Privacy and Cookies
Please read below to see how the Eagles Foundation protects and respects your privacy along with details of how any data you provide is used.
The Eagles Foundation recognise that the correct and lawful treatment of Personal Data will maintain confidence in the organisation and will provide for successful business operations. Protecting the confidentiality and integrity of Personal Data is a critical responsibility that we take seriously at all times.
The board of trustees is responsible for ensuring all Eagles Foundation personnel comply with this Privacy Standard and need to implement appropriate practices, processes, controls and training to ensure that compliance.
Data Protection Policy
A full copy of the Eagles Foundation Data Protection Policy is available on request, below is a summary that aims to provide an overview of the approach taken.
Personal data protection principles
We adhere to the principles relating to Processing of Personal Data set out in the GDPR which require Personal Data to be:
- Processed lawfully, fairly and in a transparent manner (Lawfulness, Fairness and Transparency);
- Collected only for specified, explicit and legitimate purposes (Purpose Limitation);
- Adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed (Data Minimisation);
- Accurate and where necessary kept up to date (Accuracy);
- Not kept in a form which permits identification of Data Subjects for longer than is necessary for the purposes for which the data is Processed (Storage Limitation);
- Processed in a manner that ensures its security using appropriate technical and organisational measures to protect against unauthorised or unlawful Processing and against accidental loss, destruction or damage (Security, Integrity and Confidentiality);
- Not transferred to another country without appropriate safeguards being in place (Transfer Limitation); and
- Made available to Data Subjects and allow Data Subjects to exercise certain rights in relation to their Personal Data (Data Subject's Rights and Requests).
We only aim to collect the minimum amount of information needed and will delete it when it is no longer needed. We will collect this data in a number of ways both directly and indirectly.
You may give us personal data about you (such as your name, address, e-mail address and phone number) whenever you contact us, either by telephone, letter, our website (https://heritage.sheffieldeagles.com) or in any other way. For example, we will obtain your personal data when you contact us, communicate with us or sign up to receive email. When you contact us, we may keep a record of that correspondence.
Personal and Special data we may collect about you as an employee or volunteer
We may also process special categories of personal data (sensitive data) to enable us to support employment or volunteering. For example racial and ethnic origin, offences (including alleged offences), complaints, accidents, and incident details. If we are processing any personal information that is regarded as ‘special category’ or ‘sensitive’ as referred to above, we will only do this with your explicit consent.
What personal data we collect and how we use it
The type of information we collect and how we will use it will depend on why you are providing it.
If you support us, volunteer, share items or sign up for an event, we will usually collect:
- Your full name
- Your contact details
Where it is appropriate we may also ask for:
- Your date of birth
- Your bank or credit card details
- Information relating to your health (so we can provide you with appropriate help and support or we can assess your suitability to take part in an event)
Examples of how we could use your data:
- Help us identify you and any previous contact we may have had with you;
- Provide you with information about other goods and services we offer that are similar to those that you have already enquired about
- Notify you about changes to our services
- Ensure that content from our site is presented in the most effective manner for you and for your computer or other device
- Seek feedback on how we can improve the service we offer
- Improving our services
- Analyse the effectiveness of our marketing and communication
- Keep a record of your relationship
- If you receive emails from us we may also be able to monitor which of our emails you have opened and any links within the emails that you click on
Legal basis for using personal data
The Eagles Foundation relies on the following legal conditions that are described:
- Consent: When you opt-in to receive information from us we use this consent to send you updates about our news, events and other activities.
- Legal obligations: Sometimes it is necessary to process your data for us to comply with our legal obligations.
- Legitimate interest: We have conducted a legitimate interest assessment and will, in some circumstances, rely on sending you information by post. Unless you have specifically opted out of communications, you may receive information from us.
- Vital interest: where processing is needed to protect your vital interests (or those of someone else) e.g. in an emergency.
- As an equal opportunities employer, we may process your data to allow us to monitor our diversity and evaluate our training and development needs
- Contract: the processing is necessary for a contract we have with the individual, or because they have asked us to take specific steps before entering into a contract.
We may use profiling techniques to segment our data to ensure communications are relevant and timely, and to provide an improved experience those involved in the Eagles Foundation. When building a profile we may analyse geographic and demographic information relating to you in order to understand your interests and communicate relevant information to you. Such information is compiled using the information we collect from you directly or indirectly throughout analytics on social media and our website.
Sharing Your Story
Some people choose to tell us about their experience with the Eagles Foundation to help further our work. With your permission, this may be used publicly by us at events, in materials promoting our work, social media, press and other documents.
