Clouds End CIC
General Data Protection Regulation (GDPR) provides the legal framework that defines how personal information can be used. Clouds End CIC arefully committed to complying with the principles set out in GDPR and has a legal duty to protect any information collect from you.
- Your personal information is only used for the purpose forwhich it is collected.
- Only information that we need is collected.
- Your personal information is only seen by those who need it in orderto do their jobs.
- We will only disclose data when we have your consent, or where we are obliged to disclose personal data by law, or as expressly permitted under the GDPR (through contract; legal obligation, vital interests; public task; or legitimate interests).
- We will keep your information up to date. Inaccurate or misleading data will be corrected as soon as possible.
- Personal information is retained only for as long as it is required for the purpose collected.
- Your information will be protected from unauthorised or accidental disclosure and
processed in an appropriate manner to maintain its integrity and confidentiality.
- We will provide you with a copy of your personal information on request (please see below for information on access rights and requests).
These principles apply whether we hold your information on paper or in electronic form.
How do we collect information?
If you provide services to Clouds End, we will collect information in line with your contract for services, and/or service use. This can include clinical notes, assessment data and recording of key themes, agreed actions and outcomes of contact.
We do not share this information externally without your consent, unless legally required to do so. We have never breached confidentiality without consent. We endeavour to never do so.
Internal access to personal data is highly regulated and weensure that only the person/sproviding the service, have access to relevant information. Administrative access to key personal details, such as name and address, are shared across the organisation. This too can be restricted upon request (please see below for information on access rights and requests).
We may also collect technical information relating to your use of our website, including your browser type or the Internet Protocol (IP) address used to connect your computer to the internet.
We also gather general information about the use of our website, such as which pages participants visit most often and which services, events or facilities are of most interest. We may also track which pages participants visit when they click on links in emails.
We obtain personal information from you when you send or receive an email or purchase an online course, ask a question or otherwise provide us with personal information.
We will only ever collect the information that we need, including data that will be useful to help improve our services. The information is either needed to fulfil your request or to enable us to provide you with a more personalised service. You don’t have to disclose any of this information to browse our sites.
What information do we collect?
The personal information we collect might include name, date of birth, email address, postal address, telephone number. We do not store credit/debit card details We use third party secure sites to process payments.
We may also collect special categories of personal data, such as information about your health, if this is required for the purpose for which you have contacted Clouds End CIC.
We also gather general non-personal information about the use of our website, such as which pages are visited most often, and which are of most interest.
Do we share your information with anybody else?
We may need to disclose your information if required to do so by law or as expressly permitted under applicable data protection legislation.
We do not sell personal details to other charities or other third parties.
Our websites may include links to websites run by other organisations. Clouds End CICis not responsible for the privacy practices of these other websites, so you should read their privacy policies carefully before sharing any personal or financial data.
Storing and protecting your information
We recognise the concerns that many people have about giving personal information online.
We place great importance on the security of all personally identifiable information associated with those who contact us. We have security measures in place to protect against the loss, misuse and alteration or destruction of personal data under our control. Information is stored by us on computers located in the UK as well as Microsoft Office 365 servers offsite. We may also store information on paper files. All of our online forms are protected by encryption. We also use a secure server when you make a payment via our website.
We will keep your information only for as long as we need it to provide you with the goods, services or information you have required, to administer your relationship with us, to inform our research or the preferences of our supporters, to comply with the law and tax accounting rules, or to ensure that we do not communicate with people who have asked us not to.
When your information is no longer required, we will always dispose of it securely.
Payment Card Information
Clouds End CIC does not store any sensitive payment card data in our systems.
Clouds End CIC uses Paypal to securely handle all payments on its websites.
Transfer of Information Outside of the UK/EU
Given that the Internet is a global environment, using it to collect and process personal data necessarily involves the transmission of data on an international basis. This means for instance that data you pass to us may be processed outside the European Economic Area, although the data will always be held securely and we will take steps to ensure that any third-party organisation we engage to process data on our behalf provides an adequate level of protection in accordance with GDPR. By submitting your personal information, you agree to this transfer, storing or processing at a location outside the EEA.
