[ 1 ] This policy is for Switchboard, its website and instant messaging and email service.
[ 2 ] This policy should be read in conjunction with the Confidentiality Policy and the Data Protection Policy.
[ 3 ] Everything that we do is guided by our Values, including how we use your data. We use personal data for many reasons, from understanding how our service users engage with us to informing our fundraising. Ultimately, this allows us to do our job of supporting the LGBT+ community.
[ 4 ] These are the main reasons why we collect and use data about our service users, staff, volunteers and trustees:
[ 4.1 ] To improve service user experience;
[ 4.2 ] To provide and manage our services appropriately;
[ 4.3 ] To carry out data analysis and send you communications when we have your permission; and
[ 4.4 ] To enable us to target some services to those most in need of them.
[ 5 ] We think carefully about our use of personal data, and below are details of what we do to protect your privacy. This policy covers, among other topics:
[ 5.1 ] Information about your rights and our obligations;
[ 5.2 ] Clarity about our dealings with you and transparency about how we collect and use your personal data;
[ 5.3 ] Commitments on how we protect your personal data; and
[ 5.4 ] Commitments on how we will facilitate your rights and respond to your questions.
[ 6 ] This policy explains how we at Switchboard collect, use, share and transfer your personal data when you use the services provided by us or help us provide these services.
[ 7 ] Personal data is any information about you by which you can be identified. This can include information such as:
[ 7.1 ] Your name, date of birth, email address, postal address, phone number, mobile number;
[ 7.2 ] Debit card details;
[ 7.3 ] Information about your device (such as the IP address, which is a numerical code to identify your device that can provide information about the country, region or city where you are based);
[ 7.4 ] Information relating to your personal circumstances and how you use our site, apps and services; or
[ 7.5 ] For volunteers and applicants to volunteer, information on personal characteristics such as gender and sexuality.
Who We Are and How to Contact Us
[ 9 ] The designated Data Protection Officer for our sites and apps is the Secretary of Switchboard. If you want to contact us, you can Contact the Switchboard Office via our website.
What Personal Data We Collect and How We Use It
[ 10 ] We collect anonymised personal data when you use our services and when you browse our site or use our instant messaging service. This information is used to provide and improve our services and analyse how visitors use our site or instant messaging.
[ 11 ] We will only collect identifiable personal information for the purposes of providing specific services which need this, or for employment, volunteering and fundraising purposes. In each of these cases your permission will be sought to hold or use this information. Personal information provided for the purpose of referrals will not be kept beyond its necessary time for use.
[ 12 ] Personal information may include any of the following:
[ 12.1 ] Your name;
[ 12.2 ] Your email address;
[ 12.3 ] Personal characteristics;
[ 12.4 ] Data needed for requested referrals and support e.g. geographical location, medical diagnosis; or
[ 12.5 ] Data needed for employment or volunteering e.g. bank details, home address.
[ 13.1 ] Your IP address – a numerical code to identify your device and which can provide information about the country, region or city where you are based; and
[ 13.2 ] Your browsing history of the content you have visited on our sites, including information on how you were referred to our sites via another website.
[ 14 ] Some of our services may give you the option of providing more information about your preferences, so that we can tailor your experience. Signing up to the mailing list or for a regular donation may also mean that we ask you for further details.
[ 15 ] We will not collect special categories of data – such as information about your race, political opinions, religion, health or sexual orientation – unless you have chosen to provide that information to us.
Using Your Social Media Details To Contact Us
[ 16 ] When you sign into our social media using your Facebook login details, you give permission to Facebook to share with us your email address and certain aspects of your Facebook profile if you have made these public on your Facebook profile. This only includes your first and last name, age range, link to your Facebook profile and profile picture. We do not have access to updates on your Facebook profile.
[ 17 ] When you sign into our social media using your Google login details, you give Google permission to share the information that you have made public in your Google profile. This only includes your first and last name, your email address and whether your email address has been validated, your age range, a link to your Google profile and, if you have one, your profile picture.
Using our Website and Instant Messaging
[ 18 ] Our instant messaging service and website may use anonymised information on the content you have viewed. A list of the information that you have recently viewed is also cached in the local storage on your mobile or other device. You can delete this reading history in the settings.
How We Collect Personal Data
[ 19 ] We may collect identifiable personal data when you:
[ 19.1 ] Become a supporter;
[ 19.2 ] Apply to or become a volunteer or staff member;
[ 19.3 ] Contribute to funding and supporting Switchboard; and
[ 19.4 ] Attend our events.
[ 20 ] We may also collect anonymised personal data, for example when you:
[ 20.1 ] Request information from us that requires specific personal details;
[ 20.2 ] Access our website; and
[ 20.3 ] Contact us via email, social media, instant messaging or similar technologies.
Why We Use Your Personal Data
[ 21 ] We use identifiable personal data for a number of purposes, including the following:
[ 21.1 ] To provide any services you sign up for, such as sending out newsletters; and
[ 21.2 ] To send fundraising communications when we have your permission, or when permitted by law and for related internal administrative purposes – such as our accounting and records – and to make you aware of any changes to our services;
[ 21.3 ] To improve our fundraising communications, we use a similar technology to cookies to confirm whether you have opened a fundraising email or clicked on a link in the email;
[ 21.4 ] To respond to your queries and to resolve complaints;
[ 21.6 ] To ensure that services offered by you or your organisation are genuine, non-exploitative and appropriate for our service users; and
[ 21.7 ] To comply with applicable laws and regulations.
[ 22 ] We also use anonymised personal data for a number of purposes, including:
[ 22.1 ] To carry out service research and fundraising analysis; for example we look at what you have viewed on our site, and what types of queries have been made, to better understand what the LGBT+ communities require from us, and to improve our services by making them more relevant to your needs; and
[ 22.2 ] For statistical purposes such as analysing the performance of our sites and apps and to understand how visitors use them.
