Privacy Notice
We will treat your data with respect and in accordance with the requirements of the Isle of Man Data Protection Act 2018 (Also commonly referred to as the “Applied GDPR”).
What is personal data?
By “Personal Data” we mean any information that might allow you to be identified, such as your name, address, date of birth, credit card details, I.P. address, photo or video image or voice recording.
When Forget Me Not collects your Personal Data – and what Data is collected
Marketing, events, and fundraising
The Personal Data we collect might include name, address, email address, telephone numbers, date of birth, I.P. address and credit card details and bank account details.
Volunteering with us
If you volunteer with us we will need to collect Personal Data such as your name, age, address and gender.
Using our website
If you use our website (we store data about your internet browser, I.P. address, the timings of your visits, and a record of which pages you looked at. Please refer to the “Cookies” section for more detail).
When Personal Data is used by Forget Me Not
We may use your Personal Data for:
- Dealing with your enquiries, requests, complaints, and compliments
- Processing your donations and orders made online
- Providing you with information about our work, activities, events and services
- Complying with our legal obligations
- Where we have a legitimate business reason
- Where we have your informed consent. Please refer to the “Your Consent” section.
- Providing and personalising our services
- Administering membership records
- Fundraising administration
- Conducting market research
Your Consent
Where there is no legal obligation or legitimate business reason for us to collect, process, or store your Personal Data we will request your consent. We will give a clear explanation of the purpose(s) for which your Personal Data is being collected, processed, and retained. Where consent is necessary, we will ask for it to be given by a positive “opt-in” choice. Sufficient information will be provided for an informed choice to be made. The Personal Data will not be used for any other purpose without additional consent being obtained. We will also make clear how consent can be withdrawn.
Keeping your Data secure
We have in place physical, electronic and managerial procedures to safeguard and secure the Personal Data we collect.
All of our business partners have provided statements on how they keep your personal data safe and secure in compliance with the relevant data protection legislation.
All our volunteers and business partners, who have access to, and who are associated with the processing of Personal Data, are legally obliged to respect its confidentiality.
Sharing of Personal Data
Your Personal Data is not shared with other organisations unless we have your consent to share it; or where we have a legal obligation, or legitimate business reason, to do so. Your Personal Data is not sold to any organisation.
Retention of Data
We will only retain Personal Data for as long as we have a legal, or legitimate business reason, for doing so. We will not retain Personal Data if you have unsubscribed from one of our mailing lists or if you have exercised your right to have it erased.
Cookies
A cookie is a small text file created by the web server and saved on your PC’s hard drive. The next time you visit the web site the web server will check to see if you have this cookie. If you do, the web server will be able to read its contents. If you do not want to receive cookies or if you would prefer to be prompted first you should check the settings in the ‘Internet Options’ of your web browser. If you are not sure on how to check or alter these setting you should contact your software provider or support engineer.
Some information is held and processed by our Internet Service Provider and Mailchimp, but it is only held and processed for and on our behalf and under our instruction.
Aggregate information is used to show us the total number of visits to our web site and which parts of the site are used the most. Aggregate information does not identify individuals, as it does not contain any personal data. This information helps us in developing our web site and improving the service we offer you.
Changes to our Privacy Notice
This Notice may be amended in the light of any changes in legislation, or as the result of guidance from the Isle of Man Information Commissioner.
Your rights
The Applied GDPR gives increased provision for individuals to exercise their rights, namely:
- The right to access to your Personal Data (through a ‘subject access request’).
- The right to the rectification of inaccurate Personal Data
- The right to request erasure of your Personal Data
- The right to seek a restriction on the Personal Data we process
- The right to Data portability. You can ask us to give another organisation the Personal Data we hold
- The right to object to us processing your Personal Data
- The right not to be subject to automated decision-making based solely on your Personal Data
- The right to complain about the way we have treated your Personal Data
It should be noted that these rights are not “absolute” and, whilst we make all reasonable efforts to comply with requests we receive, there may be reasons why the exercising of your right(s) cannot be complied with. If this is the case we will tell you.
Exercising your rights
If you wish to exercise your rights please contact us (See “How to contact us”) – or, alternatively, you can complete our Subject Access Request Form.
How to contact us
Please contact us if you have any questions or concerns about our Privacy Notice or the way we treat your Personal Data. You can contact us:
• By email: fiona@forgetmenot.org.im
• Or write to us at: Data Protection Officer, Forget Me Not, 2 The Courtyard, Tromode Road, Douglas, IM2 5EJ
If you are not happy
We would hope that any queries or concerns that you may have regarding our use of your Personal Data can be easily resolved; however, we do recognise that sometimes things can go wrong – or you may feel that we have not acted as you think we should have. If this is the case, or you do not want to raise the matter with us first, you have the right to make a complaint to a supervisory authority. In the Isle of Man the supervisory authority is the Information Commissioner’s Office. Their contact details are as follows:
Isle of Man Information Commissioner
First Floor, Prospect House
Prospect Hill
Douglas
Isle of Man
IM1 1ET
Telephone: +44 (0)1624 693260
You can also access their website: www.inforights.im