Safeguarding your privacy is important to us at Forget-me-not Chorus and we are committed to letting you know how we use your personal information and data. Forget-me-not Chorus will only contact you through your selected method(s) of communication to provide the products and services you have requested from us.
This policy explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We may change this policy from time to time, so please check our website occasionally to ensure you are happy with any changes. By using the Forget-me-not Chorus website, you are agreeing to the terms of this policy.
Data protection law:
The General Data Protection Regulation (GDPR) applies in the UK and across the EU from May 2018. It requires personal data shall be:
Processed lawfully, fairly and in a transparent manner in relation to individuals;
Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research or statistical purposes shall not be considered to be incompatible with the initial purposes;
Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by GDPR in order to safeguard the rights and freedoms of individuals;
Processed in a manner that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
The controller shall be responsible for, and be able to demonstrate, compliance with the principles. Forget-me-not Chorus will keep senior management, staff and board updated about data protection issues, training, risks and responsibilities.
Who we are
The Forget-me-not Chorus supports people with dementia and their families through weekly singing sessions. We have five choirs in Cardiff North, Cardiff South, Newport and for residents of Penylan House and Nazareth House, Cardiff.
The Forget-me-not Chorus is a registered charity No. 1151812
What information do we collect?
The personal information we collect might include your name, title, email address, postal address, telephone numbers, your role within an organisation and in addition to this, if you are accessing our website, your IP address and information on what pages are addressed - and when. This is received anonymously through the medium of Google Analytics and recorded every three months.
We may also obtain personal information about you from other sources, such as if a family member or friend contacts us on your behalf. We may combine information you provide to us with information available from external sources to gain a better understanding of our audiences, visitors, and supporters to improve our fundraising and marketing methods. These sources include:
We may use your image on social media feeds, in films, on our website and for marketing, publicity and fundraising events and printed literature. On Social media to broadcast messages and updates about events and news.
On occasion we may reply to comments or questions you make to us on social media platforms. You may also see adverts from us on social media that are tailored to your interests.
Information available publicly
This may include information found in places such as Companies House, your biography on your work website or information that has been published in articles/ newspapers e.g. LinkedIn.
Your personal data will be held and processed on our system and managed by relevant staff. Where possible we aim to keep a single record for each member. Your data is always held securely. Access to member information is strictly controlled. Our system can only be accessed by people who need it to do their job. Certain data, for example some sensitive information, is additionally controlled and is only made visible to members of staff who have a reason to work with it.
What we use your personal information for
We aim to be clear when we collect your data and not to do anything you wouldn’t reasonably expect.
If you sign up for an event, donate or become a friend, contact us via the website or email, make a Gift Aid donation or join our mailing newsletter list we usually collect your name, address, phone numbers, email address, and notes about your connection to us. Third parties will also collect data about your payment methods when donating for example; Charities Aid Foundation or BT My Donate.
Where it is appropriate (and you have the right to decline to give this information) we may also ask for your age, gender, ethnicity, information relating to your health or, if donating, why you have decided to donate to us.
We use this data to provide you with the events, newsletters, volunteering and job opportunities, services, or information you asked for, ensure we know how you prefer to be contacted, understand how we can improve our communications or events, administer your donation or to process Gift Aid.
You can contact us at any time either by phone, email or post and make your preference as to what we send you. You can receive marketing and fundraising communications from us by email or post. We will not contact you for marketing and fundraising purposes unless the box is ticked. We will include opt-out instructions in any marketing or fundraising communications you receive from us.
‘Cookie’ is a name for a small file, usually made up of letters and numbers, which is downloaded onto your device such as a computer, mobile phone or tablet when you visit a website. They let websites recognise your device, so they can work better and gather information about how you use the site. A cookie by itself cannot be used to identify you.
What type of cookies do we use?
We use the categorisation set out by the International Chamber of Commerce in their UK Cookie Guide.
We use three categories of cookies:
· Strictly necessary cookies are essential for you to move around our website and to use its features, like our shopping basket and your account.
· Performance cookies collect anonymous information about how you use our site, like which pages are visited most. No information that identifies you is kept.
· Functionality cookies remember choices you make to improve your experience, like your text-size or location. They may also be used to provide services you have asked for, such as watching a video or commenting on a blog. They are anonymous.
You can opt out of all our cookies (except the strictly necessary ones). Find out how to control and delete cookiesin your browser. But, if you choose to refuse all cookies you may not be able to use our website properly.
Giving you control
With your consent, we will tell you about events, concerts, job opportunities, volunteering opportunities, fundraising events, and newsletters.
Occasionally, we may include information in these communications from partner organisations or organisations who support us. We make it easy for you to tell us how you want to hear from us. You can opt out from these marketing communications at any time - every email sent to you will tell you how to do this.
We do not sell personal details to third parties for any purpose. We will only share personal details for the purposes of marketing if you have given explicit consent for us to do this. But if we run an event in partnership with another named organisation your details may need to be shared in order that they can help us run the event.
If you have opted out of marketing communications, we may still get in touch with you. For example, we may email you to give you important information about the events you’ve booked or to tell you about any changes or cancellations.
We will give you the opportunity to opt out, at any time, from any marketing or fundraising email communications and postal fundraising communications you receive from us.
Forget-me-not Chorus as a charity and how we respect our donors
We rely on charitable support to maintain our programme and to make this available to as many people as possible.
You can opt in to receive information about supporting Forget-me-not Chorus, over the phone, via email, letter or in person. We will tell you about our current campaigns that we think are most relevant to you, ways that you can make a real difference to our projects, and invitations to events where you and your family can get closer to our choirs and projects and get involved.
We want to ensure our communications to our supporters are personal, relevant, and timely and we want to give you an enhanced experience. We may analyse geographic, demographic, and publicly available information relating to you to better understand your interests, to send you the most relevant communications and to give you an exceptional experience at our events.
Our donors tell us that tailored and relevant communication is a priority for them and we constantly review this and listen to you to make sure we are getting this right. In addition, we invite some people who might be interested in joining one of our supporter groups to special events e.g. drinks receptions or rehearsals or to tell you about extra benefits including priority booking. Guests we invite might include current supporters, members, people who have given donations in the past, audiences who attend concerts and events. We make sure that our invitations are appropriate and cost effective.
We invite a select number of guests to our events as places are limited but host several events a year to meet as many of our supporters as possible. If you haven’t had an invitation but would like to attend, you can get in touch with the team. Email us
Third party organisations
Sometimes we ask you to provide sensitive information, about a family member who is living with dementia or their carer. As with all the personal information we hold, sensitive information is held securely and restricted to those who need to use it. We will delete sensitive information when we no longer need it
You have the following rights related to your personal data:
The right to request a copy of personal information held about you
The right to request that inaccuracies be corrected
The right to request us to stop processing your personal data
The right to withdraw consent
The right to lodge a complaint with the Information Commissioner's Office or Fundraising Regulator
Ongoing documentation of measures to ensure compliance
Meeting the obligations of the GDPR to ensure compliance will be an ongoing process. Forget-me-not Chorus details here the ongoing measures implemented to:
Maintain documentation/evidence of the privacy measures implemented and records of compliance.
Regularly assess the privacy measures implemented and maintain records of the testing and outcomes.
Use the results of testing, other audits, or metrics to demonstrate both existing and continuous compliance improvement efforts.
Keep records showing training of employees on privacy and data protection matters.
We hope that our content is useful to you.