Introduction
Acorns commits to abide by the General Data Protection Regulations 2018 {GDPR} and the Data Protection Act 1998 in all areas of its operation. This Privacy Policy and Notice sets out in detail the procedures in place to ensure that personal data relating to clients, supporters, donors, volunteers, facilitators, employees, visitors to our website, partners, etc are treated in an appropriate way and we aim to ensure that the personal data/information you give us is kept secure and processed fairly and lawfully.
This Privacy Policy and Notice explains when and why we collect personal information about our clients, data subjects and people who visit our website; as well as how we use it, the conditions under which we may disclose it to others and how we keep it secure; this policy tells you what to expect when Acorns collects personal information. By providing us with any personal data/information you consent to our using, processing, storing, sharing and transferring it in accordance with this Privacy Policy and Notice.
Whilst your data is in our care, whether on registered premises or at outside locations, Acorns shall comply with the eight principles of the Data Protection Act 1998, the provisions and principles of the General Data Protection Regulations 2018 and the Privacy & Electronic Communications (EC Directive) Regulations 2003. At Acorns, we are committed to protecting and respecting your privacy; we recognise that our priority under the General Data Protection Regulations 2018 (GDPR) and Data Protection Act 1998 (DPA) is to avoid causing harm to individuals by keeping information secure, in the right hands and holding good quality information. This includes data held on a computer, or removable device, and data held in manual form such as card indexes, or printed lists, etc.
Acorns aims to ensure that the legitimate concerns of individuals about the ways in which their data may be used are taken into account. In addition to being open and transparent, Acorns will seek to give individuals as much choice as is possible and reasonable over what data is held and how it is used. Any information collected by us is collected and processed in accordance with the General Data Protection Regulations 2018 and the Data Protection Act 1998 and all other UK’s Data Protection laws.
Acorns promises to respect any personal data and sensitive personal data you share with us, or that we get from other organisations, and keep it safe. We aim to be clear when we collect your data and not do anything you would not reasonably expect.
Acorns collects, processes, handles, shares, stores, retains, discloses information including but not limited to:
- Non-Personal Data.
- Depersonalised (Anonymised) Data.
- Personal Data.
- Sensitive Personal Data.
This Privacy Policy and Notice applies to information we collect about:
- People who use our services, e.g., who subscribe to our services, fundraising, newsletters, or request a publication from us.
- Our clients.
- People who we notify under the General Data Protection Regulations 2018 (GDPR) and the Data Protection Act 1998 (DPA).
- Visitors to our website.
- Our sponsors, current employees, former employees, volunteers and job applicants; and
- Complainants and other individuals in relation to a General data Protection Regulations 2018 (GDPR) and Data Protection Act 1998 (DPA) complaint or enquiry.
Who are we?
Acorns is a North Tyneside-based registered charity established in 1999 to provide therapeutic and support services to children affected by domestic violence and support for families and non-abusing carers. Based in North Shields, we provide services to people across the Borough and work closely with other organisations to extend and complement the services offered to children and families.
We are Registered Charity No. 1157078, and Company Limited by Guarantee with Registered Company No. 08838624, registered in the United Kingdom. Our registered address is 7 Alma Place, North Shields, Tyne & Wear, NE29 0LZ, United Kingdom.
How Do We Collect Information From You?
We collect, process, use, retain, store, share and disclose personal information about you and that you provide to us whenever you interact with us, through contact and correspondence with you. This may include your name, address, email address, telephone number, and other contact details, date of birth and any other personal information you provide to us. For example, when you make a donation, register for an event or submit an enquiry, or if you register for our services, or apply for a job or volunteering opportunity, when you contact us about products and services, if you register to receive newsletters, or otherwise give us any other personal information.
We obtain information about you when you visit/use our website, and also collect, process, use, retain, store, share and disclose certain technical information regarding your visit to our website. This may include the Internet Protocol (IP) address from which you visit our website and other non-identifying information regarding your usage of our website (including browsing and click-stream activity and your chosen browser and Internet Service Provider (ISP)).
We collect, process, use, retain, store, share and disclose data/information about you from our charitable and trading subsidiaries, any of our agencies, agents, contractors, service providers and corporate/commercial partners, and our national partners, both statutory and voluntary.
