Website Users

Privacy Policy



  • This Privacy Policy was last reviewed and updated on 31st May 2018.

Here at Advocacy Focus, we are committed to protecting your personal information.

This page, together with our terms and conditions and our cookies policy, sets out the basis on which we will process any personal information we collect from you, from published sources and public registers, or that you provide to us.

Any questions regarding this site and our privacy policy should be sent to the Advocacy Focus, 1st Floor, The Old Tannery, Eastgate, Accrington, Lancashire, BB5 6PW or by email to admin@advocacyfocus.org.uk.

About Advocacy Focus

This site is operated by or on behalf of Advocacy Focus. We are an independent charity which has been offering free advocacy support since 1998.

We work with people with a variety of mental health, health or social care needs, communicating on their behalf their desires or wishes to the relevant service.

Our registered charity number is 1086151 in England and Wales. Our company limited guarantee number is 4135225.

You can contact us:

  • by post, using the postal address given above
  • using our website contact form
  • by telephone, on 0300 323 0965 from 9am – 5pm Monday to Friday
  • by email, using the email address given above

This document was created with the help of SEQ Legal.

Amendments

We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy.

This document was created with the help of SEQ Legal.

Topics

  • What data do we collect?
  • How do we use this data?
  • Who do we disclose your data to?
  • How long do we keep your data?
  • Security
  • Your Rights
  • Cookies
  • Newsletter Subscriptions
  • Donating money online
  • Applying for a job with Advocacy Focus
  • Signing up to receive press releases
  • Children’s Privacy Policy

What data do we collect?

We may collect, store and use the following personal information:

  • information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths);
  • information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including your name and email address);
  • information that you provide to us when using the services on our website, or that is generated in the course of the use of those services (including the timing, frequency and pattern of service use);
  • information relating to any transactions or donations that you enter into through our website (including your name, address, telephone number, email address);
  • any other personal information that you choose to send to us i.e. via a job application or via email.

Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.

How do we use this data?

Personal information submitted to us through our website will be used for the purposes specified in this policy or on the relevant pages of the website.

We may use your personal information to:

  • administer our website and business
  • personalise our website for you
  • enable your use of the services available on our website
  • send you non-marketing commercial communications
  • send you email notifications that you have specifically requested
  • send you our email newsletter, if you have requested it (you can inform us at any time if you no longer require the newsletter)
  • send you marketing communications relating to our business which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications)
  • provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information)
  • deal with enquiries and complaints made by or about you relating to our website;
  • keep our website secure and prevent fraud; and
  • verify compliance with the terms and conditions governing the use of our website

If you contact us, we may keep a record of that correspondence. We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them.

We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.

All our website financial transactions are handled through our payment services providers, Stripe and GoCardless. When making a donation online, we do not see any of your financial information. Read more about making a donation further on in this policy. 

Who do we disclose your data to?

We may disclose your personal information to any of our employees, advocates, trustees, partners, professional advisers or legal team insofar as reasonably necessary for the purposes set out in this policy.

We may disclose your personal information:

  • to the extent that we are required to do so by law
  • in connection with any ongoing or prospective legal proceedings
  • in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
  • to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.

We share some of your data with third party providers to allow us to carry out certain functions such as allow people to double opt in via the website or allow a user to make a donation online.

Third party providers we work with include:

  1. Stripe – we use stripe to process one of donations via the website. The user is required to make an account with Stripe which means they then consent to Stripe’s Privacy Policy
  2. GoCardless – we use GoCardless to process monthly recurring donations. Again the user is required to make an account with GoCardless which means they then consent to GoCardless’s Privacy Policy
  3. MailChimp – users from our Marketing Distribution List are uploaded to MailChimp so that we are able to process and send our bi-monthly newsletters. This is detailed clearly in our Newsletter FAQs and our Privacy Policy so users understand clearly before opting in how MailChimp uses and stores their data
  4. +24 Agency – +24 Agency manage our website and provide us with the portal to enable a double opt in system for marketing distribution. Again, users are made aware of this in our Privacy Policy and Newsletter FAQs before consenting to receiving our marketing updates.

Except as detailed above, we will not provide your personal information to third parties without your consent.

How long do we keep your data?

We explicitly comply with our legal obligations in relation to the retention and deletion of personal information.  Personal information that we process for any purpose or purposes shall not be kept for longer than is necessary by law for that purpose or those purposes. You can withdraw your data at any time.

Security of personal information

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.

We will store all the personal information you provide on our secure password and firewall-protected servers.

All electronic financial transactions entered into through our website will be protected by encryption technology.

