Privacy Policy
Introduction
Open Door North East (ODNE) is a charity, founded on Christian values, working to end destitution amongst asylum seekers and refugees. Our mission is to support those seeking sanctuary to move out of poverty and destitution and to be empowered to achieve their full potential. To find out more about us, see the ‘About us’ section of our website.
The law on data protection changed in May 2018, when the new EU-wide General Data Protection Regulation (GDPR) comes into force. This new regulation gives you greater control over how information about you is stored and used by organisations like ODNE. We have undertaken an audit of all the personal information we hold at ODNE, and put into place new processes and systems to make sure we are working in line with the regulations. This policy is part of that process.
If you have any queries about our privacy policy please email
admin@opendoornortheast.com or call us on 01642 213634.
Who are we?
Open Door North East is a charity, founded on Christian values, supporting destitute asylum seekers and refugees across the Tees Valley by providing accommodation and support. We are a charity registered in England and Wales (Number 1099865). Our registered office is: Baines Jewitt Chartered Accountants, Barrington House, 41-45 Yarm Lane, Stockton-on-Tees, TS18 3EA.
For the purposes of this Policy, ‘us’, ‘we’ and ‘our’ refer to ODNE.
What is this policy about?
ODNE is committed to protecting your privacy and the personal information you provide us with. In line with our values, we want to treat you - and your personal information - with respect and dignity. It is important to us that you have confidence in us as an organisation, and that you trust us to look after your information. This policy explains how we collect, use and store your personal information, and also explains the rights you have under the 2018 regulations.
At ODNE, we have relationships with different people, from clients and supporters to volunteers and staff. For each type of relationship, we collect different personal information and this data might be used and stored in different ways. We have created specific privacy notices providing more detailed information as to how we process your information, depending on the particular connection or relationship you have with ODNE.
Your rights
Under GDPR, you have 8 specific rights when it comes to your personal information.
- The right to be informed- meaning you should be given clear information about what personal information we keep, why we keep it and how it is used and stored.
- The right of access- meaning you can ask us for a copy of all the personal information we hold about you and you can ask us questions to make sure that we are processing your information legally.
- The right to rectification- meaning that if the personal information we have is wrong or incomplete, you can tell us so that we only keep accurate information that you have chosen to share with us.
- The right to erasure- meaning that you can ask us to erase all your personal information. This is sometimes known as ‘the right to be forgotten’. There are some occasions when we may have a legal obligation or legitimate interest to keep certain information about you, even if you no longer want to be on our records, for example in terms of processing financial information, or keeping records in case of a future claim.
- The right to restrict processing- meaning that you can ask us to keep your information but only use it for certain purposes, for example you may want to only receive certain types of information from us.
- The right to data portability- meaning that you can ask for your data to be transferred to another system. This is not something that is currently relevant to our work at ODNE, but an example would be if you use a price comparison website to compare different bank accounts, you have the right to tell your current bank to share relevant information with another account provider.
- The right to object- meaning that if you are unhappy with the way we have processed your data, for example if we keep writing to you when you have asked us not to, you can tell us and we must respond.
- Rights in relation to automated decision making and profiling- meaning that we need to tell you if we use any systems which automatically use your personal information without human involvement. There is more information about this and all the other rights on the Information Commissioners Office website here.
What information do we collect?
We collect personal information, or data, each time you interact with us. For example, when you are referred to our service for accommodation, when you make a donation, request information, apply for a job or volunteer opportunity, sign up for an event, provide feedback or otherwise provide your personal details.
We collect information from third parties, for example fundraising sites like People’s Fundraising or from referral agencies, where you have given your consent. You may wish to check the privacy policies of these organisations to find out more information on how they will process your data.
When you visit our website, we collect non-personal data such as details of pages visited and time and location data. Website usage information is collected using cookies (see the section on Cookies below).
We may collect publicly available information, for example from Companies House, Charity Commission, or information published in newspapers.
What do we do with your information?
Please note that more detailed information is given in the privacy notices at the end of this policy.
Clients
We may use the personal information we collect from you (and / or the organisation who referred you) to:
- arrange an initial contact meeting to understand your situation and find out whether we are able to offer you accommodation and support
- provide you with any services (accommodation and support) we have agreed with you
- share information with other organisations, for example with your original referrer, or with legal or medical services
Our use of your information is always subject to our confidentiality policy and your support worker will explain this to you.
Supporters
We may use the personal data we collect from you to:
- keep you up to date with news and stories about our work
- process any donations you give to us including claiming gift aid on your donations if authorised by you to do so
- thank you for your donations and invite you to continue to support us financially and non-financially, for example through volunteering or praying
- provide you with any information you have requested
- keep a record of your relationship with us
- analyse the personal information we collect about you and use publicly available information to aid our understanding of our supporters to help provide the right information at the right time to the right supporters
- conduct research to aid our understanding of our supporters and their views so that we can improve and develop our services, which may include contacting you to ask for your comments and opinions
We will always do this in compliance with our own Fundraising Commitment and with rules set out by the Fundraising Regulator.
Volunteers and Job applicants
We may use the personal information we collect from you to:
- process and consider your application for a role at the ODNE. Your information will only be shared with our staff involved in the recruitment process
- share specific and appropriate elements of your personal data, for example, your contact details, with other staff team members that you will be working with should your application be successful
Employees
We may use the personal information we collect from you to:
- fulfil our contractual obligations to you, such as paying you
- ensure we are treating you as we’ve committed to, for example under our sickness absence policy
- provide references at your request should you move on
Sharing your information
Sometimes we may need to share your information, with your consent. We may also have to share information if it is required by a law enforcement agency or by a regulatory body, for example the HMRC for processing gift aid on donations. We do not share your information with any other organisations for their marketing purposes.
