Privacy Statement
At Stand-by-me, we take your privacy and your personal data very seriously. We know how important it is to you that we treat any personal information that we might gather from you with the utmost care. This privacy statement sets out how we collect, store and use any data we collect from you, however, if you have any queries, please get in touch.
We abide by the principles, processes and practices we set out in our Data Protection Policy (last updated in March 2024 in line with GDPR).
In relation to GDPR, we use your consent as the lawful basis for processing your data and we rely on legitimate interest where we have existing and ongoing relationships with our donors, supporters and volunteers. For staff, we use contracting as the lawful basis for processing personal information.
Who we are
We are Stand-by-me Children’s Bereavement Support Service – a registered charity (1061359) established in 2014 that provides support for bereaved children, young people and their families in North Herts and Stevenage. We are a registered charity (number 1161035).
Get in touch
If you would like to contact us to ask to see your data; to make a complaint about how we have handled your data; to ask us to delete or correct something or anything else to do with the data we hold and process, please get in touch.
Our Data Protection Officer (DPO) is Keith Wadsworth. Just send an email with the details of your request at info@stand-by-me.org.uk
If you’d prefer to write to us, then please write to: Data Protection Officer, Stand-by-me, 111 Walsworth Road, Hitchin, Herts, SG4 9SP
What is ‘Personal data’?
By personal data, we mean any information that could be used to identify you. At its simplest this could be just your name and address or email address or, it could include your bank account details, telephone number, email address, a picture or recording of you.
Where we get your personal data from?
We only ever get your personal information from you. We don’t buy lists or take data from third parties unless we have your consent to accept that information.
Email enquiries via our website
In contacting us via our website using an email address you are providing some personal information. We retain this information securely and will only hold this information for as long as is necessary.
Supporters and donors
We only use the information supporters and donors have given us to process any gifts or donations or to keep them in touch with our work via newsletters and other communications. This might also include letting them know about exciting opportunities to take part in fundraising events for Stand-by-me.
We never use your data for profiling, for identifying potential donors or for donor preference analysis. We only accept personal information from third parties where you have expressly consented to your data being passed on by them – for example, Just Giving.
What we do with your personal data
Children, young people and families
We use the data we gather from children, young people and families we are supporting for the sole purpose of providing the best care and support that we can to them. This might also include being able to evaluate the quality of support we have given and audit our practices. Where we believe sharing the information we have been given with other agencies is in the best interests of supporting the child or young person then we would do that with consent.
We take our responsibility to safeguard the welfare of children, young people and vulnerable adults very seriously. We are legally obliged to pass on personal information to the relevant authority if we thought a child, young person or vulnerable adult was at risk.
Staff & Volunteers
We use the information that staff provide us to ensure that we can meet our legal obligations as an employer and for administrative purposes. For volunteers, we use personal data for administrative purposes. In both cases, we also use personal data to ensure we comply with safeguarding legislation and our obligations there. This includes ensuring our Disclosure and Barring (DBS) checks are done in accordance with DBS legislation and best practice.
How long do we keep your data for
We would never seek to keep your data for longer than you would think reasonable. In our GDPR and Data Protection Policy we set out a retention schedule that indicates how long we hold personal information and when it is deleted or archived.
If you would like to know how long we keep data for then please do contact us using the contact information at the top of this privacy notice.
If you are receiving communications from us then we will periodically ask you if you would still like to receive information from us and you are welcome to opt out at any time in line with best practice in fundraising. Just click here to send us and email and let us know.
Who can see your information
We take data security very seriously. Our internal systems are robust and we have invested in ensuring our data systems meet industry standards. Access to information we hold internally is restricted according to the type of data we hold and where we hold it.
We may also share your data with law enforcement agencies or statutory agencies if required.
About ‘Cookies’
When anyone visits our website, their IP address, browser and version, operating system and the site they came from are stored in a log file. This information is only used for statistical purposes to help improve this site. Log files do not contain any personal information. We do not use cookies for collecting personal information and we will not collect any information about you except that required for administration of the web server.
GDPR – A Summary of Your Rights
The Information Commissioner’s Office (ICO) has produced a summary of your rights in relation to data protection and the General Data Protection Regulation (GDPR) – Individual Rights
If you have a concern about how we have handled or processed your data, or are unsatisfied with our response to a complaint you have raised with us then please contact the ICO – Concerns
This privacy notice was last updated in March 2024 in line with the compliance deadline for GDPR. It is reviewed regularly.