You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

Your rights

You may instruct us to provide you with any personal information we hold about you. You have the right to obtain:

  • confirmation that your data is being processed;
  • access to your personal data; and
  • other supplementary information

We provide these details free of charge and within 30 days of your request. To request access to your data, please email admin@advocacyfocus.org.uk.

We may withhold personal information that you request to the extent permitted by law.

You may instruct us at any time not to process your personal information for marketing purposes.

In practice, you will expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes. Read more about how we may use your data for marketing purposes later on in this policy.

Third party websites

Our website includes hyperlinks to, and details of, third party websites. We have no control over, and are not responsible for, the privacy policies and practices of third parties.

Updating information

Please let us know if the personal information that we hold about you needs to be corrected or updated.

Cookies

Our website uses cookies. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

We use both session and persistent cookies on our website. The names of the cookies that we use on our website, and the purposes for which they are used, are set out below:

  • We use cookies to recognise a computer when a user visits our website and to track users as they navigate the website.
  • We use cookies to improve the website’s usability, administer the website and improve the security of the website
  • We also use cookies to facilitate the use of our website search engine

Most browsers allow you to refuse to accept cookies; for example:

  • in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
  • in Firefox (version 47) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
  • in Chrome (version 52), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.

Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.

You can delete cookies already stored on your computer; for example:

  • in Internet Explorer (version 11), you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);
  • in Firefox (version 47), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history” from the drop-down menu, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and
  • in Chrome (version 52), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Cookies and other site and plug-in data” before clicking “Clear browsing data”.

Deleting cookies will have a negative impact on the usability of many websites.

Newsletter Subcriptions

What am I signing up to?

By signing up to our newsletter you consent to receiving the latest news and updates from Advocacy Focus.

What we will email you about:

  • Team news
  • Latest organisational updates
  • Key announcements
  • Sector news and information
  • Legislation changes
  • Case studies
  • Fundraising campaigns
  • Latest events
  • Jobs
  • Related information or news we feel may be relevant to you

Our newsletters are sent every two months, unless we have a big announcement or are recruiting for numerous positions where we may email more frequently as we feel this may be in your interest.

What do you do with my data once I sign up?

We only ask for your first name, surname and email address for our newsletter as we feel this is all we need to keep you updated about our charity. We do not profile you or ask for any more personal information that we don’t need. This data is stored in a password protected file on our secure server where only the staff who need to see and work with this data have access to it. All our staff members are trained on European Data Protection laws and as such work with your data within the legal remits.

We use MailChimp as our email marketing platform which allows us to make our newsletters look nice and easily readable, and equally allows you to unsubscribe easily. MailChimp also allow you to unsubscribe more easily from our email updates should you no longer wish to receive these. You are able to unsubscribe and withdraw your data at any time.

User data is also stored in the back end of the Advocacy Focus website once you have signed up, so that you are able to log in to the website should you wish to donate or create a fundraising campaign. Our website is ran by +24 Agency who have taken all the necessary steps to ensure this data is protected and secure in line with GDPR. Their Privacy Policy can be found here.

What does MailChimp do with my data?

MailChimp is the world’s largest online marketing platform with over 14 million users worldwide, as such, they have very strict and stringent data laws and are compliant to data regulations across the globe.

Below we have summarised MailChimp’s Privacy Policy in relation to accessing and using your data:

  • Advocacy Focus uploads what is called a ‘distribution list’ into MailChimp to send emails. This distribution list contains your first name, surname and email address. When we upload this list, MailChimp may have access to that data.
  • This distribution list is stored on a secure MailChimp server. MailChimp do not, under any circumstances, sell these distribution lists. Only authorised MailChimp employees have access to view this list.
  • If MailChimp detecst abusive or illegal behaviour related to a distribution list, they may share that list or portions of it with affected ISPs or anti-spam organisations.
  • If you choose to forward one of our email newsletters, MailChimp does not store your friend’s email address and no one is added to any distribution list as a result/
  • MailChimp may transfer personal information from the distribution list to companies that help them promote, provide or support their services or the services of their members (service providers). All Service Providers enter into a contract with MailChimp that protects Personal Information and restricts their use of any Personal Information consistent with their policy.
  • As part of MailChimp’s services, they may use and incorporate into features information we have provided. MailChimp may share this information, including email addresses, with third parties in line with the approved legal uses.

To view MailChimp’s Privacy Policy in full, click here.

How long will I be signed up for?

We will keep your data for two years unless you tell us you know longer wish to receive our updates, at which point we will remove all traces of your data from our marketing distribution list and you will no longer receive any marketing communications.

What happens next?

