Supporters and Donors
We collect, use and are responsible for certain personal information about you. When we do so we are subject to the General Data Protection Regulation, which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
1. Who we are
Bridge Care Limited (Bridgemead) is a not for profit residential care home, a Christian trust and a registered charity. The services provided by the trust are supported by fees from those who are privately funded and from the local authority and other statutory bodies. We also welcome gifts, covenants and legacies. To get in touch see below: ‘How to contact us’.
2. The information we collect, hold and process
We may collect and use the following personal information about you:
- Your name and contact information, including email address, postal address and telephone number.
3. How your personal information is collected
We obtain information from the details you provide to us when you communicate with us by telephone, email and post or when you complete a form provided by us that includes your personal details. We may also obtain your information through our website.
4. How and why we use your personal information
Under data protection law, we can only use your personal information if we have a proper reason for doing so for example:-
- to comply with our legal and regulatory obligations;
- for the performance of a contract with you or to take steps at your request before entering into a contract;
- for our legitimate interests or those of a third party; or
- where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
Your personal information is important to us to enable us to communicate with you effectively and to respond to you in an appropriate manner. Our lawful basis for processing your personal information is that either you have provided explicit consent to us or we have a legitimate interest in staying in touch with you a supporters and/or donor to Bridgemead.
We only make use of your personal information for the purposes of contacting you (by email, text message, telephone or post) with details of fundraising events we hold from time to time that may be of interest to you or for the recovery of gift aid on any donations you may make. We cannot recover gift aid unless you have expressly agreed to this.
If you have not explicitly consented to Bridgemead maintaining contact with you for the above purpose, we believe we have a legitimate interest in processing your personal data for fund raising purposes (see above). This means we do not usually need your consent to send you communications regarding fund raising. However, where consent is needed, we will ask for this consent separately and clearly.
You have the right to opt out of receiving fund raising communications at any time by contacting us by email: firstname.lastname@example.org
5. Who we share your personal information with
We never sell or share your data with third parties save for HMRC for the purpose of recovery of Gift Aid on any donations you may make to Bridgemead and this is only where you have expressly agreed it.
We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers relating to ensure they can only use your personal information to provide services to us and to you.
We may also share personal information with external auditors, e.g. in relation to the audit of our accounts.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
6. Right to withdraw consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us – see below: ‘How to contact us’.
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
7. Your information and your rights
The personal information that we hold about you is your property and you have the following rights in respect of that information.
- To be informed about how we obtain and use your information;
- To ask for access to the information that we hold about you;
- To have your information rectified where it is incorrect;
- To have your information erased, except in circumstances where it is necessary for us to retain it;
- To object to the processing of your information in circumstances that are not necessary for legal reasons
- Where the processing of your information is based on your consent, the right at any time to withdraw that consent;
- To have information you provided to us copied to you, or sent directly to another company if instructed by you (Data Portability); and
- To object to any decisions based on the automated processing of your data, including personal profiling.
For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- email, call or write to us —see below: ‘How to contact us’; and
- let us have enough information to identify you (e.g. your full name and address);
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
- let us know what right you want to exercise and the information to which your request relates.
8. Data Retention
We will keep your personal information for as long as is necessary:
- to respond to any questions made by you or on your behalf;
- to show that we treated you fairly;
- to keep records required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this notice. If you have provided explicit consent for us to contact you regarding fundraising activities for Bridgemead we will keep your personal information for as long as that consent remains in place. If consent is withdrawn, we will delete your personal data within one month of your consent being withdrawn (subject to any legal requirement to keep your data longer under HMRC rule concerning gift aid).
If we are communicating with you based on our legitimate interest, we will only keep your personal information for up to two years after you last made a donation to Bridgemead or actively engaged with us through attendance at our events.
When it is no longer necessary to retain your personal information, we will delete or anonymise it.
9. Transfers outside the European Economic Area (EEA)
The data we collect from you may be transferred to and stored at a destination outside the EEA. We take steps to ensure that, in the event that your information is transferred outside the EEA, appropriate measures and controls are in place to protect that information in accordance with applicable data protection laws and regulations in the UK.
10. Security and storage of information
The security and storage of your personal information is very important to us.
The personal information we collect from you is stored in a variety of formats dependant on your relationship with Bridgemead. In some cases this is in paper format and in other cases this is in electronic format.
Where your data is stored in paper format it is stored in locked drawers and/or cabinets in rooms that are also locked. Access to that data is limited to the individual responsible for processing the data and to the Registered Manager in that individual’s absence.
Where your data is stored electronically it is stored on secure servers, protected through a combination of physical and electronic access controls, firewall technology and other security measures. In addition when we transfer your data electronically it will be encrypted using secure technology. We have put in place measures to guard against unauthorised or unlawful processing and against accidental loss, destruction or damage.
11. Changes to our Privacy Notice
This Privacy Notice was published on 23rd May 2018. We may, from time to time, modify or adjust this Privacy Notice. However we will not reduce any of your rights contained in it.
Any changes we make to our Privacy Notice will be found on our website:
Copies can also be obtained from us by reference to the Data Protection Compliance Manager – see How to contact us below.
Should you have any concerns about the use we make of the personal data that we hold about you please contact the Data Protection Compliance Manager. If you are dissatisfied with any response you receive from the Data Protection Compliance Manager please contact the Information Commissioner’s Office (ICO) directly at: http://ico.org.uk/concerns
13. How to contact us
Address: 81 St John’s Road, Bath, BA2 6PZ
Telephone: 01225 484904
14. Do you need extra help?
If you would like this notice in another format (for example audio, large print, braille) please contact us.