What’s this fuss about?
We are We Don’t Settle Ltd.
New rules have come into force (good ones) that mean we all get better rights with our data – how it’s collected, what’s done with it and how we can have more control over it. We collect data on our community, which includes participants, staff and potential candidates for jobs so we’ve put this policy together to explain how it all works. We hope it helps.
|Company Name||Contact deets|
|We Don’t Settleemail@example.com|
Why do you collect data?
We use data to make We Don’t Settle better for you and the people we serve. This includes doing things like:
We also use it for business and legal purposes, like:
What data have you got on me?
When you sign up to a be a part of our community we may collect the following bits of data:
If you have been involved with a We Don’t Settle programme, or part of research conducted by We Don’t Settle, such as focus groups, then we may also hold other data about you that you have given relevant consent for.
We will use data we hold on you as part of We Don’t Settle internal monitoring and insight, and to report on our impact online, and to funders and clients. This will always be anonymised; so for example, we might say how many people we’ve engaged with, and where they were from, but would only include names and photos if you have given your consent for us to do so.
Can I delete it or change it?
Of course. It’s your right. Please email firstname.lastname@example.org to:
Once we have verified it’s really you we will undertake your request within 30 working days.
There are some instances where we might not be able to do this, for example, if your data was part of a published report, or if your data was anonymised as part of a survey or piece of research, but we will tell you this clearly when we are collecting the data.
When do we delete our data?
What’s the point in keeping data we don’t use? None. We won’t keep your data longer than is necessary, unless you have provided us with your consent to get in touch with you.
Personal Data will be processed and stored for as long as required by the purpose they have been collected for, such as participation in one of our projects.
We may retain Personal Data for a longer period whenever you have given consent to such processing, as long as such consent is not withdrawn. Furthermore, we may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority (e.g. you have submitted a complaint that needs to be investigated).
If you request that we delete your data, we will do so in 30 working days. You will hear from us within 5 working days of filing your request, just to let you know we have started. After this we will keep your deletion request for a further year, before we delete that too.
Once personal data has been deleted in line with the guidance above, your right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced.How is your data stored?
We store your data in one way: on the We Don’t Settle Google drive. Google Drive is rigorously encrypted to prevent any of your data from escaping into the world wide web. You can have a read about Google’s data encryption policy here.
You may also interact with the We Don’t Settle community via Eventbrite. When you do this, your data is stored with them, but we look after it.
This will only be accessed by We Don’t Settle staff.
In the unlikely event of a data breach – we will contact you directly.
How long is data stored for?
We store your data for the duration of the project / programme you were involved in has ended unless you consent to be contacted again.
We keep HR & vacancy recruitment data for 12 months.
What about photos?
You will be notified when photos or videos are being taken at events and we will ask your consent to use these images in social media, reports or in other ways. We will store this data in the same way as indicated in the rest of the document.
Do you share it with other people?
We use your data to improve your experience. Our service means that we keep your data unless you ask us or give us your permission to share it, for example:
In exceptional circumstances, we may share your information without your permission if we reasonably believe you might be breaking the law, for example on hate speech, and such disclosure is allowed under the relevant laws, including data protection law.
When working with clients and partners on projects, we may share relevant data with them too. This won’t be used for marketing purposes, but to improve the project which we are working on with you.
If we sell or transfer bits of our business, we may transfer your data also but we will always tell you in writing in advance.
We will not sell your data onto third parties or share it unlawfully. That’s just not cool.
When will you contact me?
We might contact you:
What if I am under 16?
You need to be 16+ and give us permission to contact you. If you are under 16 years, you should get your parent/legal guardian to contact us directly at email@example.com
Where do you collect data?
We collect data mostly at our events, projects and online through our website. You can see the privacy policies of the tools we use to get a better understanding of them.
|Eventbrite||Signing up for projects & events|
|Google Drive (google forms & drive)||Our general processing of evaluation|
|Typeform||For some surveys and research|
|Get response||Newsletter & opportunities via email|
This policy was last reviewed in May 2022 by the Board of Directors.