We may also receive information about you from third parties for a specific purpose– but only if you have given them permission to share your information.
What Type of Information is collected from you?
The personal information we collect may include your name, address, email address, telephone number, contact details, details of birth, copies and other details of identification documents, marital status, racial or ethnic origin, physical or mental health or medical condition(s), commission or alleged commission of any offence or proceedings for any offence committed or alleged to have been committed including past misconduct, the disposal of such proceedings or the sentence of any court in such proceedings and information captured on security systems (including voice, video, Close Circuit Television (CCTV) and security recordings), education background, resume, employment history, referees and results of employment checks (including background, credit and references checks),personal financial and social security details, relatives’ personal and financial details, emergency contact details and bank account details, if for example you are setting up a regular payment by direct debit/standing order.
Information/data about you shall include sensitive personal information /data including:
- Racial or ethnic origin.
- Political opinions.
- Religious beliefs or other beliefs of a similar nature.
- Trade union membership (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992).
- Physical or mental health or condition.
- Sexual life.
- Commission or alleged commission of any offence.
- Proceedings for any offence committed or alleged to have been committed, the disposal of such proceedings or the sentence of any court in such proceedings.
If you visit our website, we may use cookies to collect and record information about:
- Your IP address.
- Information regarding what pages are accessed and when.
- The amount of time you spend on the site.
- Whether you are new to the site, or have visited it before.
- How you came to our website – for example through an email link or a search engine.
- The type of computer, browser, network location and internet connection you use.
If you make a donation online your card information is not held by us, it is collected by our third party payment processors, who specialises in the secure online capture and processing of credit/debit card transactions.
How is Your Information Used?
We may use your data/information to:
- Process and administer a donation that you have made.
- Process sponsorships and services.
- Process and personalise your supporter experience.
- Provide you with the goods or services you have requested.
- To carry out our obligations arising from any contracts entered into by you and us.
- Process and comply with our administrative duties, financial regulations and the law.
- Send you communications which you have requested and that may be of interest to you. These may include information about campaigns, appeals, other fundraising activities, promotions of our partners/associated companies, goods and services.
- Process orders that you have submitted.
- Keep a record of your relationship with us.
- Ensure we know how you prefer to be contacted.
- Understand how we can improve our services, products or information.
- Dealing with entries into a competition.
- Seek your views or comments on the services we provide.
- Notify you of changes to our services.
- Improving customer service both online and offline.
- Administering content, promotions, surveys or any other Site features.
- Personalising your experience on our Site.
- Improving our Site functions and features.
- Supplying information about our products or services when requested.
- Answering any questions or queries.
- To detect and reduce fraud and credit risk.
- Processing Gift Aid.
- Processing job applications.
- To monitor recruitment/retention statistics.
- Monitor the recruitment process from enquiry to appointment, to obtain references as part of the recruitment process, to screen employees and volunteers including Disclosure and Barring Services Checks.
- Process and use your data/information for internal record keeping, for training, secondment, transfer, development, performance monitoring, health and safety, security and access control, for consulting or communication, for audits and reviews, to decide the most appropriate opportunity for you.
- Process and use your data/information for analysis for management purposes, to comply with legislation in relation to health, safety and other employment matters.
- Process and use your data to fulfil our statutory obligations about employee data that must be shared with HMRC, all government/quasi-governmental bodies; for compliance with our policies, according to General Data Protection Regulations 2018 and Data Protection Act 1998.
We review our retention periods for personal information and sensitive personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example the collection of Gift Aid). We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Who Has Access To Your Information?
We will not sell, rent or distribute your data/information to third parties. We will not sell, rent, distribute or share your data/information with third parties for marketing purposes.
Third Party Service Providers Working on Our Behalf
We may pass your information to third party service providers, our charitable and trading subsidiaries, any of our agencies, agents, contractors, service providers and corporate/commercial partners, our national partners, subcontractors and other associated organisations, both statutory and voluntary, for the purposes of completing tasks and providing services to you on our behalf (for example, to process donations and send you mailings).
