Privacy Policy

How do we collect information?

We collect personal data to help us to process requests, keep in touch with you and to help us to interact with you in the most effective way. We will collect information about you when:

• You directly provide personal information to us, including during the membership application process
• You sign up as a GNDR network member
• You sign up to our newsletter
• You attend a webinar or event organised by GNDR
• You make a donation 
• You respond to GNDR surveys
• You interact with our social media posts and accounts including Facebook, LinkedIn, YouTube and Twitter
• You contact us about our work through the following channels: online, email, phone, social media or by post
• You work for GNDR, or apply for a role at GNDR
• You implement a GNDR project with a full member organisation 
• You visit our website – some technical information will be gathered as you navigate through our website. GNDR will use some of this information in order to provide you with a better experience of our website.

What information do we collect?

GNDR currently collects and processes the following information: 

• Members: Personal and organisational information (names, job titles, contact details, age and gender, location/address, website usage data, and interests with respect to disaster risk reduction

• Supporters: Personal names, contact details and preferences, donation information, whether you have signed up to the Gift Aid scheme, and website usage data.

How do we use your personal information?

Member personal information

We will use your information for the following purposes when it is both yours and our legitimate interests to do so:

• To understand members’ interests in disaster risk reduction and facilitate connection and collaboration with other CSOs
• To organise logistical aspects of GNDR events and activities
• To support the governance structure during NFPs and Board elections.
• To offer tailored capacity strengthening exchange with members
• For members involved in implementing projects with donor funds accessed through GNDR, the information allows us to manage those donor contracts effectively.

We may share this information with other GNDR members, and if involved in a donor project, then with the specific donor for that project.

Supporter personal information

The personal information GNDR processes is provided directly by you when you choose to donate to GNDR for one of the following reasons:

• To provide you with the information or service you have requested
• To process donations and any Gift Aid attached to the donation
• To check with you on how you want us to contact you, and record these preferences
• To provide you with updates on GNDR activities, highlighting the impact of your support
• To share details of events you may be interested in

We will make sure that we consider why we are processing your personal data and identify our legal basis for doing so. Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information is:

• Consent given by you. You are able to remove your consent at any time; members can do this by logging into the Community Platform and going to your profile. Supporters can do this by contacting philanthropy@gndr.org. 
• For members involved in donor funded projects, GNDR has a contractual obligation
• We have a legitimate interest

How do we protect your personal information?

GNDR uses a combination of organisational and technological measures to ensure that your information is securely stored, and that we only keep it as long as it is reasonably necessary. All personal data is held on our IT equipment and servers hosted by:

• Salesforce, which stores data in the USA
• Google which stores data in the USA
• From time to time we may use third party survey providers to access feedback 

For members, we keep your personal information for two years after the last activity in the network (opening a communication, logging into the Community Platform). We will then seek to contact you prior to deleting your information from our systems.

We will never sell or share your personal information with another organisation for marketing purposes.

We use external organisations to collect and/or process your personal information on our behalf. This includes:

• Salesforce – CRM for membership engagement
• Google – website analytics and surveys
• Mailchimp – email supplier 
• Raisely – fundraising platform
• Stripe – payment gateway

Your data protection rights

Under data protection law, you have rights including:

• Right to be informed: you have the right to be informed about how we will process your personal data. 
• Right of access: you have the right to ask us for copies of your personal information, and how and why we are processing it.
• Right to rectification: you have the right to ask us to rectify personal information you think is inaccurate or incomplete.
• Right to erasure: you have the right to ask us to erase your personal information. There are some circumstances where we may need to keep your details, for example if it is necessary to comply with a legal obligation.  in certain circumstances
• Right to restriction of processing: you have the right to ask us to restrict the processing of your personal information. in certain circumstances
• Right to data portability: you have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances
• Right to object to processing: you have the right to object to the processing of your personal information in certain circumstances
• Rights in relation to automated decision-making: you have the right to avoid being subject to decisions which are solely based on automated processing. We do not carry out any such processing at GNDR.
• Right to data portability: you have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances

If you would like to discuss or exercise any of these rights, or are not happy with the way we have processed your data, please get in touch by emailing info@gndr.org, or write to us at 8 Waldegrave Rd, Teddington TW11 8HT.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Members: Please contact us at registration@gndr.org if you wish to make a request.

Supporters: Please contact us at philanthropy@gndr.org if you wish to make a request.

You also have the right to make a complaint to the Information Commissioner’s Office (ICO). The ICO can be contacted at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

Applying for a role at GNDR

We collect information from anyone who applies to work or volunteer at GNDR. This information is only used for recruitment or employment purposes and is separate to data relating to members and supporters. As an applicant or employee, you are entitled to the same rights as GNDR members and supporters.

Cookies

Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. Like many sites, we may use cookies to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website. To find out more about how we use the cookies on our site, please see our cookie notice.