Privacy

Sparks Privacy and Data Protection Statement

 

Sparks Charity, as part of the Great Ormond Street Hospital Children’s Charity family, is committed to protecting your privacy. This policy explains how we collect and use the personal information you provide to us whether online or via phone, mobile, e-mail, letter or other correspondence.

By using our website, any of our services, or providing us with personal information we will assume you are agreeing to your information being used and disclosed in the ways described in this policy.

The links below can be used to navigate your way around this policy:

  1. Who we are
  2. Data Protection Act
  3. What personal information do we collect?
  4. Credit, debit card and payment information
  5. Why do we collect and how do we use your Information?
  6. Information sharing and disclosure
  7. The accuracy of your Information
  8. Under 16s
  9. Vulnerable circumstances policy
  10. Storing your Information
  11. Our website
  12. Cookies and spotlight tags
  13. Changes to the policy
  14. Your rights
  15. Privacy queries
1. Who we are

Sparks is registered as a charity in England and Wales (registered charity number 2634037) and Scotland (registered charity number SC039482). We are also a registered as a company limited by guarantee (company number 2634037).

Sparks is part of the GOSH Charity Family. For more information on GOSH Charity please see their website, www.gosh.org.

Back to top ↑

2. Data Protection Act

In carrying out our day to day activities we process and store personal information relating to our supporters and we are therefore required to adhere to the requirements of the Data Protection Act 1998. We take our responsibilities under this act very seriously and we ensure the personal information we obtain is held, used, transferred and otherwise processed in accordance with that Act and all other applicable data protection laws and regulations including, but not limited to, the Privacy and Electronic Communication Regulations.

See section below on information about your rights

Back to top ↑

3. What personal information do we collect?

Personal information is information that can be used to identify you. It can include your name, date of birth, email address, postal address, telephone number, mobile telephone number, fax number, bank account details, credit/debit card details and whether you are a UK tax payer so that we can claim Gift Aid (please rest assured we do not collect information about your actual tax payments, just whether you are a tax payer). We collect personal information about you when you ask about our activities, make a donation to us, register for an event, engage with our social media, order products and services (such as publications and email newsletters), or otherwise give us personal information.

If you do nothing other than read pages or download information from our website, we may gather information about this use, such as which pages are most visited and which events or activities are of most interest.  This information can be used to help us improve our website and services and ensure we provide you with the best service.  Wherever possible, the information we use for this purpose will be aggregated or anonymised i.e. it will not identify you as an individual visitor to our website.  More information can be found in the section below entitled “Our Website”.

We do not usually collect “sensitive personal information” about you unless there is a clear reason for doing so, such as participation in an event where we need this information to ensure we provide appropriate facilities for you.  We may collect health information if you tell us about your experiences connected to our medical research (for example, if you act as a case study for us); however, we will make it clear to you when collecting this information as to what we are collecting and why.

Back to top ↑

4. Credit, Debit card and payment information

If you use your credit or debit card to donate to us, buy something or pay online or over the phone, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard (PCI DSS).  Find out more information about PCI DSS standards by visiting their website at www.pcisecuritystandards.org.

We do not store your credit or debit card details at all, following the completion of your transaction.  All card details and validation codes are securely destroyed once the payment or donation has been processed.  Only those staff authorised to process payments will be able to see your card details.  If we receive an e-mail containing any credit or debit card details, it will be immediately deleted, no payment will be taken and you will be notified about this.

Back to top ↑

5. Why do we collect and how do we use your information?

We may collect your personal information for a number of reasons, such as:

  • To provide you with the services or information you have requested;
  • To process any donation(s) we may receive from you;
  • To ask you to help us to raise money or donate money to our charity, but always in accordance with the Fundraising Regulator’s Fundraising Promise;
  • To provide you with information about our work, research or our activities, that you have asked to receive;
  • To invite you to participate in surveys or research;
  • For administration purposes e.g. we may contact you about a donation you have made or event you have expressed an interest in or registered for;
  • For internal record keeping, such as the management of feedback or complaints;
  • To analyse and improve the services we offer;
  • The use of IP addresses to block disruptive use, to record website traffic or to analyse the way our information is presented to you to identify your approximate location;
  • Where it is required or authorized by law; and
  • Assessing your personal information for the purposes of credit risk reduction or fraud prevention (regrettably some people target charities for illegal purposes such as money laundering and, quite rightly, we are required to monitor financial activity and report suspected fraud to the appropriate authorities).

We may supplement or add to the information we hold about you with information that is available through, or we receive from, other sources e.g. public registers, or third-party information services such as Experian Mosaic. This allows us to send the most relevant information to you and promote those fundraising opportunities that we believe you are most likely to be interested in.

Access further information on Experian Mosaic.

We may contact you for marketing purposes by mail, e-mail, telephone, mobile telephone, text or social messaging; in some cases, this will require getting your permission. We may also send you service communications via e-mail, text or social posting, for example if you have made a donation by text.

To comply with our obligations as a charity, we must take reasonable and appropriate steps to know who our donors are, particularly where significant sums are being donated.  This means that we may conduct research, including accessing information which is already publicly available, on prospective donors, partners or volunteers to ensure it would be right for us to accept support whether that is from an individual or organisation.  This will help to give assurance that the donation is not from an inappropriate source and to safeguard our reputation.  This does not mean that we will question every donation, nor that we will research lots of personal and other details about every donor.  Any information we do collect for this purpose will only consist of what is necessary for us to meet these requirements and will be processed in line with your rights.

See section 14 below on information about your rights.

It is your choice on the type of communications and information you receive about our charity and the ways in which you can get involved. You can change your mind at any time by contacting us at Sparks, 40 Bernard Street, London WC1N 1LE or on 0207 091 7750 or via e-mail: info@sparks.org.uk.