Legal Grounds For Using Your Personal Data
[ 23 ] We will only use your personal data where we have a legal ground to do so. We determine the legal grounds based on the purposes for which we have collected and used your personal data. In every case, the legal ground will be one of the following:
[ 23.1 ] Consent: For example, where you have provided your consent to receive information from us. You can withdraw your consent at any time. In the case of fundraising emails or newsletters you can withdraw your consent by clicking on the “unsubscribe” link at the bottom of the email.
[ 23.2 ] Our legitimate interests: Where it is necessary for us to understand our service users, promote our services and operate our services efficiently. For example, we will rely on our legitimate interest when we analyse what content has been viewed on our sites and apps, so that we can understand how they are used. It is also in our legitimate interest to carry out fundraising analysis to determine what products and services may be relevant to the interests of our supporters.
[ 23.3 ] Performance of a contract or agreement with you (or in order to take steps prior to entering into a contract with you): For example, where you have become a volunteer, staff member or trustee of the organisation.
[ 23.4 ] Compliance with law: In some cases, we may have a legal obligation to use or keep your personal data.
Personal Data That We May Receive About You From Other Organisations
[ 24 ] From time to time, another organisation may disclose your personal details to us while seeking appropriate advice or referral information. Where this is part of an ongoing organisational relationship, Switchboard will seek to ensure that the third-party organisation also has privacy and GDPR policies which it abides by. Any such information disclosed to us by third party organisations will be kept only for as long as needed to perform the task required. In most cases this is unlikely to be identifiable personal information, but Switchboard will treat all third-party information as carefully as that disclosed directly to us by service users.
Using Children’s Personal Data
[ 25 ] We do not aim any of our products or services directly at children under the age of 13 and we do not knowingly collect personal data about children under 13 except in exceptional circumstances for safeguarding purposes.
Security Of Your Personal Data
[ 26 ] We have implemented appropriate technical and organisational controls to protect your personal data against unauthorised processing and against accidental loss, damage or destruction. Volunteers are responsible for choosing a secure password when asked to set up a password to access parts of our site. Unfortunately, sending information via the internet is not completely secure. Although we will do our best to protect your personal data once with us, we cannot guarantee the security of any personal data sent to our site while still in transit and so you provide it at your own risk.
Who We Share Your Personal Data With
[ 27 ] If you are going to one of our events hosted by an event partner, we may share your personal data with that partner for event administration purposes.
[ 28 ] Sometimes we may receive a letter, email or another form of communication from you that we consider to be significant to the history of Switchboard. We may decide to share this with the Switchboard Archive for historic and archiving purposes.
[ 29 ] We do not share your personal data with other people or organisations that are not directly linked to us except under the following circumstances:
[ 29.1 ] We may share your data with other organisations that provide services on our behalf such as dealing with online payments and other forms of payment processing, i.e. credit card transactions and preventing fraud.
[ 29.2 ] We may also share your data with referral organisations, but this will always be with your explicit permission in advance.
[ 29.3 ] In exceptional circumstances such as imminent danger to life or ongoing safeguarding needs, we may reveal your personal data to any law enforcement agency, court, regulator, government authority or other organisation if we are required to do so to meet a legal or regulatory obligation, or otherwise to protect our rights or the rights of anyone else.
How Long We Keep Your Personal Data
How We May Contact You
[ 31 ] We may contact you directly for a variety of purposes including the following:
[ 31.1 ] In response to an expressed interest in employment or volunteering with us, or in the course of that employment or volunteering;
[ 31.2 ] To communicate information requested on our services or as part of these services;
[ 31.3 ] To raise funds;
[ 31.4 ] To inform subscribers to our newsletters;
[ 31.5 ] To undertake market research; and
[ 31.6 ] If you have raised a query or a complaint with us, we may contact you to answer your query or to resolve your complaint.
Cookies And Similar Technology
[ 32 ] Our website uses both session and persistent cookies. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
[ 33 ] A persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
[ 34 ] Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
[ 35 ] Most browsers allow you to refuse to accept cookies. Blocking all cookies will have a negative impact upon the usability of many websites.
[ 36 ] If you block cookies, you will not be able to use all the features on our website.
[ 37 ] You can delete cookies already stored on your computer. Deleting cookies will have a negative impact on the usability of many websites.
Your Rights With Regard To The Personal Data That We Hold About You
[ 38 ] You can contact us with regard to the following rights in relation to your personal data, for example if you would like to have a copy of the personal data we hold on you or if you think that we hold incorrect personal data about you. We will deal with requests for copies of your personal data or for correction of your personal data within one calendar month. If your request is complicated or if you have made a large number of requests, it may take us longer, and we will let you know if we need longer than one month to respond. You will not have to pay a fee to obtain a copy of your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
[ 39 ] Where you have provided us with consent to use your personal data, you can withdraw this at any time.
[ 40 ] Where applicable, you may also have a right to receive a machine-readable copy of your personal data.
[ 41 ] You also have the right to ask us to delete your personal data or restrict how it is used. There may be exceptions to the right to erasure for specific legal reasons which, if applicable, we will set out for you in response to your request. Where applicable, you have the right to object to processing of your personal data for certain purposes.
[ 42 ] If you want to make any of these requests, please contact the Secretary. We may need to request specific information from you to help us confirm your identity.
Contacting Us For Information About How We Use Your Personal Data
[ 43 ] If you have any questions about how we use your personal data or if you have a concern about how your personal data is used, please contact the Secretary. Complaints will be dealt with by the Secretary and will be responded to in line with legal requirements. If you are not satisfied with the way your concern has been handled, you can refer your complaint to the Information Commissioner’s Office.