What you can do

Privacy policy

Our relationship with you is really important to us.

Without your support, we won’t be able to achieve our mission of creating a world where everyone is accepted without exception.  Because of that, we want to make sure that you know you can trust us, and trust how we use the personal information you share with us. This policy explains in a clear and transparent way how we collect information, how we use it, and how we keep it safe.

In it, we’ll cover the following:

Who we are

We are Stonewall Equality Limited, a registered charity in England and Wales (charity number 1101255) and Scotland (charity number SC039681). Our charity is registered with the ICO (Information Commissioner’s Office) as data controllers. Our registration number is Z8271579.

For the purposes of this policy, references to ‘we’, ‘us’ and ‘Stonewall’ mean Stonewall Equality Ltd.

Why we collect information

Speaking plainly, information (or data) is at the heart of what we do as an organisation. It means we can function as a charity and do things like collecting donations, claiming Gift Aid, running our lifechanging membership and empowerment programmes and keeping in touch with you so you can be part of our campaigns and activities. It allows us to keep track of how you personally prefer to be contacted (and what kinds of contact you definitely don’t want!) so we know how to communicate and how not to communicate with you.

How we use information we collect from you

The main ways in which we use the information you provide to us is to complete and action or deliver a product or service to you that you have reasonably requested. This may include but is not limited to processing a donation (including claiming Gift Aid, where you have asked that we do this), delivering programmes and training, running our memberships programmes and conduct research. We will also use your information to help provide you with goods and services that you’ve bought or requested from us.

We may also use the information you have provided to get in touch with you about our work, unless you have specifically told us not to. Please note that we will not send you emails or text messages about our work unless you have specifically asked us to.

How we collect information

We collect information when you:

  • Make a donation to us, either by post, online (either directly or by using a third party donation platform such as JustGiving, Virgin Money Giving or Everyday Hero), over the phone or via SMS/text donation. We also collect information about you when you make a donation to us through setting up a standing order or Direct Debit, or donating via payroll giving (Give As You Earn)
  • Become a Stonewall Friend
  • Become a Stonewall Ambassador
  • Join our workplace inclusion programmes
  • Respond to one of our postal mailings or emails
  • Complete a campaign action online (signing a petition, for example)
  • Sign up to our e-newsletter
  • Make a purchase from our online shop
  • Sign up to one of our inclusion events (conferences and empowerment programmes for example)
  • Sign up to one of our fundraising events
  • Register as a Community fundraiser or volunteer
  • Create an account to use our Proud Employers website
  • Submit an application to the Workplace Equality Index (WEI) or Education Equality Index (EEI) (For more specific information on these please click the respective index)
  • Agree to or enquire about leaving a legacy, an in-memory or a tribute donation
  • Cookie information when you visit our website
  • Sign up to work with us during a Pride event
  • Interact with us over the phone, or on social media
  • When you apply to work for Stonewall
  • Contact Stonewall through our information service by phone or email
  • Interact with us in some other way

How we will not use the information we collect from you

We will never sell your data, and we will never share it with other organisations for the purposes of their own marketing. We are not involved in any data swapping schemes.

How long we keep information for

Our standard practice is to only hold your data for as long as it is required. This will vary depending on the activity for which the data is being used. However, we are wholly aware of our obligations under the Data Protection Act and the GDPR, and we make every effort to ensure that we only hold on to your data for as long as it is required.

In terms of physical records, by company law we are required to retain information related to donations (such as donation forms and correspondence) for seven years (six years from the end of the financial year it is collected), at which time it gets securely destroyed.

We also use a supporter database to keep a record of your interactions with us. This includes financial information such as donation history or non-financial information, like details of a telephone call to our supporter care team. This information is incredibly valuable to us for fundraising and reporting purposes, and for better understanding the variety of people who support Stonewall, so we can better plan and position our campaigns and appeals.

Because data is such a key part of helping us to achieve our goals, we have set out the following retention schedule:

Where you have made a financial contribution or commitment to our work, as a donation, legacy gift or otherwise, we will retain your information indefinitely (unless otherwise requested).

We have made this decision for two reasons – firstly because it helps us to identify the context surrounding legacy donations. Another reason is that in our experience, it is worthwhile investing in re-engaging supporters in these groups.

Where you do not fall into one of these groups (for instance, if you have only ever signed one of our petitions) we will retain your information for a period of time we feel proportionate to our business aims and your level of engagement.

It is, of course, your right to ask that your information is erased from our records whenever you wish, but please be aware that when we do, we will lose all of your preferences, including requests to opt out from certain types of communications. See information below about your rights.

Marketing, profiling and screening

As a charity that invests responsibly in fundraising, we operate a number of programmes to raise money from individuals. This includes sending you letters and other sorts of mail, emails, calling you on the phone and sending you text messages. The law varies depending on the channel we use to get in touch with you, but in line with our obligations according to the Data Protection Act 1998, the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, we may contact you as follows:

Post: we send post to our supporters except where you’ve specifically told us you don’t want to receive post from us.

