Privacy policy

  • Home
  • >
  • Privacy policy

The privacy and security of your personal information is extremely important to us. This privacy policy explains how and why we use your personal data, to make sure you stay informed and can be confident about giving us your information. 

This policy applies to anyone that WECIL has a relationship with by using any of our services, visiting our website, communicating with us by email, phone, and writing or in person.

In certain circumstances we may also provide an extra privacy notice, which will always refer to this document.

We will never sell your personal data and will only share it with organisations we work with when it is necessary and the privacy and security of your data is assured.

 

Changes to this privacy policy

We will amend our privacy policy from time to time to ensure it remains up to date and reflects how and why we use personal data and meet new legal requirements. Please keep up to date with any changes by visiting our website for the current version of our privacy policy.

Privacy policy last updated 25 June 2018.

 


 

Policy Contents

 

Policy Contents

Who are ‘we’?

Who are ‘you’?

What personal data do we collect?

Personal data provided by you

Data we collect

Children’s personal data

Sensitive personal data

Personal data provided by your digital involvement with us

Personal data created by your involvement with our services

Information we generate

Information from third-parties

Storage of personal data

Keeping your information

How we secure your data

Payment card security

Links to other websites

Disclosing and sharing data

How we use your personal data

Fair Processing Notices (FPN)

Marketing and communications

Other ways we may use your data

Recruitment and employment

Fundraising, donations, investments and legacy pledges

Your data protection rights

Updating your data

Updating your contact preferences

Withdrawing consent

Subject access rights

Contacting WECIL about your data

What to do if you are not happy

 


 

Who are ‘we’?

In this policy, whenever you see the words ‘we’, ‘us’, ‘our’, or ‘WECIL’, it refers to ‘The West Of England Centre for Inclusive Living’ (WECIL Ltd) and its wholly owned subsidiary ‘WECIL Social Enterprise Ltd.’ (Our ICO registration number is Z8245051).

WECIL Ltd. (Reg. Charity number 1053515) is a charitable organisation with the aim to provide information, advice and support services to the disabled community in Bristol and the surrounding region.

WECIL Ltd. And WECIL Social Enterprise Ltd. (Reg. Company numbers 3030167 and 05452347) undertake a range of commercial activities to generate income, including income from grants and Local Authority contracts, as well as providing paid subscription services; all of which support WECIL to offer many free-to-access services, projects, and memberships.

If you have any questions in relation to this privacy policy or how we use your personal data they should be sent to hello@wecil.co.uk or addressed to the Data Protection Officer, WECIL, Link House, Unit E, Britton Gardens, Kingswood, Bristol, BS15 1TF.

 

Who are ‘you’? 

In this policy, whenever you see the words ‘you’, it refers to anyone external to WECIL, whom WECIL has a relationship with, including but not limited to:

  • A subscriber or user of any WECIL service or project, including chargeable and free-to-access services and projects;
  • Donor, funder, partner, supplier or contractor
  • Governance member, trustee, or applicant to any such position.

This policy does not cover WECIL’s internal relationships, which include: volunteers, placements, interns, paid workers or employees, or applicants to any such position; which are covered separately under WECIL’s HR Privacy statement. 

 

What personal data do we collect?

Your personal data will be collected and used by us and includes information that identifies you, or which can be identified as relating to you personally.

We will only collect the personal data that we need in connection with specific activities; such as subscribing to any of our chargeable and free-to-access services or projects, governance membership, funding, donations and investments, volunteering, training, and employment.

 

Personal data provided by you

You can give us your personal data by filling in forms on our website, or by filling in digital and paper forms, participating or subscribing in chargeable and free-to-access services or projects, participating with our social media accounts (including Facebook, Twitter, and LinkedIn); by entering a competition, promotion or survey; by donating or investing in WECIL, or by corresponding with us (by phone, email or by joining as a member/supporter/customer).

