Registered Charity Number 1161330
Our website address is: https://www.rainbowchorus.org.uk.
Our Principle Office is: St George’s Church, St George’s Road Brighton BN2 1ED
Published November 2020
We’re the Rainbow Chorus. We exist to promote diversity and equality through song, performances and working directly with the communities around us.
Our Registered Charity Number 1161330
Below we have answered a range of questions to help you better understand how we protect your personal information:
What information do we collect?
Personal information is any information that can be used to identify you. So, for example, if you donate money, request services or products, or become involved in our campaigns, we may collect and process the personal information that you’ve provided. We may also collect information from you when you report a problem with our website or if you complete a survey which we use for research purposes.
This personal information may include your name, email address, postal address, telephone or mobile number and date of birth, financial details, UK Tax payer information (for Gift Aid), credit/debit card information and records of responses to campaigns, as well as how you came to find us or about our services or events. In relation to our online store, this may also include additional information such as clothing size.
We may also collect details of your visits to our website, for example your location data, other sites you’ve visited and the resources that you access. We use this to provide you with the information, services or products that you’re interested in and are most relevant to you.
Keeping your information up-to-date
To make sure we always have the most up-to-date information about how to contact you, we may also, from time to time, update your records to reflect any changes to your personal information.
This information may come directly from you, or it may come from a third party that we consider is legitimate and trustworthy and in circumstances where it is appropriate and where you will have had a clear expectation that your details would be passed on for this purpose.
We may also combine the information you provide us with information we collect from trusted third parties and partners such as business partners, sub-contractors, advertising networks, analytics providers, search information providers, credit reference agencies as well as publicly available sources.
We use your cookies to give you a more personalised experience online. It helps us create a more effective website that reflects your needs. We may also collect and record information about how you use our site by collecting your IP address (in simple terms that just means a number that identifies a specific computer or other internet device).
How do we use your personal information?
There are broadly eight ways that we may use your personal information, all to help us provide the most relevant and personalised service for you:
1. To provide you with information (such as fundraising or campaigning activities), services or products you’ve requested or which we feel may interest you.
We may also permit selected third parties to provide you with information on our behalf. But all this will only happen when you’ve consented to us contacting you. For more information, please see “How we handle your information and other organisations” below.
2. To allow you to participate in interactive features on our website, when you choose to do so.
For example, we may help you auto-complete forms by inserting your contact details for you to edit.
3. To analyse and improve the services offered on our websites.
This means we can provide you with the most user-friendly navigation experience we can, which may involve providing your information to third parties.
4. To use your IP addresses to identify relevant information.
This may include information such as your approximate location. It also helps us to block disruptive use or establish information like the number of visits to the website from different countries.
5. To make our marketing campaigns more targeted and relevant to potential donors and customers.
6. To process personal information to help us with our work and activities
For the purposes of customer analysis and, where you have consented to us doing so, direct marketing. We may process your information to help us with our activities and to provide you with the most relevant information.
7. To process personal information and/or provide this to a third party for the purposes of profiling and understanding who visits our site.
This could be analysing demographics to inform our campaign and marketing strategies.
- Age: Some communications would exclude supporters whose known age is not within the target audience.
- Gender: Gender is also used for some analysis of our diversity and impact.
- Previous interactions: A supporter’s previous interaction with the Rainbow Chorus is also used for targeting purposes. For example, a previous audience member would be prioritised for future show invitations.
We may also add information to supporters’ personal information to help us with our targeting. Such information would not be personally identifiable or specific to you, but rather would give an indication of the type of supporter you are.
These activities may also involve ‘automated decision-making’. However, you have the right to object to the use of your personal information for profiling and automated decision-making processes. For information on how to exercise these rights, please see the section on ‘Your Rights’ below.
8. To match information collected from you through different means or at different times.
That could include using information collected online and offline, along with information obtained from other sources, including third parties and publicly available sources, to ensure that the information we hold about you is up to date and accurate. These include trusted third parties.
If you do not want us to use your data for direct marketing purposes you can change your permissions by contacting us at any time. Please see “How will we contact you?” below.
How long will we keep your personal information?
We always have your best interests at heart and your personal information will not be retained by the Rainbow Chorus for longer than necessary in relation to the purposes for which it was originally collected, or for which it was further processed, subject to certain legal obligations mentioned below.