The mailings we send out include a number of postal appeals focused on different elements of our work. We also send out our supporter magazine, to give you a closer look at the work we’re doing. We could also get in touch with you about the different ways you can support us, such as through supporter fundraising, attending a programme or by leaving a legacy. You have the right to tell us what types of mailings you’d like to receive (for instance, if you’d prefer to receive just our postal appeals or if you’d rather not receive our supporter magazine). If you’d like to discuss your preferences, please get in touch.

If you want to stop receiving postal mailings from us, you can always let us know or you can opt out through the Fundraising Preference Service. We aim to act on your request within 3 working days of receipt, but it can take up to 28 days for you to stop receiving mailings from the time you send us your request.

Email: we send out a number of email alerts to keep you up to date with our work, and to let you know how you can help.

We only send out marketing emails where you have specifically consented to receive them, and you can unsubscribe at any time, either by letting us know or by clicking the unsubscribe link at the bottom of every marketing email we send. You can also opt out through the Fundraising Preference Service.

The most effective way to opt out of receiving marketing emails is by clicking the unsubscribe link at the bottom of each message, as this is actioned instantly. When you use another method to opt out of receiving marketing emails (such as by calling us), this may take a little longer to action, although we aim to honour all opt-out requests within 3 working days of our receipt, but it can take up to 28 days from the time of your request for you to stop receiving emails

Phone: we find telephone fundraising a really effective way to connect with our supporters, so we may occasionally call you to let you know about additional ways of supporting our work if you’ve provided us with your telephone number. Phone calls may be recorded for training and quality purposes.

At the moment, we call our supporters who have indicated they are happy to hear from us by phone, with some exceptions. These are where you have specifically told us that you wouldn’t like to receive phone calls from us, or where you’re signed up to the Telephone Preference Service. Please note, we will always check if you are registered with the Telephone Preference Service before calling you regarding any marketing activity from us unless you have explicitly opted to receive telephone calls from us.

You can opt out of receiving fundraising phone calls by letting us know, or you can opt out through the Fundraising Preference Service.

We try to action all opt-out requests as quickly as possible but we do produce telephone calling files in advance to save on costs. We will action requests to be removed from calling lists within 3 working days, but it can take up to 28 days from the time of your request for you to stop receiving calls.

SMS: where you’ve provided us with a mobile phone number, we may also send you text messages about our work, but only if you have specifically asked us to.

If you’d like to opt out, you can either reply to our messages with a request to opt out, let us know or opt out via the Fundraising Preference Service. Text requests to opt out are actioned instantly, otherwise we aim to act on opt-out requests within 3 days of receipt, but it can take up to 28 days from the time of your request for you to stop receiving texts.

Profiling

In order to make our messages to you more relevant, we may use your personal information to create a profile of your interests and preferences. What this means is that we could use pieces of information you’ve either given us directly (such as your age or location) or your behaviour (your donation history, including the amount, frequency and method through which you give, or any campaign actions you’ve taken, including signing petitions) to create a profile. This not only gives us an idea of who our supporters are, but also helps to make sure that when we get in touch with you or ask you to take an action on our behalf, it is done in a way which is relevant and tailored to you.

This enables us to identify supporters who are likely to be able to help us either in a financial or non-financial capacity, and it’s also an effective way for us to maximise the use of our marketing budget, so we’re able to help further our cause with the resources we have available to us.

We consider this one of our legitimate interests and as such have considered our position carefully to ensure that any activity is implemented in a fair and balanced way, taking into account your rights as an individual. It is your right to opt out of your information being used for profiling, and there is information on how to do this at the end of this section.

Screening

Additionally, as part of our legitimate interests, we have considered that screening is an effective way for us to ensure that we are contacting you with appropriate and relevant messages. We operate a number of different programmes to nurture support and want to make sure that when we make a request of any of our supporters, it’s an appropriate one. As such, we do make use of third-party wealth screening companies who combine information we provide with publicly available information to help us determine which of our supporter programmes any particular supporter is best suited for. While this does form a crucial part of our strategy to secure voluntary income, it is your right to be able to opt out from your information being screened, and details of how to do this are at the end of this section.

Publicaly available information

As part of the work we do, we occasionally carry out research of our own to identify individuals in the public spotlight who may be interested in supporting Stonewall, and also to gain additional insight into current supporters of significant public standing. This practice, known as desk research, makes use of publicly available information through sources such as published rich lists, newspapers and corporate websites, and aids us in identifying opportunities for new major donors, event sponsorship, corporate partnerships, event speakers and media opportunities.

We may also carry out desk research in the following areas: prospective organisations in the public, private and third sectors who may be interested in joining our workplace programmes. From time to time we may contact prospective schools who may be interested in attending one of our programme delivery sessions and in turn joining our education programme.

Your rights - opting out of screening or profiling

It is your right to opt out of your information being used for any sort of profiling and screening. If you would like to do this, please send a request either to supporter.care@stonewall.org.uk or call us on 020 7593 2291.

