Data?
3.1 We are committed to holding your personal information securely. Only Bethel staff and volunteers that need to see the data in order to provide a service to you, or to comply with the law, can access it.
3.2 We may store your information on computers, mobile devices, in paper form, or all. 3.3 All computers and devices that store any personal data are password protected and security of these devices are monitored regularly.
3.4 Any paper files that hold personal information (other than names and contact details) are kept on secure premises in locked cupboards and filing cabinets.
3.6 Information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our site or app, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
3.7 Bethel’s website is held on a secured server; indicated by the padlock and https:// in your address bar when you visit our website. Once we have received information about you submitted through our website, we will use strict procedures and security features to prevent unauthorised access.
4) What Is Our Legal Basis for Processing Your Data?
4.1 Our legal basis for processing personal data is different depending upon the purpose for which it was collected. The following list covers the main types of data that we hold:
4.1.1 Data collected for Bethel news mailing and marketing lists includes only names and email addresses and is based on consent given to us in writing, via email or online. Where individuals haven’t given specific consent, marketing is consistent with the context in which the information was provided and concerns a similar service or activity. All email addresses are stored in the Mailchimp list server and an unsubscribe mechanism is included in each mailing.
We use explicit consent in order to process our service users’ data, this is completed via a form on our website.
4.1.2 Data collected for events, courses and services that we run, including if we send your communications through the post, or to personalise, enhance or modify and improve our services and communications to you to benefit our customers, or if we take photographs of the work we do in order to raise awareness and promote the positive outcomes and objectives of Bethel’s work, is held for our legitimate interests or because of a contractual obligation to do so.
Whenever we use legitimate interest to process data, we perform a legitimate interest balancing test (LIA) to enable us to consider any potential impact on you (both positive and negative), and your rights under data protection laws. Your information will only be processed if we have a genuine and legitimate reason as an organisation, and we are not harming any of your fundamental rights and freedoms according to the law.
4.1.3 Data collected for financial giving, gift aid or other fundraising, is held for our legitimate interests or because of a contractual obligation to do so.
4.1.4 Employee, volunteer and Bethel Board Member data records are processed to comply with legal and contractual obligations and to fulfil our legitimate interests as a charity.
5) How Long Do We Hold Your Data?
We keep your information for no longer than is necessary for the purposes it was collected for. The length of time we keep your information is determined upon our legal and operational considerations. For example, we are legally required to hold certain types of information to fulfil our statutory and regulatory obligations (i.e. employment law, health and safety and tax/accounting purposes).
We review our retention periods on a regular basis and update our Records of Processing Activities (RoPAs) accordingly. If you would like to know more about how long we hold your personal information for, please email email@example.com.
6) Your Rights
6.1 Under UK data protection laws, you have certain rights over the personal information we hold about you. Here is a summary:
Right to be informed
You have the right to be informed as to how we use your data under what lawful basis we carry out any processing. If you would like further information or you feel your rights are not being respected, please get in touch with any of the details listed at the top of this privacy notice.
Right of erasure
You may ask us to delete some or all of your information we hold about you. Sometimes where we have a legal obligation, we cannot erase your personal data.
Right to object
You have the right to object to processing where we are using your personal information such as where it is based on legitimate interests or for direct marketing.
Inaccurate personal information corrected
Inaccurate or incomplete information we hold about you can be corrected. The accuracy of your information is important to us and we are working on ways to make this easier for you to review and correct the information that we hold about you. We aim to carry out annual accuracy checks and contact you to ensure your information is up to date. If any of your information is out of date or you are unsure of this, please get in contact through the contact details listed at the beginning of this privacy notice.
Right of restriction
You have a right to restrict the processing of some or all of your personal information if there is a disagreement about its accuracy, or we are not lawfully allowed to use it.
Right to access your information
You have a right to request access to a copy of your personal information that we hold about you, along with the information on what personal information we use, why we use it, who we share it with, how long we keep it for and whenever it has been used for automated decision making. You can make a request for access free of charge and proof of identity is required.
Automated decision making
Automated decision making takes place when an electronic system uses personal information to make a decision without human intervention. You have the right question the outcome of automated decisions that may create legal effects or create a similar significant impact on you.
You can ask us to provide you or third party with some of the personal information that we hold about you in a structured, commonly used, electronic form so it can be easily transferred.
6.2 Data that is held on consent will only be processed as long as we have your consent. To withdraw your consent, you can contact us by emailing us at firstname.lastname@example.org
6.3 You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.
7) Other Websites
7.1 Our site may, from time to time, contain links to and from other websites, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
8.1.1 To allow you to carry information across pages of our websites and avoid having to re- enter information when you return to one of our sites;
8.1.2 To measure our website traffic and analyse how our websites work. This will allow us to make changes to our websites in the future and make them easier to use.
8.2 You can accept or decline cookies by modifying the settings in your browser. Please note that if you disable all cookies then you may not be able to access some parts of our websites.
9) Third parties working on our behalf
We may pass your information to our third-party providers, suppliers’ subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on their behalf, for example, to process a donation. Please be assured that your data will not be processed by these third parties for any other reason than that stated unless you have requested us to do so, or we are required to do so by law. For example, for the purposes of prevention of fraud or other crime or any other requirement by law.
This policy was last updated 13 December 2021.