This privacy policy explains how we collect personal data, how we use and store it, and how to contact us regarding your data.

Introduction

The Branch Trust is a charity registered in the UK (no. 1191055).

The Branch exists to break down barriers, unlock potential and create opportunities. We work with compassion, creativity and collaboration at the heart of the community.

The Branch follows industry best practice regarding how we collect, store and use your personal data. We are registered with the Fundraising Regulator and the Information Commissioner’s Office, registration number ZB308634.

This policy explains how we collect personal data, how we use and store it, and how to contact us regarding your data.

If you have any questions about this privacy policy please do not hesitate to contact us by email office@thebranchtrust.org

What information do we collect?

We collect certain personal information each time you interact with us.

When you donate to us

We collect your personal data, such as your name, email and postal address, when you make a donation or request information or become

a Friend of The Branch. We do so to ensure we can process your donation, complete any request you make of us, or to provide you with

the most relevant information.

From interaction on our website

We collect non-personal data such as IP addresses, details of pages visited and files downloaded. Website usage information is collected

using cookies, see the section on Cookies below.

From Third parties

We collect information from third parties, such as fundraising sites including Enthuse, where you have agreed to support The Branch Trust

and our work and have given your consent. Third parties may provide us with your contact details if they think you or your organisation

would be interested in supporting us and have your agreement that we may get in touch with you.

We may collect information that you make publicly available, for example on social media platforms such as Facebook and Instagram

when you have chosen to interact with us. As with all third parties, you may wish to check how they collect, store and process your

personal data.

We may receive personal data directly from third parties, such as social prescribers including Citizen’s Advice, Cottsway etc, where you

have given your express consent.

From publicly available data

We may collect information from Companies House, the Charity Commission and information published online or in printed news media,

to help us tailor our communication to you.

Our Programmes

When you sign up to a Branch Trust programme and share personal data with us, we will retain this information for analysis and

monitoring purposes.

Applying for a job or volunteering with us

Where you provide personal data and sensitive personal data when applying for a job or volunteering opportunity, such as the information

on your CV, we will process, store and disclose this personal data to support the recruitment process. With your consent, we will use this

information to contact third parties, such as referees, or to check DBS records. CVs and application forms will be stored for a period of six

months before being deleted unless you have given us permission to hold them for longer for future jobs. We will store anonymised data

regarding applicants to monitor compliance with our equal opportunities policy.

Visiting The Branch

In some cases, visitors to The Branch will sign in so that we have a record and for health & safety reasons. We also use CCTV to view and

record individuals when they visit The Branch to maintain a safe environment for our staff, volunteers and visitors and to prevent crime.

Our visitors’ images may be recorded by CCTV but the data will not be retained for longer than is necessary.

Sensitive data

Some information you share with us may be classed as ‘sensitive personal data’, including, but not limited to, religious beliefs, health or

financial information, information about your mental and physical health, ethnic background, criminal record, educational history and

exam results and data regarding your socio-economic background, such as the type of housing you live in. This information is stored

securely on our SharePoint site and is only accessible by staff who have a legitimate reason to access the information. We collect this data

to ensure that we can provide the best service possible, and to ensure that we are working with people who most need our help. We may

also store and use it to ensure we communicate with you in the most relevant way. For example, if you tell us you go to a local church, we

may invite you to a relevant local event.

What do we do with your information?

We may use the personal data we collect to:

• Keep you up to date on news and stories about our work;
• Ask for financial and non-financial support, such as volunteering;
• Process and record donations you give us, or to support your fundraising for us, including gift aid;
• Provide information you have requested;
• Provide a personalised service, such as personalised emails;
• Record your interaction with us, such as any volunteering you engage in or events you attend;
• Analyse the personal information we collect about you and use publicly available information to aid our understanding of our
  supporters, understand the level of potential donations, profile supporters into categories to help provide the right information
  at the right time to the right supporters; and
• Ask for your feedback on our work and our communication with you;
• Recommend a programme or offer an opportunity which may be of interest to you.

Basis of processing your data

Consent: We will process your personal data on the basis of the consent you provided us with. In practice, this means that we will contact

you by email and phone only if you have given us permission to do so. You are free to change your preferences at any time by contacting

us by telephone, post or email, using the details shown below.

Legitimate interest: Contacting the right supporters at the right time. We may write to our supporters occasionally by post to inform them

of our work or of opportunities to get involved. When you make a donation, a series of donations, express an interest in our work, or show

a potential to give to our work, we will rely on our legitimate interest in order to collect additional information as noted above. This helps

us to identify those supporters who would benefit from an initial discussion with a us.

How and where we store your information

How long do we keep your data?

We will keep your personal information only for as long as we consider it necessary to carry out each activity.

We have a data retention policy to implement this. We take account of legal obligations and accounting and tax considerations as well as

considering what would be reasonable for the activity concerned.

For example, we will retain details of donations for eight years to meet tax, accounting and auditing requirements. Where someone leaves

us a legacy, we will retain this data indefinitely to carry out the administration of legacies and to communicate with families and executors

of those who’ve left us a legacy.

We are registered with the Information Commissioners Office, registration number ZB308634

If you have any questions about our Data Retention Policy please contact us in writing at:

Data Protection Officer, The Branch Trust, 16 Market Place Chipping Norton, OX75NA, or email: office@thebranchtrust.org

We ensure that access to personal data is restricted only to those staff members or volunteers whose job roles require such access and

that regular training is provided for these individuals.

Credit/debit card security

If you use your debit or credit to donate to us through our website, this information is processed through our third party

provider, Enthuse. We do not have access to, or store, this information on our database.

Bank Details

If you set up a regular donation to us directly through your bank, we do not have access to, or store, this information on our database. If

you set up a direct debit to us through our website, this information is processed through our third party provider, Enthuse. We do not

have access to, or store, this information on our database. If you set up a regular donation to us by completing and signing a standing

order form for us to send to your bank, this information will be stored and processed securely.

Where we store your personal information

We use an online database called SharePoint to store and process personal data. SharePoint ensures personal data is held in compliance

with UK data protection legislation, and The Branch Trust takes steps to ensure that your data is stored and processed securely. When you

share your data with us, you agree to it being stored and processed in this way.

When we share your information

The Branch Trust does not share or sell any personal data with other charities. In order to do our work, we use third party suppliers, such

as Mailchimp to collect and record data. The Branch Trust has completed due diligence with these our suppliers to ensure that they are

compliant with data protection regulations, and we submit data deletion requests to suppliers as soon as possible when they are no longer

needed. If you have any questions, please contact us.

Legal duty

We may need to pass on information if required by law or by a regulatory body. For example, a Gift Aid audit by the HMRC, or if asked for

details by a law enforcement agency.