 

Data we collect

  • Personal details, where such data is relevant and necessary in fulfilling our relationship with you, including: your name, title, address, date of birth, age, gender, employment status, demographic information, email address, telephone numbers, personal description, photographs, attitudes, opinions, usernames and passwords used to access WECIL services.
  • Financial information, including: Payment information, such as credit or debit card or direct debit details, and whether donations are gift-aided.
  • Your opinions and attitudes about WECIL, as well as your activities and interests, and your experiences of WECIL
  • Notes on any interaction or conversation you have with us

 

Children’s personal data

We will also collect personal data (as above) for children aged under 25 who subscribe or access a WECIL service either directly or through their parent or guardian.

If you subscribe to or purchase any of our services as a parent or guardian on behalf of a young person (under the age of 25) including volunteers, your details and your association with that relationship will be recorded. We will also record personal data about the young person, where reasonable and necessary to our relationship with them.

 

Sensitive personal data

The EU General Data Protection Regulation (from 25 May 2018) defines ‘sensitive personal data’ as information about racial or ethnic origin, political opinions, religious beliefs or other similar beliefs, trade union membership, physical or mental health, sexual life, and criminal allegations, proceedings or convictions.

At times we will collect sensitive personal data for Equal Opportunities monitoring, but this is only ever analysed at an aggregate level.

 

Personal data provided by your digital involvement with us

We may automatically collect the following information:

  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and if you access our website via your mobile device we will collect your unique phone identifier
  • Information about your visit, including, but not limited to the full Uniform Resource Locators (URL) and query string, clickstream to, through and from our website (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as but not limited to, scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number
  • Information about your purchases including but not limited to revenue figures, the types of products or subscriptions purchased, purchase IDs, and memberships.
  • The terms that you use to search our website

Please note that certain services on our website may not be available to you until you have registered to use our website or subscribed to a particular service.

 

Personal data created by your involvement with our services

Your activities and involvement with us will result in personal data being created. This could include details necessary to the delivery of a particular service that you have requested from us, how you have supported us by volunteering or being involved with our campaigns and activities, or your involvement with our business operations. If you decide to donate to us then we will keep records of when and how much you gave. 

 

Information we generate

We conduct research and analysis on the information we hold, which can in turn generate personal data. By analysing your subscriptions, memberships, interests and involvement with us, for example, we may be able to build a profile that helps us decide what communications are likely to interest you. The sections in this document titled Feedback and Profiling give more detail about how we use your information for profiling and targeted advertising.

 

Information from third-parties

We may receive personal data about you from third-parties (including Local Authorities, Government agencies, and our service delivery partners) depending on what services you have requested from us/them or your relationship with us. The data we receive from third-parties is combined with your personal record held on our system(s) in order to fulfill our relationship with you. 

 

Storage of personal data

Keeping your information

We will only use and store your information for as long as it is required for the purposes it was collected for. How long it will be stored for depends on the information in question, what it is being used for and, sometimes, statutory legal requirements.

 

How we secure your data

Information system and data security is imperative to us to ensure that we are keeping your information safely. Our workers undertake mandatory information security and data protection training on employment and annually thereafter, to reinforce responsibilities and requirements set out in our information security policies. We will also regularly review our existing systems and processes in order to assess and manage data protection risks. 

WECIL operations are based in the UK and we store all of our data within the European Union (EU). Some organisations that provide services to us may transfer data outside the European Economic Area but we will only allow this if your data is adequately protected. Some of our systems are provided by US companies and whilst it is our policy that we prefer data hosting and processing to remain on EU-based solutions, it may be that using their products results in data transfer to the USA.  We only allow this when we are certain it will be adequately protected. (e.g. US Privacy Shield and Standard EU contractual clauses) 

 

Payment card security

WECIL has active PCI-DSS compliance programme in place via WorldPay Ltd and/or GoCardless Ltd. This is the international standard for safe card payment processes. As part of our compliance to this very stringent standard, we ensure that our IT systems do not directly collect or store payment card information; for example the full 16 digit number on the front of the card or the security code on the back.

Our online payment solutions are carried out using a ‘payment gateway’ (e.g. WorldPay Ltd and/or GoCardless Ltd.) which is a direct connection to a payment service provided by a bank. This means that when you input card data into the payment page, you are communicating directly with the bank and the bank passes your payment to us, this means that your payment card information is handled by the bank and not processed or held by us.