However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please, be reassured that we will not release your information to third parties beyond Acorns for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party, or as part of any business restructuring or reorganisation, or if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use, or to protect the rights, property or safety of our supporters and clients. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
When you are using our secure online donation page, your donation is processed by a third party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you use your credit/debit card to donate to us we pass your credit card details securely to our third party payment processing partner as part of the payment process. We do this in accordance with the Payment Card Industry Security Standard, and do not store the details on our website. If you have any questions regarding secure transactions, please contact us.
Third Party Providers We Work in Association With
We work closely with various third party providers to bring you a range of quality and reliable services and special offers designed to meet your needs. When you enquire about, use or purchase one or more of these services and special offers, the relevant third party provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. In some cases, they will be acting as a data controller of your information and therefore we advise you to read their Privacy Policy. These third party providers will share your information with us which we will use in accordance with this Privacy Policy and Notice.
Direct Marketing
With your consent, we will contact you to let you know about the progress we are making and to ask for donations or other support. Occasionally, we may include information from partner organisations, organisations that support us in these communications, any of our agencies, agents, contractors, service providers and corporate/commercial partners, our national partners, subcontractors and other associated organisations, both statutory and voluntary. We make it easy for you to tell us how you want us to communicate, in a way that suits you. Our forms will have clear marketing preference questions and we include information on how to opt out when we send you marketing. If you do not want to hear from us, let us know when you provide your data or contact us on 0191 2006302 or by e-mail to admin@acornsproject.org.uk or writing to the address stated below.
We do not sell or share personal details to third parties for the purposes of marketing. But, if we run an event in partnership with another named organisation your details may need to be shared. We will be very clear what will happen to your data when you register.
Your Consent
By giving us your personal data/information, and sensitive personal data like information about your health, etc, you consent to us collecting, processing retaining, storing, transferring, disclosing, sharing and using that data/information in the ways that we describe in this Privacy Policy and Notice and/or that you have specifically consented to.
You also consent to us transferring your information to countries or jurisdictions which may not provide the same level of data protection as the UK, if necessary for any of the above purposes. If we do transfer your information in this way, we will comply with our legal obligations as a data controller under the General Data Protection Regulations 2018 and the Data Protection Act 1998 and, if we need to, put in place a contract with the companies we use to process information to ensure your details are properly protected.
Your consent to collect, process, gather, store, retain, transfer, disclose and share your personal data/information and your sensitive personal data/information is entirely voluntary and you may withdraw your consent at any time by contacting us on 0191 2006302 or by e-mail to admin@acornsproject.org.uk or writing to the address stated below.
Marketing Consent
We will only send you marketing information by post, e-mail, SMS, or phone if you have given us specific consent. If you withdraw your consent and then subsequently opt in, then your most recent preference may supersede.
If you have responded to a letter of appeal, you may also receive fundraising mail, which you can opt out of at any time.
You can opt out of us using your personal details for marketing at any time either by calling us on 0191 2006302 or by e-mail to admin@acornsproject.org.uk or writing to the address stated below.
The Manager
Acorns
7 Alma Place
North Shields
Tyne & Wear
NE29 0LZ
United Kingdom
Your Choices
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about the vital work we do for people and our products and services, then you can select your choices by ticking the relevant boxes situated on the form on which we collect your information.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted.
You can change your marketing preferences at any time by contacting us on 0191 2006302 or by e-mail to admin@acornsproject.org.uk or by writing to the address mentioned above.
Security Precautions to Prevent Loss, Misuse or Alteration of Data/Information
When you give us personal information, we take steps to ensure that it is treated securely, we take appropriate physical, electronic and managerial measures to ensure that we keep your information secure, accurate and up to date, and that we only keep it as long as is reasonable and necessary; we use leading technologies and encryption software to safeguard your data, and keep strict security standards to prevent any unauthorised access to it.
Once we receive your information, we make our best effort to ensure its security on our systems. When you submit sensitive information via the website, your information is protected both online and offline; any sensitive information is encrypted and protected to Microsoft standards, please see following link for more details: https://www.microsoft.com/en-us/trustcenter/security/encryption
We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers, service providers, partners and contractors. Where we have given (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential; we ask you not to share your password with anyone.