After you have signed up to our newsletter, we will send you an email to check that you have read and understand the above and consent to us sending you our company updates and news.

How do I unsubscribe?

You can unsubscribe at any time by clicking the unsubscribe link in one of our marketing communication emails or by emailing admin@advocacyfocus.org.uk. Once you unsubscribe all traces of your data used for marketing purposes will be deleted.

Donating Money Online

To process payments on our website we use two payment providers; Stripe allows us to take one off payments; GoCardless allows us to take recurring payments via direct debit.

It is important to note that we do not see or store your card or financial information, as these are processed via the third party payment provider. You can read about our payment providers below.

Stripe

  • Stripe is a software platform that allows easy one of payment processing online. It handles billions of dollars every year, around the world.
  • As a financial organisation, Stripe must adhere to strict financial and legal regulations as well as to the General Data Protection Regulations. We have provided a summary below.
  • Stripe will collect your personal data when you make a donation via our website, when you register for a Stripe account, or when you use the ‘Remember Me’ feature at a Stripe checkout.
  • Stripe collects details such as name, postal address, telephone number and email address; financial and transaction data such as credit or debit card number and bank account information; other personal data such as date of birth, SSN or EIN.
  • They may also collect personal data which they call ‘other data’ including information on how you use your account and their websites.
  • Stripe uses your personal data to (i) provide the Services; (ii) detect and prevent fraud; (iii) mitigate financial loss or other harm to Users, Customers, and Stripe; and (iv) promote, analyze and improve our products, systems, and tools.
  • Stripe does not sell or rent your personal data to marketers or unaffiliated third parties. They may share Your Personal Data with trusted third parties, including: Stripe Affiliates, Stripe Service Providers i.e. banks and credit bureaus, To Our Users, such as merchants and application providers as necessary to process payments, , to authorised third parties with your consent or to third parties as necessary such as during mergers or reorganisations. They may also disclose data for safety, legal purposes and law enforcement.
  • Stripe use reasonable organisational, technical and administrative measures to protect your data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that Your interaction with us is no longer secure (for example, if You feel that the security of Your account has been compromised), please contact us
  • If you choose to close Your Stripe Account, they will retain certain Data to meet legal obligations. There may also be residual Data that will remain within our databases and other records, which will not be removed.
  • If you have any questions about this Privacy Policy, you can contact Stripe at privacy@stripe.comor at: Stripe, Inc. 185 Berry Street, Suite 550, San Francisco, CA 94107.

To read Stripe’s Privacy Policy in full, click here.

GoCardless

  • GoCardless in an online payment processor that sets up direct debits for you to be able to make recurring donations to Advocacy Focus i.e. once a month. GoCardless currently has over 30,000 customers.
  • If you make a payment via GoCardless or an account, they will use your personal details to facilitate your application and future transactions.
  • GoCardless collects data when:
    • Create an account or set up a direct debit
    • Fill in a form via their website
    • Report a problem with the website or your accunt
    • You call or send an enquiry
  • Information they collect includes:
    • Details of transactions your carry out throughout their website
    • Details of your visits to the website and the resources that you access
    • Details which may help them to prevent and detect debt, fraud or loss
    • Details which may help to train staff and improve their systems
    • Details required to comply with the requirements of supervisory organisations such as the Financial Conduct Authority and relevant industry bodies
    • Details which our finance provider and/or credit reference agencies may use to check your details with one or more credit-reference and fraud-prevention agencies to help them to make decisions about your ability to make payments
    • Where you are using the system to make payments, we may share your information with the party you wish to receive funds, and any partner organisation which is facilitating the transaction
  • DoCardless does not disclose information about identifiable individuals to advertisers, but may provide them with aggregated information about users (for example, they may inform them that 500 males aged under 30 have clicked on their advertisement on any given day). They may also use such aggregated information to help advertisers reach the kind of audience they want to target.
  • Where you are applying to use the GoCardless system, they may also contact credit or identity reference agencies with information you provide to enable us to confirm your identity
  • The data GoCardless collects from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for them or for one of their suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the V0417.1 4 processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. GoCardless take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
  • Unfortunately, the transmission of information via the internet is not completely secure. Although GoCardless do all that they reasonably can to protect your personal data, they cannot guarantee the security of your data transmitted to the Website; any transmission is at your own risk. Once they have received your information, they will use strict procedures and security features to try to prevent unauthorised access.
  • GoCardless may disclose your personal information to third parties if they are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply their Terms and Conditions and/or other agreements entered into with you; or to protect the rights, property, or safety of GoCardless Limited, their customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
  • GoCardless may also collect and retain information about your cookies and use of their website to enable them to estimate their audience and customer size as well as enhance the user experience.
  • If you have any questions about GoCardless’ privacy policy, you can contact them on 020 8338 9537 or by going to https://support.gocardless.com/hc/en-gb.

