Privacy, data, and Cookies

Privacy and data

Introduction

1. We are Peter’s House Ltd (Registered UK Company Limited by Shares: 11901240) (“PH”) and we operate from 7-9 Henrietta St, Covent Garden, London, WC2E 8QH. The terms “we,” “us,” or “our” refer to Peter’s House Ltd. We are committed to protecting and respecting your privacy.
2. This Privacy Policy, along with any other documents referred to in it, sets out the basis on which we will process and use any personal data about our donors, potential donors, event attendees, patrons, volunteers, interested parties, and visitors (collectively referred to as “individuals”) to our website https://www.peters-house.com (the “website”) that we collect from them, that they provide to us, or that we collect from third parties. Please read this Privacy Policy carefully to understand our practices regarding these individuals’ personal data and how we will treat it.
3. ​​For the purpose of the Data Protection Act 2018 (the “DPA”) and the General Data Protection Regulation (EU) 2016/679 (the “GDPR”), we are the data controllers and are located at 7-9 Henrietta St, Covent Garden, London, WC2E 8QH.
4. We comply with the DPA and the GDPR in respect of the collection, holding, storage, use, and processing of personal data about our individuals, which is held in both manual and electronic records.
5. We may make changes to this Privacy Policy from time to time. If we do so, we will post the changes on the privacy policy page on our website, and they will apply from the time we post them. Individuals should check back frequently to see any updates or changes to this Policy. This Privacy Policy was last updated on 18th August 2024.

‍
What We Collect

1. Personal Data
   1. We collect and use the following types of personal data about our individuals:
      Name;
      1. Postal address;
      2. Phone numbers (home, work, and mobile as applicable);
      3. Email address(es);
      4. Contact preferences;
      5. Information given when registering to use or completing forms on our website;
      6. Information given when registering for any PH event;
      7. Information on payments made;
      8. Information that our individuals give us – for example, when making payments, such as bank account details for setting up regular direct debits, credit card details for processing credit card payments, employer details for processing a payroll gift;
      9. Information given when using our website; and
      10. Information given when taking part in PH’s social media functions or on our website.
   2. Technical Information
      1. We collect certain technical information about individuals’ visits to our website, which may include, for example, IP addresses, login information, browser type and version, pages accessed, files downloaded, full Uniform Resource Locators (URLs), clickstream to, through, and from the website (including date and time), products viewed or searched for, page response times, download errors, length of visits to certain pages, and page interaction information (such as scrolling, clicks, and mouse-overs).
   3. Third-Party Data Collection
      1. We collect some of the personal information set out above directly from individuals and some from third parties. For example, we may receive personal information from individuals when they engage with us through a third-party website, such as Stripe, and the individual has given the third-party website permission to share information with us.
   4. Event Data
      1. We collect some personal information directly from event attendees and some from third parties, such as Eventbrite, when individuals register to attend an event.
   5. Individuals do not have to disclose personal data to us to browse the website or to use our social media sites. However, individuals need to provide certain personal data for us to provide specific services.
   6. Children’s Privacy
      1. We do not knowingly collect personal data from children under 16 without the consent of their parent or guardian. The safety of children is very important to us.
2. In cases where we process data related to religious beliefs or other sensitive categories, we ensure that this is done in full compliance with GDPR Article 9, requiring explicit consent for such processing unless other legal bases apply.

Website Cookies

1. Our website uses cookies to distinguish individuals from other users and to help us provide a better experience when they browse our website. Cookies also allow us to improve our website. For detailed information on the cookies we use and why we use them, please see our Cookie Policy further down.

How We Use Information

1. We obtain, collect, record, hold, store, organise, adapt, alter, retrieve, consult, disclose, destroy, and otherwise use personal data as set out in this Privacy Policy for the following purposes:
   1. Providing individuals with the products, services, and information they request from us;
   2. Corresponding with individuals and recording any relevant communications;
   3. Sending marketing information to individuals, where they have consented;
   4. Keeping records of payments made and actions taken by individuals;
   5. Soliciting due payment;
   6. Supporting staff and/or volunteers;
   7. Recording campaigning activities by individuals;
   8. Performing our obligations under any contracts that we enter into with individuals;
   9. Informing individuals about changes to our services;
   10. Ensuring that content from our website is presented effectively for individuals and their devices;
   11. Administering our website for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
   12. Improving our website to ensure that content is presented most effectively for individuals and their devices;
   13. Allowing individuals to take part in interactive features of our services if they choose to do so; and
   14. Keeping our website safe and secure.

How We Share Information

1. We will only share individuals’ personal data under the following conditions:
   1. With Selected Partners
      1. We may work with carefully selected partners to carry out work on our behalf, such as service providers and sub-contractors (e.g., IT service providers, payment processors). These partners are bound by contract to keep your data secure and to use it only as instructed by us.
   2. Legal Obligations
      1. We may share personal data if legally required to do so, such as by law or by a court order.
   3. Medical Emergencies
      1. We may share personal data in the event of a medical emergency where the information must be shared for the benefit of the individual’s health and/or wellbeing.
2. Any third-party service providers we engage are required to comply with GDPR and DPA standards, ensuring that your data is handled securely and in accordance with applicable laws.