Although we use appropriate security measures once we have received your personal information, the transmission of information over the internet is never completely secure, non-sensitive details are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure; we do our best to protect personal information, but we cannot guarantee the security of information transmitted to our website, so any transmission is at the user’s own risk. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
We will not pass on your personal details to any third party without your consent and permission; we may need to disclose your details if required to the police, regulatory bodies or legal advisors. We will only ever share your data in other circumstances if we have your explicit and informed consent.
Where We Store Personal Data
All information you provide to us is stored on secure servers. Any payment transactions will be encrypted.
We sometimes use external companies to collect or process personal data on our behalf. We do comprehensive checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements; especially regarding how they manage the personal data they have collected or have access to.
Some of our suppliers may be based and run their operations outside the European Economic Area (EEA). We have strict controls over how and why your data can be accessed. The data that we collect from you may be transferred to, and stored at a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the processing of your payment details and the provision of support services. Although they may not be subject to same data protection laws as companies based in the UK, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and Notice. By submitting your personal data/information to us you agree to this transfer, storing or processing at a location outside the EEA.
Profiling
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud risk. We use profiling and screening techniques to ensure communications are relevant and timely, and to provide an improved experience for our supporters and clients.
Profiling also allows us to target our resources effectively, which donors consistently tell us is a key priority for them. We do this because it allows us to understand the background of the people who support us and helps us to make appropriate requests to supporters who may be able and willing to give more than they already do. Importantly, it enables us to raise more funds, sooner, and more cost-effectively, than we otherwise would.
When building a profile we may analyse geographic, demographic and other information relating to you in order to better understand your interests and preferences in order to contact you with the most relevant communications. In doing this, we may use additional information from third party sources when it is available. Such information is compiled using publicly available data about you, for example addresses, listed Directorships or typical earnings in a given area.
Children’s Data {13 or under}
We collect and manage information from children, and aim to manage it in a way which is appropriate to the age of the child. Information is usually collected when children apply for/receive our services, attend our events, fundraise for us or visit our site. But it can also be sensitive personal data – of children receiving any of our services, in any of our programmes/projects, or who contact Acorns.
Where possible and appropriate we will seek consent from a parent or guardian before collecting information about children. Our services have specific rules about whether children can participate, and we will make sure advertising for those services is age appropriate.
New data protection guidelines advise that children can offer their own consent for services from the age of 13. We therefore needs parents/guardians permission to protect the privacy of children aged 13 or under. If you are aged 13 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information. We only seek consent if we have age-verification and parental-consent measures in place.
People Who Use Acorns Services
Acorns offer various services to the public. We may use a third party to deal with some services and publication requests, but they are only allowed to use the information to provide such services and send out the publications.
We have to hold the details of the people who have requested our services in order to provide them. However, we only use these details to provide the service the person has requested and for other closely related purposes. For example, we might use information about people who have requested a publication to carry out a survey to find out if they are happy with the level of service they received.
When people subscribe to our services, they can cancel their subscriptions at any time and are given an easy way of doing this.
Job Applicants, Volunteers, Current and Former Acorns Employees
When individuals apply to work at Acorns, we will only use the information they supply to us to process their application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Criminal Records Bureau we will not do so without informing them beforehand, unless the disclosure is required by law.
Employees, Volunteers and Trustees will be informed about data protection issues during their induction period. Compliance with this Privacy Policy and Notice is a condition of employment and volunteering with Acorns. All members of staff and volunteers are expected to work within the above stated legislations. The Privacy Policy and Notice applies to all employees, members of staff, volunteers and members of the Board of Trustees.
Once a person has taken up employment or volunteering with Acorns, we will compile a file relating to their employment and volunteering. The information contained in this will be kept secure and will only be used for purposes and matters directly relevant to that person’s employment and volunteering. Once their employment and volunteering with Acorns has ended, we will retain the file in accordance with the requirements of our retention schedule and then delete it. Your personal information will be kept for as long as you are an Acorns employee, member of staff, trustee and volunteer, and for such reasonable time afterwards that is necessary to meet our legal obligations. If you cease to be an employee, member of staff, trustee and volunteer, your contact details will be retained for one year from the date you notify us of your resignation, after which it will then be destroyed or deleted. This is to allow us contact you should we need to clarify or confirm issues relating to your employment and volunteering.