To view the privacy policy in full, please click here.

Applying for a Job with Advocacy Focus

When applying for a job online you download and submit your data via an application form. Once you have submitted this application we will send you a Privacy Notice to review and sign.

This notice will make you aware of how and why your personal data will be used, namely for the purposes of the recruitment exercise, and how long it will usually be retained for. It provides you with certain information that must be provided under the General Data Protection Regulation ((EU) 2016/679) and all applicable regulations. We will comply with data protection law and principles.

What information will we hold about you?

In connection with your application for work with us, we will collect, store, and use the following categories of personal information about you:

  • The information you have provided to us in your curriculum vitae and covering letter
  • The information you have provided on our application form, including name, title, address, telephone number, personal email address, date of birth, gender, employment history, qualifications, skills, experience, employment history
  • Any information you have provided about your current level of remuneration or employment benefits
  • Any information you have provided relevant to requesting that we make reasonable adjustments during the recruitment process, including whether or not you have a disability
  • Any information about your entitlement to work in the UK
  • Any information you provide to us during an interview

We may also collect, store and use the following “special categories” of more sensitive personal information:

  • Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions
  • Information about your health, including any medical condition, health and sickness records
  • Information about criminal convictions and offences

How is your personal information collected?

We collect personal information about job applicants from a variety of sources.  This information may be supplied by you in application forms or CVs, contained in your passport or identity documents, or collected through interviews and other forms of assessment [including online assessment].

We will also collect personal data about you from third parties:

  • Disclosure and Barring Service in respect of criminal convictions
  • Your named referees, from whom we collect the following categories of data: How long you were employed in your previous role, any current disciplinary procedures in place, number of sick days in last 12 months and would your current employer re-employ you.

Why will we process your personal data?

We need to process data to take steps at your request prior to entering into a contract with you. We also need to process your data to enter into a contract with you.

In some cases, we need to process data to ensure that we are complying with legal obligations. For example, it is required to check a successful applicant’s eligibility to work in the UK before employment starts.

We have a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows the organisation to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.

Where we rely on legitimate interests as a reason for processing data, we have considered whether or not those interests are overridden by the rights and freedoms of employees or workers and has concluded that they are not.

We process health information if we need to make reasonable adjustments to the recruitment process for candidates who have a disability. This is to carry out our obligations and exercise specific rights in relation to employment.

Where we process other special categories of data, such as information about ethnic origin, sexual orientation, health or religion or belief, this is for equal opportunities monitoring purposes.]

For some roles, we are obliged to seek information about criminal convictions and offences. Where we seek this information, we do so because it is necessary to carry out our obligations and exercise specific rights in relation to employment.

We will not use your data for any purpose other than the recruitment exercise for which you have applied] OR [If your application is unsuccessful, the organisation will keep your personal data on file in case there are future employment opportunities for which you may be suited. The organisation will ask for your consent before it keeps your data for this purpose and you are free to withdraw your consent at any time.

Who has access to personal data?

Your information will be shared internally for the purposes of the recruitment exercise. This includes members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles.

The organisation will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment. The organisation will then share your data with former employers to obtain references for you, employment background check providers to obtain necessary background checks and the Disclosure and Barring Service to obtain necessary criminal records checks.

We will not transfer your data outside the European Economic Area.

If you fail to provide personal information

If you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require a credit check or references for this role and you fail to provide us with relevant details, we will not be able to take your application further.

Information about criminal convictions

We do envisage that we will process information about criminal convictions.

We will collect information about your criminal convictions history if we would like to offer you the role (conditional on checks and any other conditions, such as references, being satisfactory). We are required to carry out a criminal records check in order to satisfy ourselves that there is nothing in your criminal convictions history which makes you unsuitable for the role. In particular:

  • We are legally required by local authorities, to whom we are contracted to deliver services, to carry out criminal record checks for those carrying out the advertised role.
  • We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data

Automated decision-making

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.

Data security

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Operations Director

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

How long will you use my information for?

If your application for employment is unsuccessful, we will hold your data on file for [time period] after the end of the relevant recruitment process. [If you provide consent to allow the organisation to keep your personal data on file, we will hold your data on file for a further 2 years for consideration for future employment opportunities. At the end of that period or once you withdraw your consent, your data is deleted or destroyed.

If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file [and retained during your employment]. The periods for which your data will be held will be provided to you in a new privacy notice at the time of your appointment.

