Society Foundation

Our Privacy and Data Protection Statement

Last Updated: Tuesday, 6 November 2018

By sharing information with The Society Foundation, you are placing us in a position of trust. This is a responsibility we take very seriously. Any personal data you submit will be treated with discretion. Protecting your personal data is of the upmost importance to The Society Foundation.

All personal data obtained by The Society Foundation is held and processed in accordance with UK data protection legislation. By submitting your personal data to us, you consent to The Society Foundation processing your data in accordance with those principles.

The Society Foundation has a comprehensive Data Protection Policy, which explains how we collect, use, disclose, protect and dispose of the personal data we obtain. The policy is regularly reviewed in order to ensure that we always follow best practice standards.

Your privacy is important to us. This privacy statement explains what personal data we collect from you and how we use it. We encourage you to read the summaries below if you'd like more information on a particular topic.

What personal data do we collect?

In order to operate, The Society Foundation has to collect and process data on organisations that apply to The Society Foundation for funding, or make enquiries to us about funding, and on any of the people within those organisations that they nominate as a point of contact.

You have choices about the data we collect. When you are asked to provide personal data, you may decline. But if you choose not to provide data that we deem necessary, then you may not be able to be considered for funding from The Society Foundation.

The data we collect on individuals is limited to:

However we may also collect the following information about the organisations themselves:

Why would we share your personal data?

We would only share personal data under rare circumstances with vendors or agents we've hired to secure our systems or provide support services to us. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger with another charity.

Finally, we will access, transfer, disclose and preserve personal data when we have a good faith belief that doing so is necessary to:

What is our lawful basis for processing your data?

We have undertaken a careful assessment of our data processing activities, relying on the definitions provided in the General Data Protection Regulation (GDPR) and have determined that our lawful basis is Legitimate Interests (whereby personal data may be processed on the basis that the controller has a legitimate interest in processing those data, provided that such legitimate interest is not overridden by the rights or freedoms of the affected data subjects). This determination is underpinned by a Legitimate Interests Assessment, based on guidance provided by the Data Protection Network. In summary our rationale is:

We believe we have fully considered the necessity and purpose of our processing activities, and that we have given appropriate and serious consideration to the privacy rights of the individuals we interact with.

If the scope or nature of our processing operation changes then this rationale will be immediately reviewed. 

How can you review and control your personal data?

You can request that we show you what data we hold about you, update your data, or delete your data. In order to make a request of this nature, please email info@society-foundation.org or your established Society Foundation contact.

What are your data rights?

You have the following rights:

As applicable under French law, you can also send us specific instructions regarding the use of your personal data after your death.

How secure is your personal data?

The Society Foundation is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit highly confidential data (such as multiple candidate CVs) over the Internet, we protect them with passwords. All our computers have authorised and current anti-virus protection software. No unauthorised software can be installed on our system. Our system is regularly backed up, and these backups are encrypted.

How long will we retain your personal data?

Absent of a request by an individual to have their data deleted, we hold data on all our contacts for a period of time, since we believe people we have previously interacted with will have a reasonable expectation that we remember them and the nature of their previous interactions with us:

What happens if we change this privacy statement?

We will update this privacy statement when necessary to reflect feedback and changes in legislation/regulations. When we make changes to this statement, we will revise the "last updated" date at the top of the statement. We encourage you to periodically review this privacy statement to learn how The Society Foundation is protecting your information.

How can you contact us?

If you have a privacy concern or a question, please contact us. We will respond to questions or concerns within 30 days. You can email us on DataProtection@society-foundation.org. Our main postal address is The Society Foundation, Ariel House, 74a Charlotte Street, London, W1T 4QJ, United Kingdom.