GDPR

Women’s Work will comply with the GDPR principles which require that personal data is:
(i) Processed lawfully, fairly and in a transparent manner in relation to
individuals
(ii) Collected for specified, explicit and legitimate purposes, and not further
processed in a manner that is incompatible with those purposes.

 

Women’s Work (Derbyshire) Ltd Privacy Policy

At Women’s Work, we are committed to protecting and respecting your privacy and personal data.

Who are we?

Women’s Work (Derbyshire) Ltd is a registered charity (No. 1135740) and a company limited by guarantee (No. 7171357). We provide a range of services that support the health and wellbeing of women and children with multiple or complex health and social care needs.

This Privacy Policy explains when and why we collect personal information from people who:

• Use our services
• Are employed by or volunteer with us
• Work with us to achieve the wider aims of Women’s Work
• Visit our website
• Make donations to the charity

It also explains how we use personal data, the circumstances in which it may be shared, and how we keep it secure.
General Data Protection Regulation (GDPR), effective from 25 May 2018, applies to all individuals whose data is held by Women’s Work Derbyshire Ltd. Personal data is stored securely in both electronic and paper formats and is used solely for the administration of the charity’s work and activities.

How do we collect information from you?

We collect most information directly from you when you:

• Make a referral to our services
• Contact us for information
• Complete an assessment or engage with our services
• Are offered employment or volunteer with us
• Use our website, including making donations or grants

We may also collect information through publicly available sources when researching businesses or individuals who may wish to support the charity.

We obtain informed consent from all individuals whose data we collect and hold.

What type of information is collected from you?

The personal information we collect may include:

Service Users:
Name, address, email address, telephone number, health and social care information, agencies involved, next of kin and emergency contact details, demographic information, text, photographs, video.

Website Users:
IP address and information about website usage, including pages accessed and timing. Online donations and payments are processed securely by third-party payment providers; Women’s Work does not store card details.

Staff Members:
Contact details, address, employment history, references, bank details, National Insurance number, demographic information, identity documents, next of kin details.

Volunteers & Trustees:
Identity documents, recruitment and application information, references, contact details, health information, next of kin details.

1 in a Million Participants and Donors:
Name, contact details (email, telephone, address), Gift Aid information, donation and online payment references.

How is your information used?

We may use your information to:

• Process donations and Gift Aid
• Post items purchased through our website
• Deliver our services and meet contractual obligations
• Seek feedback on our services
• Notify you of changes to services
• Send communications you have requested or consented to, including campaigns, appeals, and fundraising activities
• Process salaries, payments, and expenses
• Manage job and volunteer applications
• Review progress, set action plans, and case manage service users
• Support decision-making around appropriate interventions
• Make urgent or safeguarding-related contact
• Evidence work to funders
• Prepare annual reports and accounts
• Support Women’s Work marketing, media, and website content

How long will we keep your information?

We retain personal information only for as long as necessary and in line with legal and statutory requirements. Retention periods are reviewed regularly, and data is securely destroyed or anonymised when no longer required.

Some information, including Gift Aid and funder-related records, must be retained for up to 10 years. Personal data will be held only for the duration necessary for the relevant activity or contract.

Who has access to your information?

We do not sell or rent personal information to third parties and do not share data for marketing purposes.

We may share information with statutory bodies, official agencies, and funders where necessary and lawful.

Third-Party Service Providers:
We may share limited personal information with trusted third-party providers who support service delivery on our behalf. Contracts are in place to ensure data security and prevent misuse.

Information will only be shared with your consent or where required by law, including for fraud prevention or court orders.

Third-Party Product Providers:
Some third parties act as independent data controllers. We recommend reviewing their privacy policies. Appropriate confidentiality and data-sharing agreements are in place with all partner agencies.

Website Payments:
Online donations are processed by secure third-party payment providers specialising in card transactions.

Use of ‘cookies’

Our website uses cookies to collect anonymous statistical information about website usage. Cookies help us improve functionality and provide a more personalised experience. They do not identify individuals.

You can disable cookies via your browser settings; however, this may affect website functionality. Further information is available in our full cookies policy.

Links to other websites

Our website may contain links to external websites. This policy applies only to Women’s Work Derbyshire Ltd. We are not responsible for the privacy practices of other websites and encourage users to review their privacy policies.

Your choices

1 in a Million:
You can choose whether to receive communications from us. We will only contact you for marketing purposes if you have given consent. Preferences can be selected on our data collection forms and changed at any time.

To update your preferences, contact us at:
Email: info@womens-work.org.uk
Telephone: 01332 242525

How you can access and update your information

You have the right to request a copy of the personal information we hold about you and to ask for corrections or removal of inaccurate data.

To request access or updates, contact us by email or telephone. You may also contact the Data Controller directly via 01332 242525.

If you are concerned about how your data is handled, you may contact the Information Commissioner’s Office (ICO):
Website: www.ico.org.uk
Telephone: 0303 123 1113

Security precautions in place to protect your information

We store all data securely within the UK and encrypt mobile data devices. While non-sensitive information transmitted online cannot be guaranteed to be fully secure, we take all reasonable steps to protect your data once received.

If you are issued a password to access our systems, you are responsible for keeping it confidential and must not share or store it insecurely.

18 or Under

We are committed to protecting the privacy of children and young people. Parental or guardian consent is required before collecting or processing personal data relating to anyone aged 18 or under.