Who we are
This is a website of Stella Maris, a charity registered in England and Wales (1069833) and Scotland (SC043085), whose registered office is at 39 Eccleston Square London, SW1V 1BX. References in these Terms to ‘we’ or ‘us’ are to Stella Maris (Apostleship of the Sea).
What is personal data
Personal data is information that can be used to help identify an individual, directly or indirectly, such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
What personal data we collect
The type and amount of information we collect depends on why you are providing it. For example:
If you are making a donation in addition to asking for your name and email address we will ask for your full address and your phone number, we may also ask you why you chose to support our work. All donations and payments, including those by debit or credit card, are processed securely.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
The information we collect when you make an enquiry includes your name and email address
Where we collect information from
We collect information:
- From you when you give it to us directly: You may provide your details when you ask us for information or make a donation, volunteer, attend our events contact us for any other reason.
- When you have given other organisations permission to share it: Your information may be provided to us by other organisations if you have given them your permission. This might for example be a charity working with us or might be when you buy a product or service from a third party organisation. The information we receive from other organisations depends on your settings or the option responses you have given them.
- When it is available on social media: Depending on your settings or the privacy policies applying for social media and messaging services you use, like Facebook, Instagram or Twitter, you might give us permission to access information from those accounts or services.
How we use your information
We will use your personal information in a number of ways which reflect the legal basis applying to processing of your data. These may include:
- providing you with the information or services you have asked for
- processing donations you make, including processing for Gift Aid purposes
- organising volunteering activity you have told us you want to be involved in and in relation to the fundraising for us you are involved in
- sending you communications with your consent that may be of interest including marketing information about our services and activities, campaigns and appeals asking for donations and other fundraising activities and promotions for which we seek support
- when necessary for carrying out your obligations under any contract between us
- seeking your views on the services or activities we carry on so that we can make improvements
- maintaining our organisational records and ensuring we know how you prefer to be contacted
- analysing the operation of our website and analysing your website behaviour to improve the website and its usefulness
Our legal basis for processing your information
The use of your information for the purposes set out above is lawful because one or more of the following applies:
- Where you have provided information to us for the purposes of requesting information or requesting that we carry out a service for you, we will proceed on the basis that you have given consent to us using the information for that purpose, based on the way that you provided the information to us. You may withdraw consent at any time by emailing us at firstname.lastname@example.org. This will not affect the lawfulness of processing of your information prior to your withdrawal of consent being received and actioned.
- It is necessary for us to hold and use your information so that we can carry out our obligations under a contract entered into with you or to take steps you ask us to prior to entering into a contract.
- It is necessary to comply with our legal obligations.
- Where the purpose of our processing is the provision of information or services to you, we may also rely on the fact that it is necessary for your legitimate interests that we provide the information or service requested, and given that you have made the request, would presume that there is no prejudice to you in our fulfilling your request.
- Where we are relying on the fact that a particular processing purpose is necessary for our legitimate interests, or the legitimate interests of a third party, you can obtain the details of the balancing test we have undertaken by contacting our office at email: email@example.com or call 0207 9011931.
- If you want to contact us about your marketing preferences please contact Annie Scharwatt, our Fundraising Manager by email: firstname.lastname@example.org or call 0207 9011931.
How we keep your information safe
We understand the importance of security of your personal information and take appropriate steps to safeguard it.
- Where your personal information is stored electronically it is held on a password protected database to which employee access is restricted to key individuals. Paper files are stored in locked cabinets to which employee access is restricted to key individuals.
- We always ensure only authorised persons have access to your information, which means only our staff, volunteers and contractors, and that everyone who has access is appropriately trained to manage your information.
- No data transmission over the internet can however be guaranteed to be 100% secure. So while we strive to safeguard your information, we cannot guarantee the security of any information you provide online and you do this at your own risk.
Who has access to your information?
- Third parties who provide services for us, for example the mailing house that prints our supporter appeals, our payroll provider and our HR and pensions advisers. We select our third party service providers with care. We provide these third parties with the information that is necessary to provide the service and we will have an agreement in place that requires them to operate with the same care over data protection as we do.
- Third parties if we run an event in conjunction with them. We will let you know how your data is used when you register for any event.
- Analytics and search engine providers that help us to improve our website and its use.
- Third parties in connection with restructuring or reorganisation of our operations, for example if we merge with another charity. In such event we will take steps to ensure your privacy rights will be protected by the third party.
- Owing to matters such as financial or technical considerations the information you provide to us may be transferred to countries outside the European Economic Area (EEA), which are not subject to the same data protection regulations as apply in the UK. We may do this where data is stored on servers outside the EEA or where we use suppliers based outside the EEA. We meet our obligations under GDPR by ensuring that the information has equivalent protection as if it were being held within the EEA. We do this by ensuring that there are appropriate safeguards in place with any third parties processing your data outside the EEA. This will usually be because the country either benefits from an adequacy determination for GDPR purposes and/or, where appropriate, we have entered into a Data Processing Agreement with the third party which contains model EU clauses.
- We may also disclose your personal information if we are required to do so under any legal obligation and may use external data for the purposes of fraud prevention and credit risk reduction, or where doing so would not infringe your rights, but is necessary and in the public interest.
- Other than this, we will not share your information with other organisations without your consent.
Keeping your information up to date
We really appreciate it if you let us know if your contact details change. You can do so by contacting us at 39 Eccleston Square, London, SW1V 1BX or by email email@example.com.
“Cookies” are small pieces of information sent by a web server to a web browser, which enable the server to collect information from the browser. They are stored on your hard drive to allow our website to recognise you when you visit. Please read our cookies policy at www.apostleshipofthesea.org.uk/cookie-policy
We appreciate that our supporters are of all ages. Where appropriate we will ask for consent from a parent or guardian to collect information about children (under 16s).
How long we keep your information for
- We will hold your personal information for as long as it is necessary for the relevant activity. By way of example, we hold records of donations you make for at least six years so we can fulfil our statutory obligations for tax purposes. Please see our Records Retention Policy.
- Where we rely on your consent to contact you for direct marketing purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. We will periodically ask you to renew your consent.
- If you ask us to stop contacting you with marketing or fundraising materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.
You have the right to request details of the processing activities that we carry out with your personal information through making a Subject Access Request. Such requests have to be made in writing. More details about how to make a request, and the procedure to be followed, can be found in our Data Protection Policy. To make a request contact us at 39 Eccleston Square, London, SW1V 1BX or email firstname.lastname@example.org.
You also have the following rights:
- the right to request rectification of information that is inaccurate or out of date
- the right to erasure of your information (known as the “right to be forgotten”);
- the right to restrict the way in which we are dealing with and using your information; and
- the right to request that your information be provided to you in a format that is secure and suitable for re-use (known as the “right to portability”);
- rights in relation to automated decision making and profiling including profiling for marketing purposes.
All of these rights are subject to certain safeguards and limits or exemptions, further details of which can be found in our Data Protection Policy. To exercise any of these rights, you should contact the National Director at the above address.
If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here.
Changes to this policy
This Policy may be changed from time to time and we will advertise this on our website. If we make any significant changes we will contact you directly with the information.
Do please check this Policy each time you consider giving your personal information to us.
This Policy was last updated in April 2020.