We hold personal information relating to:
- donations you’ve made to us
for 7 years since the date of your last donation
- legacy donations
if you indicate that you’d like to leave us a legacy gift we will retain personal data until 7 years after the legacy is received
- entering raffles and competitions
for 5 years
- campaigning on our behalf
for 3 years since you last campaigned with us
- purchases such as merchandise or show tickets
for 3 years
- subscribing to a newsletter
you can unsubscribe at any time
We are legally required to hold some personal information to fulfil statutory obligations, for example the collection of Gift Aid or to support certain financial transactions.
We will also hold information about your details so that we can respect your preferences for being contacted by us.
The law allows you to withdraw your consent to any particular usage of your data at any time without needing to specify a reason. You can withdraw your consent by emailing firstname.lastname@example.org
How will we contact you?
It’s only with your support that we can continue to perform, work with communities around us and spread our message of equality and diversity. That is why we love to keep you posted with news about our work, how your support can make a difference and the variety of exciting ways you can support us in the future.
However, of course, we will not contact you again if you ask us not to. This can relate to all communications with you from the Rainbow Chorus or to certain campaigns or channels of communication. You can update these by contacting us at any time by replying to any of our emails, or getting in touch at email@example.com
How will we handle your information and other organisations?
We will not rent or sell your personal information to other organisations for use by them in any way, including in their own direct marketing activities.
However, where you have given us permission to contact you, we may pass on your information to external service providers to contact you on our behalf.
We may ask external service providers to carry out tracking and analysis on our behalf as described in the cookies policy. For instance, we may pass on hashed out digital data (such as IP addresses) to a media agency to monitor how well our campaigns are performing.
Making our communications relevant to you
We want to ensure that we provide you with information that is relevant to you. In order to do this, we may need to analyse the information we hold on you for supporter analysis and data quality purposes. This analysis includes modelling (e.g. how likely you are to respond to the invitation) and segmenting (looking at people who are similar to you), so that you receive targeted and relevant communication.
This ensures we can spend our charitable donations effectively to obtain the biggest impact to support our charitable objectives. Additionally, as our data is captured from various different sources (e.g. donation or through our website, campaign data), for data quality purposes we will analyse your data to ensure we do not have multiple versions of information on the same person on our database.
Sharing your information with third parties – keeping your information safe
Where we use an external service provider to act on our behalf, we will disclose only the personal information necessary to deliver the service and will have a contract in place that requires the provider to comply with relevant data protection and information security requirements.
How do we handle your financial/donation/payment information?
The Rainbow Chorus will ensure that when collecting sensitive information over the Internet such as debit cards, credit cards or personal information, that this is done securely. We and our partners use TLS (Transport Level Security) to encrypt data sent between the customer and us or our partners.
The Rainbow Chorus uses external Payment Card Industry (PCI) compliant providers to collect this data on our behalf. We do not store PCI data on our own systems.
How to best protect yourself and your personal information
To protect yourself when sending us sensitive information, please ensure that you use devices running supported operating systems that are regularly patched, and incorporate some form of malware protection. Only connect your devices to networks that you trust.
Securing your passwords
Where we have given you (or where you have chosen) a password which enables you to access certain parts our website, you are responsible for keeping the password confidential. You agree not to share that password with anyone else.
Following links to third-party websites
Posting or sending inappropriate content
If you post or send any content that we believe to be inappropriate or content in breach of any laws, such as defamatory content, we may use your personal information to inform relevant third parties such as your internet provider or law enforcement agencies.
Where do we store your information?
The personal information collected from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by individuals operating outside the EEA who work for us or working on our behalf. This includes staff engaged in, among other things, the processing of your payment details and the provision of support services.
By submitting your personal data, you agree to this transfer, storing and processing at a location outside the European Economic Area.
Unfortunately, the transmission of information via the Internet is never 100% secure and we cannot guarantee the security of your data transmitted to our website. This means any such transmission is at your own risk.
In cases when we use external websites provided by other organisations such as Twitter, YouTube or Facebook, then we would ask you to consult their privacy policies.
If you wish to exercise any of your rights, as listed below please write to us at firstname.lastname@example.org or:
1 Ladydell Road,
a. Access to your personal information;
b. Objection to processing of your personal information;
c. Objection to automated decision-making and profiling;
d. Restriction of processing of your personal information;
e. Your personal data portability;
f. Rectification of your personal information; and
g. Erasure of your personal information.
If you make a request relating to any of the rights listed above and we can successfully identify you as the data subject for which you are enquiring, we will consider each request in accordance with all applicable data protection laws and regulations.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.