Toucan for Children is committed to ensuring that we manage your personal data professionally and in compliance with all applicable data protection laws. Part of this commitment is to ensure that there is transparency about how we process personal data.
Please read the following policy to understand how your personal information will be treated. By visiting www.toucanforchildren.org you are accepting the practices described here. This policy may change from time to time so please check back for updates.
We hope that you find this Data Protection Policy helpful. If you have any questions, please don’t hesitate to contact us.
1. Who we are and our contact details
We are Toucan for Children CIO and our registered office is at Unit 6/6A, The Mews, Vantage Point Business Village, Mitcheldean, Glos GL17 0SL. In this Data Protection Policy TOUCAN FOR CHILDREN is referred to as we, us, our or Toucan.
Please send any queries concerning your data to us using the following contact details:
Name: Data Protection Officer (DPO)
Email address: firstname.lastname@example.org
Phone: +44 (0)7526 245880
It’s important that you feel completely comfortable and confident that your personal information is in safe hands. Toucan takes protecting your privacy extremely seriously and takes all reasonable steps to ensure your information is secure.
2. What information we collect
We may collect personal information from you when:
Contact us through the website
You make a referral
Send an application
Register for our mailing list
This information may include a variety of personally identifiable or sensitive information. For example, we may collect:
your name (including your first name(s) and surname);
your email address;
your phone number;
your bank details;
your date of birth
other details about you or your child that you or others provide to us
3. How we use this information
Your personal information will be used by us to:
(a) Process and respond to communications including:
process your enquiries and referrals
respond to your questions or comments
provide you with information about Toucan for Children that may be of interest to you
process any payments
(b) Fundraising. So we can communicate with you in the ways that suit you best, we may create a profile of your interests, preferences and support.
When you subscribe to our e-newsletter we ask for consent to store your information and to contact you. We will only send you our newsletter for as long as you continue to consent. If you do not want to receive information from us please email email@example.com with ‘unsubscribe’ in the subject line.
Toucan will not share your personal details with third parties, except where companies are providing services on our behalf, such as processing donations or orders. For example, when you make an online donation via JustGiving, you are going through to a partner company and the information you give such as your credit card number and contact information is provided so that the transaction can take place.
4. How long we keep your information for
We only keep your information as long as is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations (for example, the collection of Gift Aid). Or for example, if you have given us your details to sign up to our newsletter, we will only keep your information for as long as you continue to consent to receive our newsletter. In the case of therapeutic records these will be kept for five years.
5. Who we share your personal information with
We may need to disclose your details if required to by the police, regulatory bodies or legal advisers.
We will never sell or share your personal details with third parties for the purpose of marketing.
6. How your information is secure
The security of your information is of utmost importance to us. We seek to use reasonable measures to protect your information as required by the law, in line with industry standards and in accordance with the policies Toucan has set. Sensitive data is held under strict security conditions. If you have any reason to believe that any personal information we hold is no longer secure, please contact us immediately.
You can set your browser not to accept cookies, however some of our website features may not function as a result.
8. Social Plugins
9. Your rights
9.1 We always aim to be as open as we can and allow people access to their personal information. Where we hold your personal data, you can make a ‘subject access request’ to us and we will provide you with:
a description of it;
an explanation of why we are holding it;
information about who it could be disclosed to; and
a copy of the information – unless an exception to the disclosure requirements is applicable.
If you would like to make a ‘subject access request’ please make it in writing to [the DPO whose contact details are set out above] and mark it clearly as ‘Subject Access Request’.
Unless you agree a different time, we will complete your subject access request within one month.
9.2 Right to be forgotten
If we hold personal data about you, but it is no longer necessary for the purposes that it was collected and cannot otherwise be justified, you have the right to request that we delete the data.
9.3 Right to restrict data
If we hold personal data about you and you believe it is inaccurate you have the right to request us to restrict the data until it is verified. You also have the right to request that the data is restricted where you have a right to it being deleted but would prefer that it is restricted.
9.5. Transferring your personal data
Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with your contract, you may ask us to provide you with a copy of that information in a structured data file to you or to another service provider. We will action this request, usually by sending the data in a CSV/Excel file.
9.6. Right to complain
You always have the right to complain to the personal data regulator, the Information Commissioners Office (ICO). You may also be entitled to seek compensation if there has been a breach of data protection laws.
10. Further information
The laws that say how your personal information can be used are:
The Privacy and Electronic Communications Regulations 2003
The General Data Protection Regulation (GDPR)
You can also contact the Information Commissioner’s Office to find out more about types of personal information, its usage and your rights, or to report a concern.
11. Policy updates
This policy was last updated on 08 October 2018.