We will not use your information for marketing purposes if you have asked us not to. However, we will retain your details on a suppression list to help ensure we do not continue to contact you.

Back to top ↑

6. Information Sharing and disclosure

We will not sell or swap your information with any third party.

We may share your information with our data processors. These are trusted partner organisations that work with us in connection with our charitable purposes; and other entities that act as fundraisers for us, sell our products or provide us with information and marketing (subject to your communication preferences and our internal policies and procedures). All our trusted partners are required to comply with data protection laws and our high standards and are only allowed to process your information in strict compliance with our instructions. We will always make sure appropriate contracts and controls are in place and we regularly monitor all our partners to ensure their compliance.

We may disclose your personal information to third parties if we are required to do so through a legal obligation (for example to the police or a government body); in the event that activities of Sparks are merged with any other organisation, or we buy/sell a business; to enable us to enforce or apply our terms and conditions or rights under an agreement; or to protect us, for example, in the case of suspected fraud or defamation.

We do not share your information for any other purposes.

Please also be advised that your details may be passed to us from a third party, for example through a research team we have funded. This will only happen with organisations that we have contractual agreements in place with, and where we have sought assurances that they are allowed to share this information with us.

Back to top ↑

7. The accuracy of your information

We aim to ensure that all information we hold about you is accurate and, where necessary, kept up to date. If any of the information we hold about you is inaccurate and either you advise us or we become otherwise aware, we will ensure it is amended and updated as soon as possible.

Back to top ↑

8. Under 16s

If you are aged 16 or under, and would like to participate in an event, make a donation or get involved with us, please make sure that you have your parent/guardian’s permission before giving us your personal information. When we collect information about a child or young person, we will make it clear as to the reasons for collecting this information and how it will be used.

Back to top ↑

9. Vulnerable circumstances policy

We recognise the importance of protecting our vulnerable supporters and follow the guidance issued by the Institute of Fundraising on treating donors fairly. We believe this helps to support our staff and fundraisers who come into contact with supporters in providing high quality customer care, ensuring anyone donating to the Charity is in a position to make a free and informed decision.

Access the Institute of Fundraising’s website – for more guidance.

Back to top ↑

10. Storing your information

Although most of the information we store and process stays within the UK, some information may be transferred to countries outside the European Economic Area. This may occur if, for example, one of our trusted partners servers are located in a country outside the EU. These countries may not have similar data protection laws to the UK however, we will take steps with the aim of ensuring your privacy continues to be protected as outlined in this privacy policy.

We will keep your information on a secure database for as long as required to enable us to operate our services but we will not keep your information for any longer than is necessary. We will take into consideration our legal obligations and tax and accounting rules when determining how long we should retain your information. When we no longer need to retain your information we will ensure it is securely disposed of, at the appropriate time.

Please see the section 14 ‘Your rights’ for more information.

Back to top ↑

11. Our website

Our websites use cookies to help them work well and to track information about how people are using them. More information on cookies can be found below.

For all areas of our website which collect personal information, we use a secure server. Although we cannot 100 per cent guarantee the security of any information you transmit to us, we enforce strict procedures and security features to protect your information and prevent unauthorised access.

Our website contains links to other websites belonging to third parties and we sometimes choose to participate in social networking sites including but not limited to You Tube and Facebook. We may also include content from sites such as these on our website however, we would advise that we do not have any control over the privacy practices of these other sites. You should make sure when you leave our site that you have read and understood that site’s privacy policy in addition to our own.

Back to top ↑

12. Cookies and web beacons

Sparks uses “cookies” to help track the success of our online advertising and monitor the usage of our website. We use Google Analytics for our web analytics to monitor our online advertising results. With cookies, the information we collect and share is anonymous and does not personally identify you. It does not contain your name, address, telephone number, or email address.

Similar to cookies are “web beacons” that Sparks uses to monitor our email communications, which we manage through a third party. These “web beacons” enable us to monitor the success of different email communications.

What is a cookie?  A cookie is a small file of letters and numbers that we may put on your computer or mobile device when you access our website.  These cookies allow us to distinguish you from other users of the website helping us to provide you with a good experience when you browse our website and also allow us to improve our site. For example, they will tell us whether you have visited our site before or whether you are a new visitor.

Access the All About Cookies website – to find out more about cookies and how you can disable.

What is a web beacon? A web beacon is an invisible graphic and, unlike cookies, is not placed on your computer. When you open an HTML email that we have sent you, this graphic is downloaded from a web server and generates a record showing that the email was opened, how many times it was forwarded (if any) and which links within the email were clicked.

Access the MailChimp website – to find out more information

Back to top ↑

13. Changes to the policy

This policy replaces all previous versions and is correct as of September 2017. We will regularly review and update this Privacy and Data Protection Statement and will update, modify, add or remove sections at our discretion.  Any changes will be notified to you either via e-mail or through an announcement on our website and your continued use of our website, any of our services and/or the continued provision of personal information after we have posted the changes to these terms will be taken to mean you are in agreement with those changes.

Back to top ↑

14. Your rights

You have the right to:

  • request a copy of the information we hold about you;
  • update or amend the information we hold about you if it is wrong;
  • change your communication preferences at any time;
  • ask us to remove your personal information from our records;
  • object to the processing of your information for marketing purposes; or
  • raise a concern or complaint about the way in which your information is being used.

If you wish to find out more about these rights, or obtain a copy of the information we hold about you, please contact us at:

Private Information Request

Sparks Charity,
40 Bernard Street,
London, WC1N 1LE

Tel: 0207 091 7750

Email: info@sparks.org.uk

Back to top ↑

15. Privacy queries

If you have any questions or queries about this Privacy and Data Protection Statement, please contact our Data Protection Office using the above address and contact details.