We may use other organisations to carry out tasks on our behalf, including processing donations (for example we receive online donations from People’s Fundraising), sending emails (such as using Mailchimp to send our newsletters) and sending text messages. We will provide these organisations with only the information needed to deliver these services, and they are not permitted to use or store your data for any other purpose.
We may share your information internally, within the ODNE team, for the purpose of safeguarding, or for example if a staff member needs to query something with you.
Where and how do we store your personal information?
We take appropriate steps to ensure your personal information is managed securely. We store and process most of our information using cloud based systems and secured servers. Internally, this is accessed only by appropriate staff and volunteers who are trained suitably. We restrict access to certain computer drives and files, for example information relating to health and medical information or financial giving.
Some of your information may be stored in hard copy (on paper), for example if you have given us a photocopy of any personal documentation, or signed copies of formal paperwork. We do our best to keep paper copies to a minimum and we store hard copies of these documents in locked filing cabinets with restricted access.
In some cases, third parties may have access to your personal information, and where this is the case we ensure that they are GDPR compliant.
We may use external companies to collect or process personal data on our behalf, for example Mailchimp. While we take appropriate steps to ensure that information is secure, for example by using encrypted forms, we cannot guarantee that transmission of information over the internet is 100% secure and therefore you submit data at your own risk.
Data in cloud based systems may be processed outside of the European Economic Area (EEA). By submitting your personal data, you agree to this transfer, storing and processing of your information.
Cookies
Cookies are text files that are placed on your computer by websites that you visit. You can find more information about cookies here (www.aboutcookies.org). Most browsers allow you to turn off the use of cookies function, should you wish to.
Cookies may be used to collect information about your visit to our website, for example: the pages that you visit, the time and date of your visit, location and traffic data.
We may collect and use this data for the following reasons:
- To understand the interests and needs of those who visit our website
- To estimate our audience size and patterns
- To support the processing of forms, applications or requests you send to us
- To help us improve and update our website
ODNE uses third party suppliers such as Facebook, Twitter, Mailchimp, Vimeo and they may use cookies. We do not control these, and we would advise you to check with these third parties for information about their cookies and how to manage them.
Some of these third parties may be located outside of the UK and the European Union, and therefore they may not fall under the jurisdiction of UK courts. If this is a concern to you, you can change your cookie settings and you can find out more about this from the Information Commissioner’s Office (ICO) (https://ico.org.uk/).
Links/Other Websites
This privacy policy only applies to ODNE. The ODNE website contains links to other websites, which are run by other organisations. ODNE is not responsible for the privacy practices of other organisations, and as a result of this you should read their privacy policies with care.
How long do we keep your information?
How long information is kept for is sometimes called ‘data retention’. We will keep your personal information only for as long as we consider it necessary. We have to take into account legal obligations, for example we are obliged to keep details of anyone making a financial donation for 7 years after the gift (and share those details to the HMRC if this is gift aided), accounting and tax considerations and also consider what is reasonable for the activity in question. If you have any questions about this, please contact us in writing using the contact details at the bottom of this Privacy Policy.
Updating your details and preferences with us
Please keep your details up to date with us, for example if you change address or telephone number. When you provide us with personal information, we may use the Royal Mail’s Postcode Finder or other available sources to confirm this, for example if we are unsure of what you have written on a form. We do not use these sources to access data that you have chosen not to provide to us.
You can change your preferences for which communications you receive from us, and how we contact you, by getting in touch with us at any time.
By email: admin@opendoornortheast.com
By phone: 01642 213634
By post: Data Protection Officer, Open Door North East, Melbourne House, Newport Road, Middlesbrough, TS1 5QH.
Accessing and amending your information and preferences
At any time, you can do the following:
- ask for a copy of the personal information we hold about you
(this is also known as a Subject Access Request – please see the Appendix for our SAR policy) - ask us to erase or remove all your personal information
- ask us to restrict how we use your personal information
- object to our use of your personal information
Your request does not need to be in writing but we may ask you to complete a form or submit details in writing (either on paper or in an email is fine) if this will help us deal with your request. The more detail you are able to include the better we’ll be able to respond.
To do any of these, please write to us at:
By email: admin@opendoornortheast.com
By post: Data Protection Officer, Open Door North East, Melbourne House, Newport Road, Middlesbrough, TS1 5QH
We will act on any requests received at the latest within one month of receiving your request, unless this request is complex, in which case we will inform you within one month of receiving your request and explain why we need to extend this length of time.
Vulnerable persons and children
ODNE takes seriously the importance of identifying and supporting people who are known to us and who may be in vulnerable circumstances. ODNE staff are trained to do this appropriately in accordance with our Safeguarding policy and Vulnerable Supporters policy and guidance. If you wish to view a copy of these documents, please contact us.
We only support and accommodate adults aged over 18. We do not actively seek to collect children’s data. If you are a ODNE supporter and are aged 16 or under we would ask you to please gain the permission of a parent or guardian before you provide ODNE with any personal information.
How to contact us
Please contact us if you have any questions about our privacy policy or information we hold about you.
By email: admin@opendoornortheast.com
By phone: 01642 213634
By post: Data Protection Officer, Open Door North East, Melbourne House, Newport Road, Middlesbrough, TS1 5QH
For more information about your rights in relation to the information we hold about you, you can visit the ICO website (https://ico.org.uk).
About this Policy
Our Privacy Policy may be amended and updated, and so you may wish to check it whenever you share personal information with us. If we do amend this privacy policy, the most recent version of it will always be available on our website. We may not explicitly inform our users of these changes. Updates are listed below.