‘We’, ‘us’, ‘our’ is Kent Community Foundation (KCF). Registered charity (number 1084361) and company (number 4088589) in England and Wales.
‘Personal data’ is any information that could identify an individual; most commonly for us this is contact details.
‘Data’ as a general term refers to all information we might hold including, for example, information about organisations that apply to us.
As part of Kent Community Foundation’s work, it is necessary for us to collect data about individuals. This document explains how Kent Community Foundation handles the data it collects, in accordance with the relevant legislation; currently the Data Protection Act 1998 (replaced by the European General Data Protection Regulations from 25th May 2018) and the Privacy and Electronic Communications Regulations (PECR).
We are committed to our core values in all we do, including how we handle data entrusted to us.
Excellence – we strive to achieve excellence in the delivery of our service by exceeding the expectations of both our donors and our grant recipients
Supportive – we go above and beyond to support the organisations that apply to us for funding by sharing our knowledge and expertise to help build a sustainable and confident voluntary sector across Kent and Medway
Integrity – we operate with integrity in everything we do. We are transparent in our processes and deliver what we promise
Why do we hold data?
The information we hold enables us to carry out our charitable purposes. Our mission is to proactively create strong local communities by connecting those who want to help with those seeking help; we primarily do this by enabling donors to give effectively by means of grant making and loan funding by KCF.
What information do we hold?
We hold data on individuals and organisations who have given financial or other support to Kent Community Foundation, those who might do, and those who apply to the Community
Foundation for grants, whether on behalf of an organisation or personally. We also have other stakeholders who support us in our work who we need to keep in contact with.
In order for us to process grant applications we require applicants’ contact details. We require contact information from our donors too and other stakeholders. We sometimes require more in depth information to process grant requests for individuals. We also need other information to ensure excellence in our customer care, such as individuals’ preferences relative to their relationship with us.
We aim to only retain information necessary to carry out our work and will make every effort to destroy any personal or sensitive information which is not necessary to those functions. Most data we have is held for at least seven years for auditing and other compliance purposes.
How do we obtain data?
Most personal data is given directly to us by the individual. Sometimes data may come to us via online giving platforms, or other individuals who believe an individual or organisation would be interested in engaging with us. We also may use publically available sources such as the media, charity and company regulators, social media and internet search engines, to obtain information about donors regarding their background, wealth and other information we believe to be useful for our fundraising objectives.
How do we hold data?
Electronic data is held on our online database and our computer system, backed up by a secure cloud storage provider. We hold some information in locked filing cabinets in our secure office which only our staff can access.
Personal data is not passed to any third parties without an individual’s prior consent. Sometimes we partner with external funding bodies or other organisations that might need certain information to fulfil working agreements.
We hold data for as long as it is necessary, depending on the type of data and processing involved. Different types of data need to be retained for different periods of time to comply with appropriate legislation and we are careful not to hold data unnecessarily. If an individual wishes us to exercise their right to erase their data before that time, they can contact KCF directly.
How do we process data?
Most of the personal data we hold is used to contact individuals to:
• Assess, process and evaluate grant applications;
• Keep past applicants informed of current and upcoming funding opportunities;
• Keep supporters informed of our activities, including event invitations;
• Keeping regular supporters informed of new appeals and opportunities to donate.
There are different legal basis by which we can process personal data under the law. Some activities require consent, other processing is required in order to fulfil a contract or agreement, and in some cases we can process data based on the conviction that it is in both our legitimate interest and the individual’s.
We do not share individuals’ data with any third parties unless we have consent or it is necessary to process a grant application or donation or any other activity that the information has been supplied for. With our permission, grant information is sometimes accessed by UK Community Foundations in order to monitor grant making across the network, especially when we have a responsibility to report back to major donors. This is made clear when applicants submit their grant applications.
We won’t give/sell data to any third parties for their marketing purposes.
What are your rights?
You have the right to:
• Withdraw consent you have previously given for us to process your data
• Request access to any information held about you
• Request data about you is destroyed
• Make a complaint directly to us or to the ICO if you are not happy with the way your data is being treated. Please see our Complaints Policy.
If you have any questions about this privacy notice, about the way in which we process your data, or if you wish to change the way we use your data, including how we communicate with you, then please contact us:
firstname.lastname@example.org / 01303 814 500 /Kent Community Foundation, Evegate Park Barn, Evegate, Ashford, TN25 6SX.
We will always give you the opportunity to opt out of different forms of communications from us. If you cannot see how to do so, please contact us directly.
Updated and approved by Board May 2018