Harvest Ayr exists to advance the Christian faith in Ayr and also throughout Scotland and in the rest of the World by all means consistent with the teachings of the Christian Bible including worship, ministry, mission, evangelism, prayer, witness, education, training and mentoring, counselling and support, community service and the support of agencies and individuals and other charitable organisations involved in Christian missionary work, church planting/building and the relief of poverty or other social needs.
We value everyone who engages with us by whatever means, and we do all we can to fully to protect your privacy and to make sure the personal data you provide us is kept safe.
This Privacy Notice is designed to comply with the General Data Protection Regulations 2018 (GDPR) and is issued in the interests of transparency over how we use (“Process”) the Personal Data we collect.
We treat all our supporters and contacts in line with our values and ethos and we welcome any feedback about any of our actions. Complete our contact form to get in touch
We collect personal information each time you deal with us, for example when you give through automatic faithfulness and agree gift aid donations, when you register your children for a children’s ministry activity, sign up for an event, provide comments, or feedback, complete a friendship register, or otherwise provide your personal details.
Information from social media
We may collect information that you make available on social media, for example, Twitter, Facebook, YouTube and LinkedIn. You may wish to check their privacy policies to find out more about how they will process your data.
Information from third parties
We do not currently collect information on you from third parties.
Sensitive Personal Data
Where you provide information on yourself or members of your family, we may collect sensitive personal data, which includes your name and address, age, religious belief, medical information, bank details etc.
WHAT DO WE DO WITH YOUR PERSONAL DATA?
We may use the personal data we collect to:
- Keep you up to date on news about Harvest Ayr and our ministries.
- Ask for financial and non-financial support, such as service opportunities or prayer.
- Process donations you give us including Gift Aid.
- Keep records of your relationship with us e.g. questions you have asked or suggestions or complaints you have made.
- Keep records of registration details for all our key ministries including children’s’ ministry, small groups, Harvest Youth, Harvest Men and Harvest Ladies.
OUR LEGAL BASIS FOR HOLDING AND PROCESSING YOUR PERSONAL DATA
Legitimate interest: Contacting you
We may contact you by email or telephone where we have a legitimate interest to do so. For example, where you have indicated you wished more information on a particular ministry. Where you have previously asked us not to contact you in this way we will respect your contact preferences. You can change your preferences at any time or stop us processing your data by contacting us by email at firstname.lastname@example.org or by post to Harvest Glasgow, 167 Ashkirk Drive, Glasgow G52 1LA.
Consent; Contacting you
We may contact you by email or text if you have given us your consent to do so. We will only communicate in accordance with your preferences and you are free to change your preferences at any time as noted above.
Where you provide personal or sensitive personal data, such as religious beliefs, dietary, mobility requirements or health information, to volunteer or travel on a trip with us we will store, process and disclose the personal information we collect to:
- Provide relevant information including fundraising materials and the volunteer role description.
- Provide the administration of these events or opportunities to serve.
- Monitor the quality of the volunteering opportunity or trip provided.
- Answer any questions or feedback you may have.
- Provide anonymised data to monitor compliance with our equal opportunities policy.
- Support the recruitment process where a Christian commitment is necessary for the role.
HOW AND WHERE WE STORE YOUR INFORMATION
We will keep your personal information only for as long as we consider it necessary to carry out each activity.
We have a data retention policy to implement this. We take account of legal obligations and accounting and tax considerations as well as considering what would be reasonable for the activity concerned. For example, we will retain details of donations for 7 years to meet tax and accounting requirements, and we will retain any safeguarding records indefinitely. We will only hold sensitive medical personal information provided to participate in an overseas trip until two years after the trip is completed.
Where there is legacy income, we keep data you provide indefinitely to carry out the administration of legacies and to communicate with the families of those leaving us legacies.
If you have any questions about our Data Retention Policy please contact our Data Protection Officer Jen Hardy by emailing email@example.com
HOW SAFE IS THE PERSONAL INFORMATION WE HOLD?
We ensure that we have appropriate technical controls in place to protect all the personal data you provide. For example, we ensure that any online forms are encrypted to ensure they can only be read by people permitted to do so. Our network is robustly protected from unauthorized access and is routinely monitored.
We ensure that access to personal data is restricted only to those staff members or volunteers whose job roles require such access and that suitable training is provided for these staff members and volunteers.
However, we need to remind you that despite all our efforts, the internet cannot be guaranteed to be 100% secure, and that you submit data at your own risk.
We hold bank account details for the purpose of collecting direct debits in accordance with direct debit mandate rules.
Where we store your personal information
We use cloud-based systems to process data and therefore data may be processed outside of the European Economic Area (EEA). We adopt the Information Commissioners approved measures and therefore ensure that personal data is held in compliance with European data protection regulations. We take all reasonable steps to ensure that your data is stored and processed securely in accordance with this policy. By submitting your personal data, you agree to this transfer, storing and processing of your information. Should you travel overseas with us, we may share personal information with partners who deliver our work in overseas locations. For example, this may include sensitive personal data such as medical information. When we do so we will make you aware of the data being transferred and seek your consent to do so.
WHEN WE SHARE YOUR INFORMATION
In line with our beliefs, we do not share or swap your information with any other charities.
We may need to pass on information if required by law or by a regulatory body. For example, a Gift Aid audit by the HMRC, or if asked for details by a law enforcement agency.
HOW WE TREAT CHILDREN
We collect children’s data with their parent’s/guardian’s permission in order to ensure legal and safety requirements when registering them to participate in Harvest Kids activities. During the registration process, parent’s/guardians can indicate consent or otherwise for the use of their children’s photographs and information for further communication related to Harvest and its ministries.
YOUR RIGHTS AND TELLING US WHEN THINGS CHANGE
We fully recognise your right to have your data removed, to be forgotten, to opt out of communications or withdraw consent and to have a copy of your personal data. You also have the right to lodge a complaint with the Information Commissioner’s Office.
You can change your preferences at any time about what you receive from us or how we contact you, by mail, phone or email. You can do so by:
Calling us on: Email us on: firstname.lastname@example.org Write to us at: Harvest Glasgow, 167 Ashkirk Drive, Glasgow G52 1LA
Updating your details
We do appreciate it if you keep your details up to date. You can do so in the same way as updating your preferences (above).
We may use Royal Mail’s postcode address file or other available sources to confirm data that you provide us with, where, for example, we are unsure of what you have completed on a form.
We will not use these sources to create data that you have chosen not to provide, for example, if you have left a telephone number blank; nor will we automatically update changes of address, we will normally only update your address when you tell us it’s changed.
Telling us to stop processing
You have the right to ask us to erase your personal data, to ask us to restrict our processing or to object to our processing of your personal data. You can do so at any time by writing to us at Harvest Glasgow, 167 Ashkirk Drive, Glasgow G52 1LA.
ACCESS TO YOUR INFORMATION
You have the right to request details of the information we hold about you. To receive a copy of the personal information we hold please write to our Data Protection Officer at the address given below. We will respond within one month of receiving your letter. For more information about your rights please visit the website of the Information Commissioner’s Office.