GNFC is committed to protecting your privacy and security. This policy explains how and why we use your personal data, to ensure you remain informed and in control of your information.
The General Data Protection Regulations (2018) brought in a new approach regarding information that is held about you. We now rely on you providing your consent and details of how we can contact you. This means you opt into receiving information and newsletters and select how you want to receive them (email, post, phone).
You can decide not to receive communications or change how we contact you at any time. If you wish to do so please contact us by emailing firstname.lastname@example.org, writing to: Charis House, Hardwick Square East, Buxton, SK17 6PT , or calling us on 01298 24761. If you receive information via email, there will always be a link that you can click to remove you from the regular email lists.
We never sell your personal information, and only ever provide any of your details to individuals or organisations where you have consented the information to be passed on and where privacy and security is guaranteed.
We are always very open about what information we hold and how we gather it and how we use it. If you have any questions, concerns or queries regarding information about your personal information, or would like to discuss this policy, please do contact us.
The Data Controller & Data Processor
GNFC is the controller of all information obtained that identifies you. We use policies and procedures and systems and processes maintain and manage records and IT services.
GNFC policies and practices are in line with policies and requirements as set out by The Charity Commission, Companies House, ICO, Fundraising Regulator, HMRC and the Institute of Fundraising.
Personal data you provide
We collect data that you provide for us. This includes information you give when enquiring about our services, donating, attending an event, or communicating with us or using our services. For example:
- personal details (name, date of birth, email, address, telephone etc.) when you join as a supporter;
- financial information (payment information such as credit/debit card or direct debit details, and whether donations are gift-aided. Please see section 8 for more information on payment security);
- receiving offers and information for the social enterprise business
- general communication notes
Information created by your involvement with GNFC
Your activities and involvement with GNFC will result in personal data being created. This could include details of how you’ve helped us by volunteering and attendance or participation in our events.
If you kindly decide to donate to GNFC, then we will keep records of when and how much you give to a particular cause.
Information from third parties
We do not collect personal information regarding individuals of the public from third parties, however we may have access to it, such as through Facebook. Whilst we have access to person information from third parties, we will not collect and use that information to create any profiling or do any unsolicited direct marketing.
Supporter, or interested donor sensitive personal data
We do not normally collect or store sensitive personal data (such as information relating to health, beliefs) about supporters. However, there are some situations where this will occur (eg if you volunteer with us for an event or if you have an accident on one of our sites or events). If this does occur, we’ll take extra care to ensure your privacy rights are protected.
Accidents or incidents
If an accident or incident occurs on our property, at one of our events or involving one of our staff (including volunteers) then we’ll keep a record of this (which may include personal data and sensitive personal data).
Beneficiaries, Staff and Volunteers
There are additional requirements and levels of personal data that are collected and stored for beneficiaries, volunteers and staff, for which there are separate relevant policies and procedures. Such data information could include: references, disclosure and barring checks, details of emergency contacts, medical conditions etc. This information will be retained for legal reasons, to protect us (including in the event of an insurance or legal claim) and for safeguarding purposes.
We use photographs in a range of ways
- update and inform supporters of events
- advertise appeals or fundraisers
- communicate current issues being faced
- promotional material regarding services
- promote social enterprise entities
Consent for images that is focused on any one individual will always be sought. If photos contain group shots of large audiences, such as open days, a statement will be clearly placed on literature requesting that people inform GNFC if images are not allowed to be used. GNFC will never knowingly use a photograph within media where permission has not been obtained, or where using the photograph could put the individuals in the photograph at risk. Privacy of individuals is important to us, and we will honour any requests not to use images.
If an image is used that you do not feel has been approved, or if you would like to remove your consent, please contact us at email@example.com as soon as possible.
How we use your Information
We only ever use your personal data with your consent, or where it is necessary in order to:
- enter into, or perform, a contract with you;
- comply with a legal duty;
- protect your vital interests;
- for our own lawful interests, provided your rights don’t override these
- supply you with agreed information
In any event, we’ll only use your information for the purpose or purposes it was collected for (or closely related purposes).
We use personal data to communicate with people, to promote GNFC and to help with fundraising. This includes keeping you up-to-date with our news, prayer requests, updates, events and fundraising information.
Marketing does not just mean offering things for sale, but also includes news and information about:
- our charity and the work with our beneficiaries;
- GNFC events;
- volunteering opportunities;
- appeals and fundraising (including donations, competitions and etc.);
- our events, activities and local groups;
- products, services and offers (of third parties which may interest you); and
- leaving a legacy; When you receive a communication, we may collect information about how you respond to or interact with that communication, and this may affect how we communicate with you in future.
We use personal data for administrative purposes (ie to carry on our charity work). This includes:
- receiving donations (eg direct debits or gift-aid instructions);
- maintaining databases of our volunteers and supporters;
- responding to enquiries
- helping us respect your choices and preferences (eg if you ask not to receive information), we’ll keep a record of this).
We carry out reviews on our supporters, donors and volunteers, to determine the success of appeals, better understand behaviour and responses and identify patterns and trends. This helps inform our approach towards fundraising and makes GNFC a stronger and more effective organisation. Understanding our supporters, their interests and what they care about also helps us provide a better experience (eg through more relevant communications).
Supporter and Customer Relationship Management
We keep track of communications, which may include, personal information for the purpose of ensuring that communication in a sensitive manner. An example is noting the circumstance of the passing of a loved one so that we may firstly update our records and be sensitive to information sent, but also to enable us to sensitively write with best wishes.
