The following statement describes how Ensemble pour la Difference collects and uses information about people whose data we hold because of their interest in our work.
If you have any queries about this statement, please contact us at firstname.lastname@example.org
Who We Are
Ensemble Pour la Difference (DRC) is registered as a Co-Operative (CD/BKV/RCCM/15-D-003) in République Démocratique du Congo. Registered address is 39 Avenu Fizi, Commune d’Ibanda, Bukavu, Sud-Kivu, République Démocratique du Congo.
Ensemble Pour la Difference (UK) is a registered charity in England & Wales (No. 1174074). Registered address is Centenary House, Peninsula Park, Rydon Lane, Exeter, EX2 7XE.
Ensemble is committed to protecting your privacy and ensuring that any personal information or data we hold about you is held fairly and securely. Under data protection law, Ensemble is a “data controller”. This means that we have control over the way we process your personal information.
What personal data do we collect?
Personal data or personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
The basis on which we collect personal data from you under GDPR for the purposes covered by this policy is that you have consented to its use.
We may collect, use and store the following personal data about you:
Identity Data includes your name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender;
Contact Data includes billing address, delivery address, email address, telephone numbers and contact preference;
Financial Data includes bank account and payment card details (if you are making a donation);
Transaction and Events Data includes details about previous donations, products and services you may have purchased from us and events or activities you register for or attend;
Taxpayer Status for claiming GiftAid;
Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website;
Usage Data includes information about how you use our website; and
Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.
We will also collect, gather and store Aggregated Dataregarding the use of our website, such as which pages are visited most frequently. Only anonymous information and statistics will be used which do not identify individual visitors. Aggregated Data is therefore not considered personal data in law as this data does not directly or indirectly reveal your identity.
Special category data
Special category data is data which is more sensitive and requires more protection. We only collect special category data, with express consent provided from the data subject, related to health, which we legitimately need to have to ensure that we provide appropriate facilities or support to enable participation in our events or other activities.
When do we collect your personal data?
We use different methods to collect data from and about you and have set these out below.
You may give us personal data when you correspond with us by post, phone, email or otherwise to:
· Subscribe to our newsletter;
· Make a donation to us;
· Ask a question by phone, email, post or otherwise;
· Apply for a job or volunteering position;
· Participate in social media functions on our website e.g. entering a survey; or
· When you report a problem with our website.
My may also collect, use and store identity and contact data from publicly available sources such as Companies House and the electoral Register based inside the EU.
How do we use this information and the legal grounds?
We use your personal data for the purposes listed below. For each processing purpose we have set out the legal ground for this:
To register you as a newsletter subscriber we use your Identity and Contact Data to identify and register you in order to fulfil our legal contractual obligations to you (“Consent Ground”).
When you make a donation to us we use your Identity, Contact, Financial and Tax Status Data to identify you, for our internal record keeping, claim gift aid and to fulfil our legal contractual obligations to you (“Legal Contract Ground”).
To process your donation we use a third-party processor for processing your donation payment and to process gift aid to receive the tax relief. This enables us to fulfil our legal contractual obligations to you (“Legal Contract Ground”).
To send you marketing materials about our activities and future events we use your Identity, Contact and Marketing and Communications Data to provide you with details of our upcoming fundraising activities and events, which we believe will be of interest to you (“Legitimate Interest Ground”).
To deliver relevant website content to you we use your Identity, Contact, Profile Data and Usage Data. This allows us to tailor our website for your use (“Legitimate Interest Ground”).
To manage our relationship with you we use your Identity, Contact, Profile and Marketing and Communications Data to enable us to notify you about any important administrative messages, changes to our terms or policies, relevant changes in the law (“Legal Obligation Ground”).
To engage you in a personalised way we use your Identity, Contact, Profile Data and sometimes publicly available information. Where we have identified that you may have the capacity or affinity to support Ensemble at a higher level, we may legitimately use the information we hold about you to identify connections between you and our existing circle of supporters (“Legitimate Interest Ground”).
To administer and protect this website we use your Identity, Contact and Technical Data to properly administer our IT services to you and to prevent fraudulent activities (“Legal Obligation Ground”).
If required to do so by law or regulatory obligation we may need to disclose personal data to regulatory bodies (“Legal Obligation Ground”).
Please note, when we are relying on the Legitimate Interest Ground we consider your fundamental rights and freedoms before we process your personal data for our legitimate interests to consider and balance any impact on you (both positive and negative). We do not use your personal data for activities where our interests are overidden by the impact on you (unless we have your consent or are otherwise required or permitted by law) (“Legitimate Interest Assessment“).
For more information about the legal grounds we have relied on to process your personal data please go to www.ico.org.uk.
When you sign up for our newsletter you will be given the opportunity to opt in to receive other communications from us (events, volunteering opportunities, fundraising).
If you change your mind and no longer wish for us to contact you for marketing purposes please let us know and we will stop contacting you. You can do this at any time by:
Unsubscribing to communications using the ‘unsubscribe’ link at the bottom of our emails indicating that you do not wish to receive email updates.
Contacting the Ensemble team by emailing email@example.com
Writing to us at: Ensemble UK, Unit 416, Mindspace Aldgate, 114 Whitechapel High St, London, E1 7T, UK.
Privacy and security
‘Cookies’ are small pieces of information sent by a web server to a web browser, which enable the server to collect information from the browser. Essentially it takes the form of a small text file deposited on your computer’s hard drive.
Personal Data Protection
Information that you submit in a registration or enquiry form may be stored using a third party 'cloud computing' service and/or stored on secure hard drives. We also use encryption and a secure server when you donate via our website. However, the transmission of information over the Internet is never 100% secure so while we try to protect your personal information, we can’t guarantee the security of any information you submit to us via our website.
We also take appropriate measures to ensure that the information we receive is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used. All access to our secure server is restricted only to authorised staff.
How long will we hold your personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Our website may include links to websites run by other organisations. We are not responsible for the privacy practices of other organisations’ website, so you should read their privacy policies carefully before you submit any personal data.
Your data protection rights
You have the right to ask for a copy of the information we hold about you which we will provide free of charge, and to have any inaccuracies in your information corrected.
You can make a complaint or raise a concern about how we process your personal data.
In some circumstances, you have the right to object to our processing of your personal data or to stop us from continuing to make active use of personal data that we retain in our records.
We want to make sure that your personal data is accurate and up to date. You may ask us to correct or remove information that you think is inaccurate.
If you would like to contact us about any data requests described above please email us at firstname.lastname@example.org or write to us at Unit 414, Mindspace Aldgate, 114 Whitechapel High St, London, E1 7PT, UK.
For more information about your rights under data protection law please go to www.ico.org.uk.
If you are not happy with how we have handled a complaint, you can contact the Office of the Information Commissioner, which oversees the protection of personal data in the UK, or the Fundraising Regulator, which is responsible for overseeing fundraising activities carried out by charities in the UK.
Alternatively, you may choose to contact either the Information Commissioner or the Fundraising Regulator directly about your complaint, regardless of whether you have raised it with us first.
We reserve the right to amend this privacy statement. The most up to date version will be always be available on our website so please check from time to time. By continuing to use our website you will be deemed to have accepted any changes.