Clouds End is concerned to protect the privacy of children aged under 13. We will seek consent from a parent or guardian before collecting personal information about a child aged under 13. We will not knowingly request or collect from a child any information online that can be traced to the child, such as an email address, name, or information about the child’s family. Unless a parent or guardian consents to such use in advance, we will not knowingly use information that a child provides to us for any fundraising or promotional purpose
You have a right to object to Clouds End CIC processing your personal information (‘right to object’) at any time where we rely on our legitimate interests for doing so. Such a request must be sent to the Data Protection Officer at the address below.
Clouds End CIC always acts upon your choices around what type of communications you want to receive and how you want to receive them / wish to be contacted. You can change your marketing preferences for what you receive from us and how, at any time, by contacting:
Clouds End CIC
75 Elms Close
Tel: 0121 680 5287
You have a right to ask us to confirm whether we are processing information about you, and to request access to this information (‘right of access’). Please use our form to ensure you supply all the information we need to process your request. To obtain a copy of the personal information we hold about you, please write to us or submit your form to:
Data Protection Officer:Heather Matuozzo
Clouds End CIC
75 Elms Close
Tel: 0121 680 5287
You may ask us, or we may ask you, to rectify information you or we think is inaccurate, and you may also ask us to remove information which is inaccurate or complete information which is incomplete (‘right to rectification’). If you inform us that your personal data is inaccurate, we will inform relevant third parties with whom we have shared your data so they may update their own records. If your personal details change, please help us to keep your information up to date by notifying us at the address above
You have a right to obtain your personal data from us and reuse it for your own purposes, perhaps for another service, without hindering the usability of the data (‘right of portability’). This right does not apply where processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
You have a right to seek the erasure of your data (often referred to as the ‘right to be forgotten’). You may wish to exercise this right for any reason, for example where it is no longer necessary for us to continue holding or processing your personal data you may withdraw your consent. You should note that we are entitled to and reserve the right to retain your data for statistical purposes. This right is not absolute, as we may need to continue processing this information, for example, to comply with our legal obligations, or for reasons of public interest.
You have a right to ask us to restrict our processing of your information (‘right to restriction’) if:
- you contest its accuracy and we need to verify whether it is accurate
- the processing is unlawful, and you ask us to restrict use of it instead of erasing it
- we no longer need the information for the purpose of processing, but you need it to
establish or defend legal claims
- you have objected to processing of your information being necessary for the performance of
a task carried out in the public interest, or for the purposes of our legitimate interests. The
restriction would apply while we carry out a balancing act between your rights and our
- you exercise your right to restrict processing, we would still need to process your
information for the purpose of exercising or defending legal claims, protecting the rights of
another person or for public interest reasons.
If you would like to exercise any of your rights above, please contact the Data Protection Officer at our address, unless we have provided specific contact details in respect of one of the rights we have set out. We will act in accordance with your instructions as soon as reasonably possible and there will be no charge.
You have a right to report any of your concerns about our use of your data to the Information Commissioner’s Office. You may do so by calling their helpline at 0303 123 1113.
Trademarks and copyright
Clouds End CIC’s website contains material which is protected by copyright and/or other intellectual property rights. All copyright and intellectual property rights including the names, images and logos are owned by Clouds End CIC unless otherwise stated. All rights are reserved.
You are responsible for complying with all applicable copyright laws. We permit you to make copies of information on Clouds End CIC’s website as necessary incidental acts during your viewing and you may take a print for your personal use of so much of the site as is reasonable for private purposes. All other uses are prohibited. Nothing in these terms shall be construed as conferring any right to use any trademark, logo, patent right or copyright of Clouds End CIC
If you have any questions about this policy or how we use data, please contact the Data Protection Officer at the above address or via email to firstname.lastname@example.org
Data Protection Regulator
Clouds End CIC is a registered member of the ICO. Further information and advice about data protection is available from:
The Office of the Information Commissioner
Cheshire SK9 5AF
Tel: +44 (0) 01625 545 745