 

Links to other websites

Our website may contain links to and from the websites of our partner networks, alternative organisations providing advice and support, advertisers or affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. This privacy policy applies solely to the personal data collected by WECIL. 

 

Disclosing and sharing data

We do not sell your personal information, or share your personal information with other organisations whom are partner to. When we allow third-parties acting on behalf or in partnership with WECIL to access your information, we will always ensure that they respect your privacy in compliance with our policies and the law. Personal data collected and processed by us may be shared with the following groups where necessary:

  • WECIL workers, employees, trustees and volunteers
  • Third-party cloud hosting and IT infrastructure providers who host WECIL’s website and IT systems, and provide IT support in respect of the website and IT systems;

Also, under strictly controlled conditions:

  • Contractors and partners
  • Service Providers providing services to us
  • Advisors and consultants
  • Agents

We may also disclose your personal information to third-parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or cookie policy and other agreements; or to protect the rights, property, or safety of WECIL and anyone who has a relationship with us. This includes exchanging information with other companies and organisations for the purposes of fraud protection. If asked by the police, or any other regulatory or government authority investigating suspected illegal activities, we may be obliged to disclose your personal data.

 

How we use your personal data

We will only use your personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulation (GDPR) and Privacy of Electronic Communication Regulation (PECR).

Personal data provided to us will be used for the purpose or purposes outlined in this policy, by a contract of services, or by a fair processing notice; in a transparent manner at the time of collection or registration and in accordance with any preferences you express.

Below are the main uses of your data which depend on the nature of our relationship with you and how you interact with our various services, websites and activities.

 

Fair Processing Notices (FPN)

This Privacy Policy sets out in general how we use and protect your data. We have also published ‘Fair Processing Notices’ to better inform you about how specific WECIL services use your data. Please read any that are relevant to you:

 

Marketing and communications

Service specific marketing and communications

We may contact you about specific services that you have subscribed, are a member of, or have accessed. Depending on your relationship with us, our marketing and communications to you may include:

  • Transactional communications for chargeable services
  • Peer Support updates
  • Youth Services updates
  • Governance updates

 

General marketing and communications

We would also like to use your details to keep you informed about things that may matter to you. Our general newsletters may sometimes include:

  • Promotion of other WECIL services that you are not actively subscribed to or accessing
  • Competitions and invitations to events, as well as ideas about how to donate to or support WECIL
  • Opportunities for volunteering or employment
  • Articles communicating changes to the law that may apply to you or disability in general
  • Articles about the impact you help enable our charity to achieve as well as keeping you informed about changes within WECIL

If you choose to hear from us in this way, we may send you information based on what is most relevant to you or things you have told us you like. We may also show you relevant content online.

We will only send general communications to you if you agree to receive them, and you can change your general marketing and communication preferences at any time. If you tell us that you do not want to receive general marketing communications, then you may not hear about events or other work we do that may be of interest to you, but you may still receive communications that are essential to the delivery of a service to which you have subscribed to, access, or are a member of.

 

Marketing and communications to young people

We will not send general marketing and communication emails, letters or make calls to people under the age of 18. We may contact young people with regards to specific services that they have subscribed to or accessed, and we believe they are still interested in. This may include communications promoting trips and events offered by our youth services.

We will not send any marketing communications requesting donations to young people, but these may be included in general communications that parents or guardians have opted to receive. 

We may profile people under the age of 18, and report aggregate data to our funders or partners. We do not ask children for consent to general marketing and communications, so they do not receive them unless they have asked for them.

 

Third-party marketing and communications

We will never share your information with companies outside WECIL (that we are not partner to) for inclusion in their marketing or communications.

We may sometimes use third-parties to capture and/or store some of your data on our behalf, but only where we are confident that the third-party will treat your data securely, in accordance with our terms and in line with GDPR requirements.

 

Other ways we may use your data

Verification

Your data is may be used to verify your identify when you contact us or sign up for any online service(s) we provide.

 

Service subscriptions

We process customer data in order to fulfil chargeable services. Your data will be used to communicate with you throughout the process, including confirming we have received your order and payment, service provision, to clarify where we might need more detail to undertake a service, or to resolve issues that might arise with your service. Services may also hold access, dietary and medical requirements for training courses and other trips or events.

