Privacy policy
St Giles Trust is committed to protecting your privacy. This statement explains how we use personal data and the rights you have over your personal data. We review this statement on an annual basis or when there are changes on how we process personal data, so please check it occasionally. It was last updated on 18th June 2024.
About us
St Giles Trust, helping disadvantaged people.
We work in prisons and communities across the UK. We are a registered charity (no. 801355). We act as the ‘Data Controller’ for personal data we collect on our own behalf and are registered with the Information Commissioner’s Office, our registration number is Z5400841. We also act as the ‘Data Processor’ to deliver some services to our Clients. If you have any questions about this statement or our privacy practices please contact us using the details below.
How to contact us;
Registered address: Georgian House, 64-68 Camberwell Church Street London SE5 8JB
Email: info@stgilestrust.org.uk
Phone: 020 7708 8000
How do we collect personal data
We will collect personal data if you require our services, use our website, contact us, attend one of our events, work and/or volunteer for us.
This may be in digital or paper format, such as;
- Your IP address, browser and other details of the electronic devices you use when visiting our website.
- Your name, address, contact number and email address, these are used when you are a client and we will need these details to provide you with our services.
- Credit or debit card details – these are also required if you are making a donation to us via your card. (St Giles Trust cannot access credit card details of online donations).
- Bank details, national insurance number and next of kin details are required for employees.
- Monitoring information such as racial or ethnic origin or information on disabilities so that we are able to report on these areas and improve our services and working environment.
- From time to time, we may have your image, such as when we take photos at events, we may use these images in newsletters and other publicity materials.
- We may also hold your digital image on our CCTV in our offices.
Your rights
As an individual, you have these legal rights over your personal data:
- to be informed about its use
- to have it corrected
- to have it erased when we have no lawful basis to continue processing it
- to restrict its use
- data portability - to receive a copy of information you have provided to us in electronic format (where processing is done under Consent or Performance of a Contract)
- to object to its use (where processing is done under Legitimate Interest)
- to object to automated decision-making and profiling
Please use the contact details at the top of this statement if you want to exercise any of your rights. We consider each request in accordance with all applicable data protection laws and regulations and may ask you to provide proof of your identity before taking any actions. You also have the right to lodge a complaint about our use of your personal information with the Information Commissioners Office at the following website address: https://ico.org.uk/concerns/
Using our websites
Our website is www.stgilestrust.org.uk with details about what we do.
Our website can contain links to other websites run by other organisations.
This statement just applies to our website; we encourage you to read privacy statements on third party websites.
When someone visits the site we use a third party service, Google Analytics, to give us information about the number of visitors and visitor behaviour patterns; this information does not identify individuals, see our ‘Cookies’ below for more details.
Our website is hosted by third parties in the UK. When you go to a page it ‘logs’ details of when you visited, your IP address, page(s) accessed, where you came from (e.g. a link from another website), and your browser and operating system. This is standard practice for all websites. This allows us to investigate issues if the website is not functioning correctly. We do not permit anyone to identify an individual from these details.
For our main site, including e-newsletter sign up - when you sign up to the e-newsletter you give us Consent to send the newsletters to you at the email address you provide and include tracking details in the newsletters. This site is hosted by Itineris, who also deliver email newsletters and maintains the security and performance of the site. For more information, please read the Itineris Privacy Policy here: https://www.itineris.co.uk/privacy-policy/ for more information.
Cookies
We employ a number of cookies across our website in order to enhance the user experience and ensure that we are able to provide the relevant content that our visitors might expect. You can find more information on our cookie policy here: https://www.stgilestrust.org.uk/cookies-policy/.
E-newsletter
If you sign up to receive a copy of our e-newsletter it will be sent to the email address that you provide.
You can unsubscribe from the newsletter at any time either by clicking the unsubscribe link in a newsletter email.
We collect information on the subscribers (email address) that open emails, when they were opened, which links were clicked, and the geographical location the clicks came from to help us ensure the content of the newsletter is geographically relevant to all our subscribers. This information is used to help us make decisions about the content of future e-newsletters.
Online donations via our website
We use a third parties called Enthuse and Stripe to host our secure online donation facility. For more information, please read their privacy notices which you can find here:
https://stripe.com/en-gb/privacy.
Donor details are stored securely on Enthuse, Stripe and our Database. We use these details for the purposes of downloading remittance, for administration purposes and manual profiling.
Profiling
St Giles Trust currently use manual profiling methods to segment and profile donors based on various attributes and fields we track in our database. This is used to help us understand our donors better and to help us scope new fundraising opportunities from similar audiences.
Social Media
St Giles Trust and teams within St Giles Trust have platforms on Twitter, Facebook, LinkedIn, Instagram and YouTube. Please visit these sites for more information on their privacy policies and practices.
When you use our services
We use the personal data you provide so we can help you. We will always ask for your consent to share details with other partners or agencies that may be able to provide services; these agencies may include housing, social services, substance misuse, benefits & employment agencies, except in instances where there are safeguarding issues, where we may provide authorities such as the police information under legitimate interest to protect people where necessary.
When you apply for a job or to volunteer
Any information you provide during the application process such as your CV, will only be used for the purpose of progressing your application. We use the contact details you provide to give updates on your application.
We will use the other information you provide to assess your suitability for the role you have applied for during shortlisting and, if applicable, interviews.
During the offer process we ask for equal opportunities information (so we can produce and monitor equal opportunities statistics) and details of referees that we will then contact.
New starters are asked to provide bank details (so we can pay you), emergency contact details (so we know who to contact if you have an emergency at work)
We are required to confirm the identity of our staff and contractors their right to work in the UK by asking you to provide proof of identity.
We may ask you to complete a questionnaire about your health to establish your fitness to work; we share personal data to perform health checks with suppliers of these services.
We may need to perform a Disclosure and Barring Service (DBS) check if the role involves working with vulnerable groups of people; we share personal data to perform DBS checks with suppliers of these services.
We need to share some details with our payroll and pension providers, and our bank, to the extent that we can pay you and into your pension. We use a secure online HR system to hold HR data.
How do we keep personal data secure
Our website use secure (“HTTPS”) connections to protect data. However, as is the case with all websites, we are not able to guarantee security for data collected through our sites. We have physical, technical and administrative controls in place to protect personal data from unauthorised access, use and disclosure. We evaluate these safeguards on an ongoing basis to minimise risks from new security threats as they become known. We use carefully selected partners to provide us with services including the support of IT and computer systems. Our contractual terms with these suppliers include confidentiality clauses to respect the privacy of any personal data they come into contact with as a result of performing their tasks.
All paper forms of data where needed are stored securely in our offices along with any digital recordings (CCTV) where applicable.
We take the securing of data very seriously and all staff and volunteers are trained in GDPR and safeguarding to ensure that we are always compliant. If there is ever a breach of data or risk we work immediately to mitigate these and address them as soon as they are identified.
Sharing personal data
We will share personal data is there if a legal obligation or duty to do this, such as fraud protection or to enforce or apply our contractual terms.
We process personal data in these circumstances on the basis on Legitimate Interest for preventing crime or suspected criminal activity or enforcing our terms.
Enquiries from data subjects
If you have any enquiries about the use of your data, you can contact us with the details listed above, or by emailing the data protection team at dataprotection@stgilestrust.org.uk.