Digital Direct Marketing
We may send you digital communications about our news, events and other activities, if you have consented to do so via one of our data capture points. If you change your mind, you can let us know if you would prefer not to receive communications at any time by emailing firstname.lastname@example.org
Disclosure of your personal data
We will never sell, rent, or trade your personal data however we may disclose your personal data to:
- Our affiliated organisations and subsidiaries, and to service providers who render services to us or you on our behalf (all of which are contractually obligated to act only on our instructions and in accordance with applicable laws, including GDPR and PECR ).
- We also may disclose your information if required by law or to enforce our legal rights.
- Our agents and service providers (who help run some of our administrative operations such as web hosting, payment processing, maintenance services or email distribution) some of whom may be outside the EEA (see ‘Transfers of data out of the EEA’ below);
- If WPCC is acquired by another company, personal data held about its clients and supporters will included in the assets transferred.
Keeping your data secure
We will use technical and organisational measures to safeguard your personal data. For example we store your electronic personal data on secure servers (and keep any hard copies in locked cabinets in locked rooms) and only disclose your personal data to third parties that also provide adequate protections. Whilst we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data which are transferred from you or to you, or to a third party, via the internet.
Transfers of data out of the EEA
Some of our service providers and affiliated organisations lie outside the EEA and therefore we may be required to transfer your data outside the EEA. If we do, we ensure your data is processed only in countries that provide an adequate level of protection for your data or where the recipient provides appropriate safeguards, such as model contract clauses, binding corporate rules, or mechanisms like the EU-U.S. Privacy Shield framework.
You have the right to request access to data (Right of Access) which we may process about you. If you wish to exercise this right you should:
- Put your request in writing
- Include proof of your identity and address (e.g. a copy of your driving licence or passport, and a recent utility or credit card bill)
- Specify which information you are seeking
You have the right to require us to correct any inaccuracies (Right to Rectify) in your data free of charge. If you wish to exercise this right you should:
- Put your request in writing
- Provide us with enough information to identify you
- Specify the information that is incorrect and what you believe should replace it.
- If upon receipt of this request we agree that the data is incorrect we shall make corrections. Whatever action we take, we will write back to you to inform you of our findings and if necessary any actions we have taken.
You also have the right to ask us to stop processing (Right to Restrict Processing) your personal data for direct marketing purposes. If you wish to exercise this right you should:
- Put your request in writing (an email sent to email@example.com with a header that says ‘Unsubscribe’ is acceptable)
- Provide us with enough information to identify you
- If your objection is not to direct marketing in general, but to direct marketing by a particular channel (eg email or telephone) please specify the channel you are objecting to.
It is also possible to unsubscribe from email marketing only using the ‘unsubscribe’ link provided in each email we send.
You have the right (in certain circumstances) to have personal information held about you erased from our records if it is determined we no longer need it (Right to be Forgotten).
You have the right to have inaccurate personal information amended (Right to Rectification).
The right to ask us to stop using your information in certain situations (Right to Restrict Processing).
You have the right (in certain circumstances) to have a copy of your personal information provided for reuse in another service (Right to Data Portability).
You are able to object (Right to Object) to direct marketing, processing, research and processing based on legitimate interest.
You have the right not to be subject to a decision based on automated processing (Right not to be Profiled)
We will endeavour to update your details as quickly as possible, but please note this may take up to six weeks from the original request date. If you request to be forgotten, this could take up to 6 months to be fully erased.
Information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
- Give consent on his/her behalf to the processing of his or her personal data
- Receive on his/her behalf any data protection notices
- Give consent to the transfer of his/her personal data outside of the European Economic Area
Our site may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
A cookie is a small file which is placed on your computer by a site when you visit it. Basic cookies contain the site name and a unique user ID. The next time you visit that site, your browser checks to see if it has a cookie for it and sends the information contained in that cookie back to the site. The site then ‘knows’ that you have been there before, and can, for example, tailor your experience of the site.
Cookies help us to improve your experience of our site but are not essential to its basic functioning. We use these cookies to collect non-personal information about your computer, including, where available, your IP address, operating system and browser type, language and Country, for system administration purposes and to measure our effectiveness. They also enable us to estimate our audience size and usage patterns. This is statistical data about our users' browsing actions and patterns and does not identify any individual. This information helps us to provide you with a good experience when you browse our website and also allows us to improve our site.
Third party cookies
Facebook and Twitter are examples of ‘third party’ cookies on our site. If you click a function on our website that is associated with these parties (eg to share or tweet a piece of information), they will place cookies on your computer. We embed videos on our site using YouTube, which sets cookies on your computer once you click on the video player. As you do not have to sign up to YouTube first in order to play these videos, you will not have accepted their terms and conditions. We do not take responsibility for these cookies, as to make use of these functions you will have already accepted the terms and conditions of use with the relevant party.
Yes. You can use a setting on your browser which allows you to refuse to accept cookies. However, if you select this setting it may not work smoothly. Different browsers have different instructions for managing cookies and you may also be able to accept certain cookies and not others. For example, you may be able to refuse third party cookies.