 

Governance members

If you are a governance member or trustee, we use the personal data you provide to service your membership. This includes sending renewal information by mail and email, sending general marketing and communications for you to be kept aware, as well as updates and information about our Annual General Meeting.

 

Management of volunteers

We need to use your personal data to manage your volunteering, from the moment you enquire to the time you decide to stop volunteering, and sometime after for lawful compliance. This could include: contacting you about a role you have applied for or we think you might be interested in, expense claims you have made, shifts you have booked and to recognise your contribution.

It could also include information from our service or project teams about things happening, other volunteering or employment opportunities at WECIL, and about your volunteering including one-to-ones and asking for your opinions on your volunteering experience.

We may also anonymously share this with funders and partners to help them monitor and value how their funding is making a difference.

 

Feedback

We regularly survey our supporters, customers, staff and volunteers, as well as industry professionals and business partners to collect feedback on their experience with us. We use this feedback to improve our service experience, develop our service offering, and ensure we know what is relevant and interesting to you. 

Our surveys are optional and you can choose not to take part. Some of our surveys may ask you to provide sensitive personal data (e.g. ethnicity). You do not have to provide this data and we also provide a ‘prefer not to say’ option. We only use such data at an aggregate level for reporting (e.g. equal opportunities monitoring). 

 

Profiling

We use specific tools to profile how you interact with us online, including: Google Analytics, Facebook, Twitter and LinkedIn. Much of the information we collect is aggregated, however we may also collect some personal data for the use optimising our general marketing campaigns, and to ensure the site is functioning as intended.

The personal information that we collect includes transactional information (i.e. order number) for services, donations, and membership renewals. We also collect data on individual user activity when they create or log into WECIL’s online services. This information takes the form of an encrypted string.

We may also host encrypted personal data on third-party websites (e.g. social media platforms) to ensure that you only see relevant, personalised and interesting content from those organisations.

Personal data provided to us may also be profiled to help us with advertising targeting. Your membership data may be used to find people with a similar profile to yourself who may be interested in our products, services or opportunities. 

 

Use of geo-location data 

We use geo-location on our website. You can change your location settings at any time in your device or computer settings.

 

Cookies

Cookies are small text files stored on your computer when you visit certain websites. We use first party cookies (cookies that we have set, that can only be read by our website) to personalise your online experience. We also use third-party cookies (cookies that are set by an organisation other than the owner of the website) for the purposes of website measurement and targeted advertising. You can control the use of cookies via your browser. Further information can be found in the WECIL’s Cookie Policy.

 

Recruitment and employment

In order to comply with our contractual, statutory, and management obligations and responsibilities, we process personal data, including ‘sensitive’ personal data, from applicants for volunteers, trustees, paid workers and paid employees. 

Such data can include, but is not limited to, information relating to health, racial or ethnic origin, criminal convictions, and access requirements. In certain circumstances, we may process personal data or sensitive personal data, without explicit consent. Further information on what data is collected and why it is processed is given below.

Contractual responsibilities: Our contractual responsibilities include those arising from the contract of employment (for workers and employees). The data processed to meet contractual responsibilities includes, but is not limited to, data relating to: payroll, bank account, postal address, sick pay; leave, maternity pay, pension and emergency contacts.

Statutory responsibilities: Our statutory responsibilities are those imposed through law on the organisation as an employer. The data processed to meet statutory responsibilities includes, but is not limited to, data relating to: tax, national insurance, statutory sick pay, statutory maternity pay, family leave, work permits, equal opportunities monitoring.

 Management responsibilities: Our management responsibilities are those necessary for the organisational functioning of WECIL. The data processed to meet management responsibilities includes, but is not limited to, data relating to: recruitment and employment, training and development, absence, disciplinary matters, address, e-mail address and telephone number.

 

Fundraising, donations, investments and legacy pledges

Where we have your permission, we may invite you to support our charitable aims by making a donation, buying a raffle ticket, getting involved in fundraising activities, investing in WECIL, or leaving a gift in your will.