Sharing information

So that we are able to provide you with the high level of service we pride ourselves on, and to make the most of the resources available to us, we work with a number of contracted suppliers who on our behalf help us carry out various important tasks. This could include sending out post or making phone calls, processing and banking donations and sending out thank you letters. As a result, when you deal with us, you can expect your information to be shared with our contracted suppliers in a safe and secure manner.

These suppliers have all entered into an agreement to handle information we supply them in a confidential and secure way in accordance with our instructions. They have all been through a vetting process and we make interim checks to ensure that their processes remain secure and robust. These organisations will never use your details for reasons beyond the scope of our interaction with them.

At the same time, we make use of cloud-based systems (hosted databases, email servers and service providers) to help us provide you with an optimal supporter experience. Although it is only Stonewall personnel who use and access these systems, the information within them is securely stored on and off-site.

The suppliers and systems we use can be based in different countries, which sometimes fall outside the European Economic Area (EEA). Where this is the case, we always ensure that adequate safeguards are in place to protect your rights by way of contractual agreements with these suppliers.

Security

We have put extensive measures in place to protect your information, both on and offline. As an organisation, we are PCI-DSS compliant and have implemented strict policies and procedures to ensure that we handle, process, and store data in a secure way, both on and offline.

Where we have control system of transfer, all information transmitted to us electronically is transferred in a secure way, using industry-standard technologies. In addition to this, online card payments are handled securely by our partners, and all online payment information is stored securely by them. Our IT network is secured with a number of safeguards including firewalls and antivirus packages which are regularly updated and secured against malware and ransomware. Network passwords are regularly changed and all staff are trained in matters of data protection.

The security protocols of our contracted partners (referenced in the section above) are equally robust and are checked and monitored as part of our vetting process. More information about the security standards of our partners can be found in their privacy policies. For details of these, please get in touch.

Cookies

Cookies are small pieces of code which are downloaded to your computer or mobile device when you visit a website, allowing us to recognise your device on subsequent visits. We use cookies to monitor the status of our website and ensure that it is running efficiently, and we also use cookies to remember your preferences. Cookies are anonymous and are not linked to any personal information.

You can find out more about our use of cookies in our Cookie Policy.

Your rights

As a charity, we have put this policy together to give you more control when it comes to your information and how we may use it. When considering the law in this area, you are afforded certain rights in terms of viewing the information we hold about you, correcting that information if necessary, and asking us to delete it should you like it to be erased.

In addition to this, you have the right to request that we do not use information we hold about you for the purposes of screening or profiling, and you also have the right to update marketing and fundraising communication preferences. You can do this by opting in or out.

To exercise any of your rights, please get in touch.

Accessing the information we have about you (Subject Access Requests)

You have the right to request a copy of the information we hold about you. This is known as a Subject Access Request.

To make a Subject Access Request, please make a request in writing, addressed to:

Data Protection Officer
Stonewall Equality Ltd
192 St John Street
London
EC1V 4JY

We may ask you to fill in a form in order to help expedite your request, prove your identity or to provide more detail regarding your request.  

We aim to complete your request within 30 days of our receipt. We may extend the period by a further two months where requests are complex or numerous. If this is the case, we will inform you within one month of the receipt of the request and explain why the extension is necessary.

Correcting the information we hold about you

It is also your right to correct the information we hold about you, for instance, if you have changed your address or phone number.

We aim to act on these sorts of requests within a week of our receipt.

Deleting the information we hold about you

You have the right to ask us to delete the information we hold about you. Whilst we are duty bound to comply with your request, this is different from opting out and means that we will erase all history of our interaction with you, as far as our legal obligations allow. We will also lose all history of your preference requests, including opt-outs and unsubscribes. This means that if you re-engage with us in the future, we will have no record of your prior preferences and may end up contacting you according to the rules we have set out in this policy.

Please note that in line with our legal obligations, we are required to hold on to all information pertaining to donations for a period of seven years (six years from the end of the financial year it was collected). Should you wish for us to erase the information we hold about you, we will happily comply whilst retaining the bare minimum of information required for us to fulfil our statutory obligations.

Opting out of fundraising communications and profiling/screening

Even if you have given us your consent to receive marketing communications, it is your right to withdraw this consent (opt-out) at any time. We aim to act on requests of this kind within three working days of our receipt, although because we brief and prepare our communications in advance, it can take up to 28 days from the time of your request for contact to cease.

In the same way, you have the right to object to any processing we carry out as a result of our legitimate interests, including any profiling or screening activity we either carry out directly or through one of our partners.

How to get in touch with us

You can get in touch with us in the following ways.

By post:

Supporter Care Team
Stonewall Equality Ltd
192 St John Street
London
EC1V 4JY

By email: supporter.care@stonewall.org.uk

By phone: 020 7593 2291

Updates to this policy

We may update this policy from time to time. If we make any material changes to this policy we will let you know, should we have the sufficient permissions to do so. We will at this time also make it clear on our website that we have updated our terms.

This policy was last updated May 2018. Its version number is v1.0.