Our Privacy Policy

At the St Gregory’s Foundation, we’re committed to protecting and respecting your privacy.

This policy explains when and why we collect personal information about people who support our charity, visit our online resources, contact us, how we collect and use your information, the conditions under which we may disclose it to others and how we keep it secure.

The information to which we are referring is “personal data”, a phrase defined by law as being any information which could identify you and/or how to contact you. We use the word “information” in this policy, to make it easier to follow. The laws only relate to individual people, they do not relate to businesses.

We may change this policy from time to time so please check this policy to ensure you’re happy with the changes. By supporting our charity, visiting our online resources or contacting us, you’re agreeing to be bound by this policy.

Any questions regarding this policy should be sent by email to info@stgregorysfoundation.org.uk  or by writing to SGF c/o 4 Bushy Court, 20 Upper Teddington Rd, Hampton Wick, Surrey, KT1 4DU. Alternatively, you can telephone 0203 372 4992.

Who are we?

We, St Gregory’s Foundation, are the charity dedicated to helping to relieve poverty and preventing poverty and social insecurity in Russia and Georgia, amongst the most vulnerable groups of people of all nationalities and religions. We are the UK registered charity no. 1002469 and a private limited company no. 2589926. The registered address is 8 Biddulph Road, London, W9 1JB.

In practice, our current work is concentrated almost exclusively on assisting socially disadvantaged and disabled children and young people and enabling young orphans and families to become as independent as possible.

We work entirely through local partner organisations to ensure that appropriate local solutions are found to problems, and to help strengthen the local charity sector. We only work with those individuals and organisations who help those in need, irrespective of religion, ethnicity or political views, who meet high standards of transparency in their activities, and share our ethic of empowering their beneficiaries.

What information do we collect for administrative purposes?

We may collect: your name, address, email address, telephone number, organisation, donation history and whether your donations are eligible for Gift Aid. If you make a donation online or make a purchase, your card information is not held by us, it is collected by our third-party processors, who specialise in processing credit/debit cards securely.

How do we collect information from you?

We obtain information about you when you make a donation, become a member, make a purchase, get in touch via website or online resources, register to receive our newsletter and email bulletins and attend our events.

How is your information used?

We may use your information to:

  • Process a donation that you have made
  • Process orders that you have submitted
  • To carry out any obligations arising from any contracts entered into by you and us
  • Send your details to a member of the board who wishes to contact an individual or group about a specific event or appeal
  • Seek your views or comments on the services we provide
  • Notify you of changes to our services
  • Send you communications which you have requested or that may be of interest. These may include information on AGMs, project news, campaigns, appeals, other fundraising activities, promotion of our online charity shop and services
  • Process a grant or job application.

We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example the collection of Gift Aid). We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

Who has access to your information?

We do not sell or rent your information to third parties.

We will not share your information with third parties for marketing purposes.

Third-party service providers working on our behalf

We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process donations and send you mailings). However, when we use third-party service providers, we disclose only the personal information that is necessary to deliver the service.

When you are using our secure online donation pages, your donation is processed by a third-party payment processor, who specialises in secure processing of credit/debit card transactions.

Disclosure

Please be reassured that we will not disclose your information to third parties beyond the St Gregory’s Foundation for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.

Your choices

You have a choice about whether or not you wish to receive information from us. If you do not want to receive our publicity and fundraising materials from us about the vital work we do to help children and families in Russia and Georgia, our fundraising activity and services, then you can select your choices by ticking the relevant boxes situated on our membership form from which we collect your information.

We will not contact you for publicity and fundraising purposes by email or by post unless you have given your prior consent. You can unsubscribe from receiving our email bulletins or newsletters at any time by contacting us by email: info@stgregorysfoundation.org.uk or telephone on 0203 372 4992.

Your rights

You have some rights, which are given to you by law. They are:

  • The right to be informed about what information we collect about you and how we use it.
  • The right to see what information we hold about you.
  • The right to correct any incorrect or incomplete information we may hold.
  • The right to be forgotten – in other words to have your information deleted from our systems. There are some exceptions to that right.
  • The right to prevent the use of your information.
  • The right to object to your information being used for a specific purpose.
  • The right, at any time, to withdraw your consent.
  • The right to pass the information we have collected to another service provider.
  • A series of rights in connection with any automated decision making process we undertake – at this point, none of the decisions we make are automatic.

Please feel free to contact us and we can explain these rights more fully. You can also contact citizens advice or the Information Commissioner’s Office.

If you feel that we have mis-used your information, please let us know as soon as you can and we will investigate the issue as a matter of urgency.

How can you access and update your information?

 The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you.

 You have the right to view your personal information and should send your request to the Executive Secretary Julia Ashmore at info@stgregorysfoundation.org.uk. She will require proof of your identity.

In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us as above or write to us at: sgf C/O 4 Bushy Court, 20 Upper Teddington Road, Hampton Wick, Surrey KT1 4DU. Alternatively, you can telephone 0203 372 4992.

How we store your information 

When you give us personal information, we take steps to ensure that it’s treated securely. When your information comes to us we store your personal details in our access database which is locked under a secure password in the main office PC which is also locked with a confidential password. We store the paper version in a locked cabinet.

 We may store some information in the Cloud and, in that case, it will be stored in a manner which satisfies all UK legislation, whether it is stored in the UK or another location. Non-sensitive details (your email address etc.) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

How long we keep your information

We will never keep your information longer than we need it.

We will keep your name, address and contact details, together with a note of any preferences you have, for 6 years after the last date we have used them.

We do not store any banking and payment details. Those are subject to the privacy policies of our service providers, and you should check those policies when making a payment.

Links to other websites

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites, even if you access them using links from our website.

In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.

16 or under?

We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.

Who is responsible for data protection?

As a small charity we do not have a data protection officer. Access to the database is generally restricted to the Executive Secretary, who is responsible for data protection; however, in the absence of the Executive Secretary, the board will appoint another board member to undertake the responsibility for data protection.

What will happen if there is a breach?

The trustees guarantee that in case of a breach, the charity will access and investigate the breach, take a course of action to prevent further breach and will inform the ICO (Information Commissioner’s Office) within 72 working hours.

How regularly is the policy reviewed? The policy is reviewed in every two years, last update: May 2021.