Occasionally, we may invite some supporters to attend special events to find out more about the ways in which donations, investments, and gifts in wills can make a difference to specific projects and to our cause. We will also send you updates on the impact that you make by supporting us in this way, unless you tell us not to.

If you make a donation or investment, we will use any personal information you give us to record the nature and amount of your gift, claim gift aid where applicable and you have told us you are eligible, and thank you for your gift.

If you tell us you want to fundraise to support our cause, we will use the personal information you give us to record your plans and contact you to support your fundraising efforts. If you have told us that you are planning to, or thinking about, leaving us a gift in your will, we will use the information you give us to keep a record of this – including the purpose of your gift, if you let us know this.

If we have a conversation or interaction with you (or with someone who contacts us in relation to your will, for example your solicitor), we will note these interactions throughout your relationship with us, as this helps to ensure your gift is directed as you wanted.

Charity Commission rules require us to be assured of the provenance of funds and any conditions attached to them. We follow a due diligence process which involves researching the financial soundness, credibility, reputation and ethical principles of donors who have made, or are likely to make, a significant donation to WECIL.

As part of this process we will carry out research using publicly available information and professional resources. If this applies to you, we will remind you about the process when you make your donation or investment.

 

 

 

Your data protection rights

 

Updating your data

We want you to remain in control of your personal data. If, at any time, you want to update or amend your personal data please contact us.

 

Updating your contact preferences

Where possible, we will always act upon your choice of how you want to receive communications; whether by email, post, phone, text message, or minicom.

We may need to send some communications, however, in a particular format or method in order to fulfil our legal or contractual obligations.

 

Withdrawing consent

Where WECIL has explicitly sought your consent to use your data for specific purposes, you have the right to withdraw that consent at any time.

You also have the right to ask WECIL to stop using your personal data for general marketing purposes. We will continue, however, to use your personal data for specific marketing purposes essential to any subscriptions or memberships that you have with us. You can stop receiving subscription or membership specific content by ceasing your subscription or membership with us. 

 

Subject access rights

If you would like further information on your rights or wish to exercise them, please write to our Data Protection Officer, at our registered office or email hello@wecil.co.uk. You will be asked to provide the following details:

  • The personal information you want to access;
  • The date range of the information you wish to access

We will also need you to provide information that will help us confirm your identity. If we hold personal information about you, we will give you a copy of the information in an understandable format together with an explanation of why we hold and use it.

Once we have all the information necessary to respond to your request we will provide your information to you within one month.  This timeframe may be extended by up to two months if your request is particularly complex. 

 

Contacting WECIL about your data

You can contact WECIL about data protection in a number of ways. In order to identify you and act on your contact with us, please provide your full name, full address, WECIL ID (if you have one), as well as your data protection query or request.

  • Email us: hello@wecil.co.uk
  • Call us: 0117 947 9911 Open 9.00am – 5.00pm weekdays. Local call rates apply.
  • Write to us: WECIL, Unit E, Link House, Britton Gardens, Kingswood, Bristol, BS15 1TF

In all instances verification, updating or amendment of personal data will take place within 30 days of receipt of your request.

 

What to do if you are not happy

In the first instance, please talk to us directly so we can resolve any problem or query. You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection. You can contact them using their help line 0303 123 113 or at www.ico.org.uk.

 

Calendar

Calendar

17 Dec
18 Dec
  • Inclusion Group

    Youth group open to young disabled people in…

    , 7:00 pm

Twitter
3 days ago
Please be aware that the WECIL offices will be closed over Christmas from Friday 21st December, 5 pm - 2nd January 2019 10 am. If you have any inquiries please ensure you contact the team before the 21st. https://t.co/V9hYPFFr4A WECILBristol photo
4 days ago
Next week is your last chance to submit your response to Bristol City Council's consultation on its budget. The deadline for responses is midnight on Monday 17 of December. You can see Voscurs response here https://t.co/5wA5qJJAos
4 days ago
We are excited to have begun our consultation with @BristolAirport to support them to improve the journey for disabled passengers and passengers with learning difficulties. Good to see access and customer journey is high on the agenda! https://t.co/meNJUzjDHT WECILBristol photo