Rights of access, correction, erasure, and restriction

Under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to exercise any of these rights please contact The Operations Director in writing.

Am I able to withdraw my consent?

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us on admin@advocacyfocus.org.uk. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law, and as notified to you in this privacy notice.

Queries or complaints about how we process your personal data

If you have any questions about this privacy notice or how we handle your personal information, please contact the Operations Director in writing.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulatory authority for data protection issues.

Signing up to receive press releases

If you are a media publication that has signed up to receive our press releases via our Media Sign Up form. You can find out here how we will use your data.

What am I signing up to?

By signing up to our Media Distribution List you are opting in to receive our latest press releases.

What do you do with my data once I sign up?

We only ask for your first name, surname, publication and email address for our as we feel this is all we need to be able to send you relevant press releases.

We do not profile you or ask for any more personal information that we don’t need. This data is stored in a password protected file on our secure server where only the staff who need to see and work with this data have access to it. All our staff members are trained on European Data Protection laws and as such work with your data within the legal remits.

We do not use any third party email marketing platforms to send these press releases.

User data is also stored in the back end of the Advocacy Focus website once you have signed up. Our website is ran by +24 Agency who have taken all the necessary steps to ensure this data is protected and secure in line with GDPR. Their Privacy Policy can be found here.

How long will I be signed up for?

We will keep your data for two years unless you tell us you know longer wish to receive our press releases, at which point we will remove all traces of your data from our Media Distribution List and you will no longer receive any communications.

How do I unsubscribe?

You can unsubscribe at any time by emailing marketing@advocacyfocus.org.uk. We will provide an overview of how to unsubscribe every time we send out a press release.

Children’s Privacy Policy

Why do I need to know your Privacy policy?

This Privacy Policy is important as it lets you know what personal data we record about you, why we record it and how we use it. Under the General Data Protection Regulation 2018 (GDPR) you have rights over what personal information we take from you and how this information is used. The law requires that we only take information that is needed for us to help you. It also says that this information must be up to date, kept securely and for a certain amount of time only. We are serious about protecting your data and making sure you understand how your personal information is used and processed.

If after you have read this policy, you don’t understand something or you have any questions about how we use your personal information, please don’t hesitate to get in touch with us.

What information do we take from you?

We only record information that is relevant to helping you; this is information about who you are, where you live, why you are using our service and about the work we are doing with you.

Why do we need this?

We use this information to better understand how best to help you, we keep the files to help us understand how we worked with you and to assess how successful the outcome was. This kind of information helps us to help other people as well.

Who can see it?

Only the people who need to see your personal information can see it. This can be:

  • Staff at Advocacy Focus relevant to your case
  • Some senior managers at Advocacy Focus
  • Official inspectors may be able to see your information when we are being audited; this happens to ensure that we are working properly and keeping accurate records
  • Representatives of the commissioner should we be delivering this service on behalf of another organisation. This would be to check that work is proceeding as it should.

Will we share your information?

We don’t share information about you to other organisations or services without asking you first. We will always respect your decision on whether to share your information, however, there may be times when we may have to share this, such as:

  • If we are working with another organisation as part of the service to you
  • If we have reason to believe you may be at risk or someone else may be at risk
  • If we are legally required to do so; for example, following a court order

Can I see what information you have on me?

Yes, you are able to ask us for something called a ‘Subject Access Request’ (SAR) at any time, if you request this we have to provide you with a copy of your records within 30 days. If you would like to see what is on your file, please email hr@advocacyfocus.org.uk. You also have a right to request us to change or update any information we hold on you.

Can any of my information be withheld from me?

Sometimes we receive confidential information, such as information from a Doctor, if you wish to see this information, we have to ask the person who is providing the information whether they agree for this to be shared with you.

Sometimes, very rarely, we may withhold information for your own safety or because it may harm you to see it.

What happens to my data when I stop using your service?

When we have stopped working with you, your record will be closed and kept by Advocacy Focus for a minimum of six years. It may be kept for longer than this if legally required, but will always be kept within the legal timeframe. Throughout this time you still have the right to ask to see what information we hold on you (SAR).

After the timeframe is up, we will permanently delete your record in line with GDPR procedures.

What if I’m not happy with this or the information on my file?

If you are unhappy with any of the information in this policy or if you are not happy with information on your SAR, you can contact us on 0300 323 0965 or by emailing the address below.

If you are unsure about any way in which Advocacy Focus collects, stores or uses your personal data please contact us on 0300 323 0965, or via email on hr@advocacyfocus.org.uk.

Back to Top