Skip to main content

Privacy policy

The Climate Group – September 2020

 

Who we are 

The Climate Group is committed to protecting and respecting your personal information and making every effort to ensure that this is processed in a fair, open and transparent way.

This privacy policy outlines how personal information we collect from you, or that you provide to us, will be processed by us.

For the purposes of the EU General Data Protection Regulation 2016/679 (GDPR), we are a 'data controller' and are responsible for control the processing of your personal information in accordance with this regulation. 

How we collect information about you

We collect information from you in the following ways:

Interacting with us directly:

  • registering on our website (theclimategroup.org)
  • subscribing to one of our newsletters
  • making a donation
  • registering an event
  • enquiring about our events and fundraising opportunities
  • applying for a job
  • taking one of our surveys

This also includes when you phone us, by post or in person.

Interacting with us through partners or suppliers

This could be if you contact us through one of our partners, who support us with funding or provide us with services and through members of our campaigns, where you give us your consent for your personal information to be shared with us.

When you visit our website

We gather general information, including pages you visit and the services, events or information that are of most interest to you. We may also track the pages you visit when you click on links in emails from us.  We also use 'cookies' to help us manage our site effectively. 

Public Profiling

So that we can tailor our communications with you in accordance with your background and interests we may collect information about you from publicly available sources or through third party subscription services or service providers.

Type of information we collect and why

Personal Information

By personal information, we mean information about you as an individual, that can directly or indirectly identify you, such as your name, address, email address, telephone number or financial details. Further details of this definition can be found under Art. 4 of the GDPR.

We will collect personal information from you when you make a donation, register for an event, become a member of one of our campaigns or initiatives, become one of our funders, have a contractual relationship with us, have a pre-existing relationship with us or are invited to and attend one or more of our events. We may also ask for some additional, non-personal information where relevant.

We use your personal information to

  • process donations or other payments
  • provide the services that you have requested
  • fulfil our contractual obligations
  • update you with important information about our work, our campaigns and initiatives, such as our newsletters and annual updates
  • invite you to one or more of our events
  • send you marketing materials
  • comply with official regulators requiring us to identify and verify the identity of those who make major gifts so we can assess any risks associated with accepting their donations and to keep a record of your relationship with us.

Without this information, we will not be able to process your donation, enter into contractual relationships with you, accept funding from you, provide you with one or more of our newsletters or information about our campaigns and initiatives or invite you to our events.

We never collect sensitive personal information.

Children's Data

When you register with us, you are stating/confirming that you are 18 years of age or over, or are a minor acting with parental consent. You agree that any information you provide to us about yourself upon registration or at any time is true.

Accuracy and relevance

We will ensure that any personal information we process is accurate, relevant, not excessive and is used for the purpose that it was obtained. We do not process personal data obtained for one purpose for any unconnected purpose, unless you have provided consent.

Lawful, fair and transparent

To ensure that the processing of your information is lawful, fair and transparent, we shall maintain a Register of Activities and this shall be reviewed annually.

You, as an individual, have the right to see your personal data and any such request will be dealt with in a timely manner.

Legal basis

We will only use your personal information where we have your consent or because we need to use it to fulfil a contractual relationship with you (for example, because we have a Grant Agreement, Sub-Grant Agreement or Service Agreement with you).

However, there are other lawful reasons that allow us to process your personal information and one of those is called “legitimate interest”.  This means that the reason we are processing your information is because there is a legitimate interest for us to do so.  When processing your personal information under 'legitimate interest' we will make sure that we consider your rights and interests and will not process your personal information if we think there is an imbalance.

The legal basis for processing your personal information shall be recorded in our Register of Activities and where consent is relied upon as a lawful basis for processing your personal information, evidence of the opt-in consent shall be kept with that personal information.

Sharing your information

We never sell or share your personal information with third parties or sell any information about your web browsing activity. We may, however, share your information with our trusted partners and suppliers who work with us, as part of our legal obligation with them. We ensure that trusted partners and suppliers who work with us store such data securely, delete it when they no longer need it, never use it for any other purpose and comply with Data Protection Laws, ensuring they have appropriate controls in place to ensure security of your personal information.

We may disclose your information if required to do so to comply with applicable local laws, regulations and codes of practice or in response to a valid request from a competent authority or, in order to enforce our conditions of sale and other agreements.

Security

We take looking after your information very seriously. We shall ensure that your personal information is stored securely using modern software that is kept-up-to-date. Any access to personal data shall be limited to personnel who need access. When your personal data is deleted, it shall be done safely so that the data is irrecoverable and we shall implement appropriate back-up and disaster recovery solutions. 

Your data may be processed by members of our staff operating outside of the European Economic Area ('EEA').  We will take all steps to reasonably ensure that your data is treated securely and in accordance with this Privacy Policy.

Furthermore, all our staff will participate in annual internal training so that they know how to process your data in accordance with the GDPR.

Any debit or credit card details that we receive on our website are passed and processed securely through Charity Checkout. 

Our site, may from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates.  If you follow a link to any of these websites, please note these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

How long we hold your information for

We only keep your personal information for as long as is reasonable and necessary for the relevant purpose.

We will put in place an archiving policy for each area in which personal data is processed and review this process annually. This archiving policy shall consider what data should and must be retained, for how long and why.

Your rights

You have certain rights in respect of the personal information we hold about you.  If you wish to exercise any of these rights or make a complaint, you can do so by contacting our Data Protection Officer via the details listed above.

Your rights:

  • access to your personal information: You have the right to request a copy of your personal information that we hold, the information that we use, why we use it, who we share it with, how long we keep it for and if it has been used for any automated decision making. Access to this information is free  and all requests should be made in writing with evidence of your identity
  • right to object: You can object to the processing of your personal information where we are relying on the legal basis of legitimate interest. You also have the right to object where we are processing your personal information for direct marketing purposes.  Please contact us on the details noted above
  • consent: If you have given us consent to use your personal information, you can withdraw that consent at any time
  • rectification: You can ask us to change or complete any inaccurate or incomplete personal information held about you
  • deletion: You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent or we have no lawful basis for keeping it

Cookies

'Cookie' is the name for a small file, usually of letters and numbers, which is downloaded on your device, such as your computer, mobile phone or tablet when you visit a website. A cookie, by itself, cannot be used to identify you,

We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer, to enable us to estimate our audience size and usage pattern, to store information about your preferences, to speed up your searches and recognise when you will return to our site.

You can opt out of accepting the cookies. However, in doing so you may be unable to access certain parts of our website.

If you have any questions about how we use cookies, please contact us.

Breach

In the event of a breach of security, leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we shall promptly assess the risk to your rights and freedoms and, if appropriate, report this breach to the ICO.

Future changes to our privacy policy

Any future changes we may make to our privacy policy will be posted on this page and, where appropriate, notified to you by email. 

Contact

Questions, comments and requests regarding this privacy policy and our privacy practices are welcomed and should be addressed to our Data Protection Officer by:

  • Writing to The Climate Group, Adam House, 7-10 Adam Street, London WC2N 6AA United Kingdom
  • Telephone 020 7960 2970
  • email info@theclimategroup.org