Privacy statement 

Grow Cardiff takes personal data and confidentially very seriously. Under the General Data Protection Regulation we take a number of steps to ensure that all data held is done so in accordance with this legislation, is stored securely and only used for the express purposes outlined at the point of collection. 

​

Purpose

Grow Cardiff collects data on the legal basis of consent, whereby we ask people to grant us consent to hold their data so that we can contact them about the work we do. 

​

This policy explains what data we keep and how we make sure your data is safe and secure. The personal data we hold is subject to legal safeguards in the General Data Protection Regulation 2018.

​

This policy applies to all staff, interns and volunteers as well as contracted workers. If you have any questions or concerns about this policy, please contact us

​

Personal Information

​

There are pages on our web site that will ask you provide personal information, for example if you wish to be kept informed of our activities oor if you wish to make a donation. How much data we ask for will depend on what you would like to do. If, for example, you wish to receive news of our activities, we will only ask for a name, email address, organisation and a post code; if however you would like to donate or make a direct debit, then you will be asked for more details, including a full address and account details. By providing us with your personal information, you are consenting to the collection and use of that information. 

​

We will not keep your personal information longer than necessary. We will retain that information while you wish us to communicate with you, or while you are donating to us. If you wish us to cease communications, we may need to retain your contact information so that we do not inadvertently get in touch with you.

​

Communicating with you

​

If you use our website to sign up for communications, you will be asked to indicate what you would like to hear about (for example newsletters, campaigns or events). We will only send emails to you about the preference that you have selected. If, in the future, we decide to offer other updates, we will ask you before we send communications on other subjects. We do not currently contact individuals by telephone – we would seek your permission first if we decided to do that in future.

​

Sharing your data

​

We will not sell or rent your data to any other organisation unless there is a legal requirement for us to do so.

​

There are links to social media sites (for example Facebook, Twitter) on our website. Please be aware that, if you choose to follow these links, they may ask for access to your data on their sites.

​

We use third party companies for various purposes, for example, to send emails and to store data. These third party companies are only authorised to use that data in order to provide their service to us and are not permitted to use it for any other reason. We are responsible for your personal information and periodically check these service companies terms of business while they perform services for us.

 

What are cookies?

Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website to provide the users with a tailored experience within this website.

​

What do we use cookies for?

We may use cookies to remember personal settings you have chosen on our website. In no other context do we use cookies to collect information that identifies you personally. Most of the cookies we set are automatically deleted from your computer when you leave our website or shortly afterwards.

​

Some of our web pages may contain links to other web sites where we think those sites may provide information of interest to our readers. We have no liability for those sites and users are advised to check the privacy policy on those sites if they have any concerns.

Access to your information

​

You have the right to request details of personal information that we hold about you. Please send a request in writing to the postal address at the end of this document, giving a description of the data that you would like to see and proof of your identity. We will endeavour to confirm your identity before releasing any information. We may charge a small fee for complying with your request and we will respond within 40 days unless exceptional circumstances prevent us from doing so.

​

Your Rights 

Under GDPR we will comply with all of your rights this includes, your right to be informed, rights of data access and transfer, data rectification, erasure, objection and right to restrict processing. For more information on these rights and how you exercise them please visit the ICO's website. 

To exercise any of these rights please contact us and let us know which right you wish to exercise and we will help where we can. 

​

How you can complain 

If you think we are not responding to a request fully you can complain to the ICO by contacting them here 

​

​