GDPR – What Is It?

 

GDPR is the EU’s General Data Protection Regulation (GDPR) which came into force in the UK on 25 May 2018 and regulates the way that we use your data. The objective of GDPR is to give citizens and residents control over how their personal data is used.

 

Privacy Statement - Happy Days and Your Data...

​

We want you to know the main ways that we collect data at Happy Days and what it is used for, but please feel free to contact us if you have any questions.

​

• Firstly, we have never, and will never sell your data to a third-party agency.

​

• For groups activities such as day trips and residentials, we ask applicants to give us contact details of the group (a group leader, teacher or primary contact) along with contact details (name, address, phone number and email) for the group. We also ask for details of the children’s conditions and the number of children who will be taking part in the activity. We don’t ask for the individual names or contact details of the children themselves.

 

• For family holidays, we ask applicants to provide us with parent / guardian details (name, address, phone number and email) along with the name of the child and details of their condition. We also request documentation with proof of the child’s medical condition (usually a confirmation from their doctor or other medical professional) and family income information (bank statements, benefits information etc)

 

The information we request allows us to book and fund activities, day trips and holidays, along with any special requirements such as mobility assistance or dietary requirements. The Charities Commission requires us to keep the above information, for audit purposes, for a three-year period to ensure our funding is used appropriately. Primarily, this information is retained as paper records in secured storage cabinets. Any digital information is kept on password protected computers on our premises and on our secure server. Records are deleted or destroyed on site after three years. 

 

• Details of individuals and organisations who have engaged with the charity, either by being trip beneficiaries or supporters, are kept on our database. This consists of essential information only: contact name, address, phone numbers, email addresses, dates of donations received or activity taken and basic notes of interactions e.g. Dance Wiggle Letter Sent on 12/12/2018. Our database is password protected and only authorised individuals have access to this information, which is stored on our secure servers.

 

• Our database is used primarily to contact previous donors and beneficiaries by phone and post, as well as allowing us to keep our supporters informed about specific campaigns that they're interested in.

 

• Supporters and beneficiaries who have asked for further information about Happy Days are kept up to date with our eNewsletter, which we send out approximately every two months. Our newsletter is designed by Elvia Marketing and is distributed via the Send in Blue email platform. Send in Blue is used to contact previous donors and beneficiaries by email only. Again, we keep only essential information on Send in Blue which allows us to contact you with updates. This includes: your name, email address, how and when you signed up to our newsletter and your postcode.Click here to see the Send in Blue privacy policy.

 

• Our email updates are and always have been an opt-in policy. If at any point you wish to opt out, there is an unsubscribe link at the bottom of each eNewsletter we send out, or you can contact us directly by calling us on 01462 530710 or by emailing either rob@happydayscharity.org or nicola@happydayscharity.org and asked to be removed from our eNewsletter mailing. 

 

• Any photos we use on our website, in publications or on our social media have been authorised for use by those beneficiaries or supporters submitting them. We are incredibly conscious of child protection policies and keep a record of all permissions given to use photos where the faces of children are shown. If for any reason any group leader, individual, parent or guardian changes their mind and would prefer us to remove a photo from our online platforms, we will happily comply and ensure this is actioned within 24 working hours of notification. For publications, we will ensure that these photos are removed from our systems and will not be used in future publications.

​

• For our regular monthly donors, details are kept in secure filing cabinets on our premises. We send an annual thank you letter in the post along with examples of some of the children these donations have helped. We wrote to all of our regular givers in May 2018 to confirm whether they would be happy to continue to receive an annual thank you letter, or whether they would prefer to receive updates via our eNewsletter. If you have not received this letter and would like to update your communication preferences, please contact ryan@happydayscharity.org or call 01462 530710. 

​

• The majority of our donations that are made online are processed by Justgiving which ensures that we do not have access to, or keep financial details of donors. The same applies to anyone raising funds or donating through similar online donation platforms. For those fundraisers and supporters who raise funds online through these platforms and who ALSO request further information about the charity, we will add their email to our eNewsletter (see above for eNewsletter data management).

 

• Online donors also have the option to remain anonymous when making a donation through Justgiving. If this option is selected, we receive no details about the person donating, only the amount that has been donated.

​

• For donations made by phone, we will only ask for contact details if you confirm that you'd like to receive further information from us or would like us to post or email you a receipt. Copies of card receipts from our PDQ machine are kept in a secure location and destroyed within at least 12 months of the processing date. We are also registered with Security Metrics to stay in compliance with PCI mandates.

 

Controlling and Accessing your Data

​

We want to communicate with you in the way you want and if you’d prefer, not at all.

 

Ultimately, we only want to send you information about our activities if you actually want to hear from us, otherwise it really doesn’t benefit anyone! Happy Days Children’s Charity has always held this ethos and want to ensure that it continues with the introduction of the new GDPR Act.

​

If our communication is in any way inconveniencing you and you would prefer it to stop, or would like to know what data we have about you (SAR - Subject Access Request) please give our Data Protection Officer Ryan Sinclair a call on 01462 530710 or email enquiries@happydayscharity.org and we will make sure we rectify any issues promptly and within 24 business hours where possible.