Information will not be used to manipulate or extort information, and communication is carefully managed internally with the ‘Fundraising Policies in a Nutshell’ which is mirrored with the Fundraising Regulator Code of Practice.
Disclosing and Sharing Data
We will never sell your personal data. If you have opted-in to receiving information from GNFC, we may contact you with information about our ministries, this information is usually incorporated into our in materials, either printed or email (eg advertisements in our newsletters).
Keeping in Touch
GNFC has always sought permission from supporters before sending information on news, update or appeals. This includes all our communications via email, post and telephone. However, you always have the choice as to whether you want to receive these communications and be able to select how you want to receive them (email, post, phone). You can decide not to receive communications or change how we contact you at any time. If you wish to do so please contact us by emailing , writing to, Good News Family Care, Hardwick Square East, Buxton, SK17 6PT, or calling us on 01298 24761. If you receive information regularly via email and wish to stop, there will be a link that you can click to remove you from the regular communication lists.
When visitors provide their name and email address to receive the GNFC Newsletter, we collect information, and also the visitor’s IP address and browser user agent string to help spam detection.
Prayer Newsletters, Bulletins and Updates
GNFC will always be sensitive to information it sends, newsletters will include pastoral updates, organisational updates, there may be other fundraising and other information included in those publications. If you are unhappy to receive these publications, please contact us and let us know.
As a charity, we rely on donations and support from others to continue our vital work. From time-to-time, we may send out an appeal for a specific need.
We’ll only contact you if you’ve opted in to receiving materials from us (you can, of course, unsubscribe at any time).
We may aggregate and anonymise personal data so that it can no longer be linked to any particular person. This information can be used for a variety of purposes, such as general trend reviews, and general understanding of geographical areas of support, this may help us understand where the best areas of fundraising or relationship development might be best to focus resources towards.
Children, young people and vulnerable adults
We take great care to protect and respect the rights of individuals in relation to their personal data, especially in the case of children and vulnerable adults. If your child is under 18, we’ll only use his or her personal data with your consent. This means that, for example, if your child wants to have his or her name or picture featured in one of our newsletters, we’ll need you to confirm it is safe, appropriate and that you’re happy for us to do so.
We won’t send marketing emails, letters or call any individual we know to be under 18 years old. We might hold the child’s name on the database, but the salutation and all correspondence will be directed to the parent or guardian
In the event of personal information being provided from a vulnerable adult wishing to receive communications from the charity, or to receive information from the social enterprise, including the loyalty scheme, reasonable steps shall be taken to identify and record if additional consent is required to ensure appropriate correspondence. For example, if a person has an appointee who supports the financial affairs of a vulnerable adult, advice ought to be obtained to ensure that the vulnerable adult is only sent information that does not include financial commitments.
How we protect data
We employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to, or use or disclosure of your personal information.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have personnel are required to follow specific protocols when handling personal data.
GNFC uses various third party companies to process credit card payments or manage Direct Debit Donations for our online payments. These companies use Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers.
For credit card donations taken onsite , credit card details are securely passed to the payment provider. GNFC complies with the payment card industry data security standard (PCI-DSS) published by the PCI Security Standards Council, and will never store card details.
Of course, we cannot guarantee the security of your home computer or the internet, and any online communications (eg information provided by email or our website) are at the user’s own risk.
GNFC premises have CCTV and you may be recorded when you visit them. CCTV is used to help provide security and to protect all individuals who visit and use the premises. CCTV will only be viewed when necessary (eg to identify or prevent crime) and footage is only stored temporarily. Unless it is flagged for review CCTV will be recorded over.
Caring For Life complies with the Information Commissioner’s Office CCTV Code of Practice, and we put up notices so you know when CCTV is in use.
Caring For Life have a remote monitoring station to assist in the security of the premise. A contract is in place, in line with GDPR requirements and no information is taken or removed from the CCTV unless it is for legal purposes or at the request of Caring For Life to identify or prevent crime.
GNFC is based in the UK and we store our data on with the necessary safety measures in place.
For example, some of our systems use Microsoft products. As a US company, it may be that using their products result in personal data being transferred to or accessible from the US. However, we’ll allow this as we are certain personal data will still be adequately protected (as Microsoft is certified under the USA’s Privacy Shield scheme).
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).
We continually review the information we hold and we ensure that when information is no longer required we thoroughly delete it. We never store payment card information.
It may be that we are required to store certain personal information for statutory reasons, even if at the supporters request we cease to send information, such as Donations, Names and Postcodes for the purpose of HMRC tax reviews.
Keeping you in control
We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
- the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as subject access request);
- the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
- the right to have inaccurate data rectified;
- the right to object to your data being used for marketing or profiling; and
- where technically feasible, you have the right to personal data you have provided to us which we process automatically on the basis of your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, although we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you would like further information on your rights or wish to exercise them, please write to firstname.lastname@example.org or in writing to, Good News Family Care, Hardwick Square East, Buxton, SK17 6PT or phone us on 01298 24761.
You can complain to GNFC directly by contacting the management team by using the details set out above.
If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the UK Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk.
Links to other sites
Our website includes some hyperlinks to other websites. We are not responsible for the content or functionality of any of those external websites, but please let us know if a link is not working, or if you feel one of the linked websites is not abiding by legal requirements by emailing us at email@example.com.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.