We will not sell individuals’ information or share it with other organisations, except as stated above.

Legal Basis for Processing Information

1. We rely on various legal bases to justify our processing of personal data, including:
   1. Consent
      1. Where individuals have given their consent to the processing of their personal data for specific purposes. Individuals may withdraw their consent at any time by contacting us using the details in the “Contact and Complaints” section, but this will not affect the lawfulness of any processing carried out before withdrawal.
   2. Legitimate Interests
      1. Processing is necessary for our legitimate interests, such as processing payments, answering queries, conducting research, and delivering services.
   3. Contractual Necessity
      1. Processing is necessary to perform a contract to which the individual is a party or to take steps at the individual’s request before entering into a contract.
   4. Legal Obligations
      1. Processing is necessary for compliance with legal obligations, such as sharing personal data where legally required.
2. When processing personal data based on our legitimate interests, we conduct a legitimate interest assessment to ensure that such processing is necessary and does not override your rights and freedoms.
   ‍

Where We Transfer and Store Information

1. Personal data we collect may be transferred to and stored at destinations within the UK or the European Economic Area (EEA). We ensure that adequate protection for such data is in place, complying with applicable laws.
2. All information provided to us is stored on secure servers, including those of our IT service providers. Payment transactions are encrypted using TLS technology. Where individuals have chosen a password to access parts of our website, they are responsible for keeping this password confidential.
3. Although we strive to protect individuals’ personal data, the transmission of information via the internet is not completely secure. Any transmission is at the individual’s own risk. Once we have received personal information, we use strict procedures and security features to prevent unauthorised access.
4. We retain personal data only for as long as necessary:
   1. To manage our relationship with individuals;
   2. To comply with legal obligations; or
   3. To avoid communicating with individuals who have asked not to be contacted.
5. If we transfer personal data outside the UK or EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data in accordance with GDPR requirements.

We regularly review the personal data we collect and hold to ensure that it is only kept for an appropriate length of time. Individuals may withdraw consent to data processing at any time by contacting us using the details provided in the “Contact and Complaints” section.

Individuals’ Rights

1. Individuals have the following rights regarding the personal data we hold:
   1. Access
      1. Individuals may request confirmation of whether we are processing their personal data and, if so, access to the data and other related information.
   2. Rectification
      1. Individuals may request that we correct any inaccurate personal data or complete any incomplete data.
   3. Erasure
      1. Individuals may request that we erase their personal data under certain circumstances, such as when the data is no longer necessary for the purposes it was collected.
   4. Restriction
      1. Individuals may request that we restrict the processing of their personal data under certain circumstances, such as if they contest the accuracy of the data.
   5. Data Portability
      1. Individuals may request a copy of their personal data in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller.
   6. Objection
      1. Individuals may object to the processing of their personal data in certain circumstances, including for direct marketing purposes.
   7. Automated Decision-Making
      1. Individuals have the right not to be subject to decisions based solely on automated processing, including profiling, and may request human intervention.
2. We will process all personal data in line with individuals’ rights in accordance with applicable law, including any time limits and requirements regarding fees.
3. Individuals can exercise their rights by contacting us using the details provided in the “Contact and Complaints” section of this Privacy Policy.
4. If you believe that your data protection rights have been violated, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Contact and Complaints

1. Questions, comments, requests, or complaints regarding this Privacy Policy or our use of personal data should be addressed to the company director at info@peters-house.com or 7-9 Henrietta St, Covent Garden, London, WC2E 8QH.
2. Individuals may also contact the UK Information Commissioner’s Office (ICO) by telephone on 0303 123 1113 or by visiting the ICO website if they have any complaints regarding this Privacy Policy.
3. We are not a ‘public authority’ as defined under the Freedom of Information Act 2000 and will not respond to requests for information made under that Act.
4. For more information about your rights or to make a complaint, you can visit the ICO’s website at https://ico.org.uk
   ‍

‍

Cookies

Introduction

1. Peter’s House Ltd (“us”, “PH”, “we”, or “our”) uses cookies on the https://www.peters-house.com website (the “Service”). By using the Service, you consent to the use of cookies.
2. This Cookie Policy explains what cookies are, how we use cookies, how third-parties we may partner with may use cookies on the Service, your choices regarding cookies, and further information about cookies.

What Are Cookies?

1. Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third party to recognize you and make your next visit easier and the Service more useful to you.
2. Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal computer or mobile device when you go offline, while session cookies are deleted as soon as you close your web browser.

How We Use Cookies

1. When you use and access the Service, we may place a number of cookies files in your web browser.
2. We use cookies for the following purposes:
   1. To enable certain functions of the Service: We use both session and persistent cookies on the Service, including essential cookies to authenticate users and prevent fraudulent use of user accounts.

Your Choices Regarding Cookies

1. If you would like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.
2. Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, store your preferences, and some of our pages might not display properly.