You have a right to review your file and request copies of information contained in it and of any data/information about you which is kept in computers. If you want to see your file, please contact us via the details provided at the end of this Policy/Notice.
Personal information about unsuccessful candidates will be held for twelve (12) months after the recruitment exercise has been completed, after which it will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities and to develop our recruitment processes, but no individuals are identifiable from that data.
When an individual stops representing Acorns you will be asked to confirm that all personal data and sensitive personal data disclosed to you as part of your role, has been disposed of securely.
Sharing Your Story
Some people choose to tell us about their experiences to help further our work. They may take on a role as an Ambassador or Media Volunteer, attend our client focused events or sit on our committee. This may include them sharing sensitive information related to their health and family life in addition to their biographical and contact information.
We use some of the information provided, including gender, ethnicity or the type of medical condition people experience, to target opportunities to get involved. We will also monitor the types of people who are involved to ensure that the views we hear are representative of all people affected.
If we have the explicit and informed consent of the individuals, or their parent or guardian if they are under 16, this information may be made public by us at events, in materials promoting our campaigning and fundraising work, or in documents such as our annual report.
Transferring Data/Information Outside of Europe
As part of the services we offer to you, the information which you provide us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you are agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Information Sharing Agreements
Acorns are required to share information with third parties in accordance
with several contracts for charitable and business purposes. This includes outside agencies and
consultants, statutory and voluntary.
Before any information is shared contractual agreements will be in place that meet the requirements of GDPR. This pertains to information including but not limited to:
- Non-Personal Data.
- Depersonalised (Anonymised) Data.
- Personal Data.
- Sensitive Personal Data.
This will ensure that third parties will be obliged to ensure that the
following are met:
- Ethical standards are maintained.
- All information exchanged is done in line with the requirements of the
- All information supplied under the agreement is kept secure.
- All data supplied will only be held for as long as it is required during the process of the contract of activity, and that on completion all documentation will be disposed of as confidential waste.
Visitors to our Website
When someone visits www.acornsproject.org.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. Google Analytics stores information about:
- The pages you visit on acornsproject.org.uk
- How long you spend on each page.
- How you got to the site.
- What you click on while you are visiting the site.
We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Links to Other Websites
Our website may at times contain links to other websites run by other organisations. This Privacy policy and notice applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access such using links from our website.
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Cookies
Our website uses “cookies” to enhance your experience of our website, we do this to help make sure the website is meeting the needs of its users and to help us make improvements, for example improving website search. Your web browser may place cookies on your hard drive for record-keeping purposes and sometimes to track information about your use. You may choose to set your web browser to refuse cookies from our website, to switch off cookies, or to alert you when cookies are being sent. If however you choose to refuse these cookies/switch off cookies, you may not be able to access or engage features or functions of our website as intended.
Cookies are used to:
- Measure how you use the website so it can be updated and improved based on your needs.
- Collect statistical data about your browsing actions and patterns.
- Remember the notifications you have seen so that we do not show them to you again.
The cookies are not used to identify you personally. You will normally see a message on the site before we store a cookie on your computer.
Search Engine
Our website does not have a search function. No user-specific data is collected by either Acorns or any third party.
Website Security and Performance
Acorns uses a third party service, Jetpack and All In One WP Security and Firewall to help maintain the security and performance of the Acorns website. To deliver this service it processes the IP addresses of visitors to the Acorns website.
People Who Contact Us via Social Media
When you contact us through social media we will store and record this message as per personal information. It will not be shared with any other organisations or third parties unless as part of a contractual agreement.
People Who Email Us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policies. Email monitoring or blocking software may also be used. Please, be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
People Who Make a Complaint to Us
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant does not want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for six years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
When we take enforcement action against someone, we may publish the identity of the defendant in our Annual Report or elsewhere. Usually we do not, identify any complainants unless the details have already been made public.
Complaints or Queries
Acorns tries to meet the highest standards when collecting, processing and using personal information and sensitive personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection, processing or use of information is unfair, misleading or inappropriate. We will also welcome any suggestions for improving our procedures.
This Privacy Policy and Notice does not provide exhaustive details of all aspects of Acorns collection, processing and use of personal information; however, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below. You can also view our Complaints Procedure (available on request) for more information on how to make a formal complaint.
Access to, Update and Change of Personal Information
Individuals can find out if we hold any personal information by making a ‘Subject Access Request’ under the General Data Protection Regulations 2018 and the Data Protection Act 1998. This right to access covers both manual records and data held on computerised systems.
If we do hold or process data/information about you we will:
- Give you a description of it.
- Tell you why we are holding it.
- Tell you who it could be disclosed to.
- Let you have a copy of the information in an intelligible form.
- Tell you the purpose for which this is being done.
- Tell you the source of such data.
- Tell you who will have access to it in an intelligible form, upon request.
The accuracy of your data/information is important to us; therefore, if any of the data/information we hold is inaccurate or out of date, or if you want to ask us to correct any mistakes, or if you want to make a request to Acorns for any personal information we may hold or process, or if you wish to see our records of any correspondence you have sent to us, or if you have a queries or complaints about this Privacy Policy and Notice, or about our website, please call us on 0191 2006302, email us at admin@acornsproject.org.uk or write to us using the contact details stated at the end of this Policy/Notice. Acorns will take such reasonable actions as is necessary to ensure the accuracy of information; data/information is deemed to be inaccurate if it is either incorrect or misleading as to any matter of fact.
You may withdraw your consent, opt out of any future contacts from us at any time, and can do the following at any time:
- See what data we have about you, if any.
- Change/correct any data we have about you.
- Have us delete any data we have about you.
- Have such data corrected or erased, where appropriate.
- Express any concern you have about our use of your data.
You may access, change, correct, delete and express any concern you have about our use of your personal data; and withdraw your consent to the collection, processing, retention, transfer, disclosure, sharing of your personal data and sensitive personal data at any time because your consent to collect, process, retain, transfer, share, disclose your personal data and sensitive personal data is entirely voluntary.
We also use publicly available sources to keep your records up to date; for example, the Post Office’s National Change of Address database and information provided to us by other organisations as described above.
Under the General Data Protection Regulations 2018 and the Data Protection Act 1998, you have the right to ask for a copy of the information Acorns hold about you and you have a right to ask us to stop processing your personal data.
Disclosure of Personal Data/Information
Personal data/information is always treated as strictly confidential. We will not disclose it to any third party (outside the Acorns Group) without your express consent and permission except:
- As required by law.
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If our company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or terms and conditions of supply and other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We may pass non-personal aggregated information about services and website usage to reputable organisations for research or analysis purposes only.
In many circumstances we will not disclose personal data without consent. However when we investigate a complaint, for example, we will need to share personal information with the parties concerned and with other relevant bodies. You can also get further information on:
- Agreements we have with other organisations for sharing information.
- Circumstances where we can pass on personal data without consent for example, to prevent and detect crime and to produce anonymised statistics.
- Our instructions to staff/volunteers on how to collect, process, use, delete personal data.
- How we check that the information we hold is accurate and up to date.
Changes to This Privacy Policy and Notice
We keep our Privacy Policy and Notice under regular review. We may change this Privacy Policy from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on the Acorns website or by contacting you directly.
If this Privacy Policy and Notice changes in any way, we will place an updated version on our website; regularly checking our website ensures you are happy with any changes, aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties. By using our services and website, you are agreeing to be bound by this Privacy Policy and Notice.
This Privacy Policy and Notice was last updated in May 2018. If you have any questions, comments or suggestions, please, let us know by contacting us on 0191 2006302, emailing us at admin@acornsproject.org.uk or writing to us using the address below.
How to Contact Us
If you want to request information about our Privacy Policy and Notice, or have any questions regarding this Policy and our privacy practices you can call us on 0191 2006302, email us at admin@acornsproject.org.uk or write to:
The Manager
Acorns
7 Alma Place
North Shields
Tyne & Wear
NE29 0LZ
United Kingdom