Share

Harvest mouse

Harvest mouse ©Amy Lewis

Privacy notice

1. INTRODUCTION 

Hampshire & Isle of Wight Wildlife Trust (charity no. 201081) is committed to protecting your privacy and information security. This policy explains why and how we use your personal data, to ensure you remain informed. 

This Privacy Notice applies to anyone that the Trust comes into contact with, including but not exclusively limited to: members, volunteers, donors, the general public, and professional contacts. 

2. ABOUT US 

Hampshire & Isle of Wight Wildlife Trust is committed to creating a wilder future by 2030, where nature is recovering, wildlife is returning, and ecosystems are being restored across our counties. With the support of more than 29,000 members, we want to see many more people on nature’s side. We aim to engage 1 in 4 people, encouraging them to take action for nature by becoming part of Team Wilder.  

We want to see at least 30% of land and sea transformed into wilder places where nature is recovering by 2030. We are already doing this by expanding our nature reserves, ensuring land outside them is working for wildlife, restoring missing species and campaigning for the correct policies to drive the change we need. But we need much more of this rapid, positive action to tackle the climate and ecological crises and to create a wilder future for us all.  

We’re part of the UK-wide movement of 46 Wildlife Trusts, all standing up for the natural world. Together, we are the nation’s most active and influential nature conservation partnership, protecting wildlife in every part of the British Isles. Each Trust works within its local community to inspire people and bring about positive change.  

In this Privacy Notice, ‘the Trust’, ‘we’, ‘us’ or ‘our’ refers to Hampshire & Isle of Wight Wildlife Trust and any other wholly owned subsidiary companies. 

 

3. WHAT INFORMATION WE COLLECT AND HOW WE COLLECT IT 

Information we collect 

We collect data you provide to us in the course of our usual operations. This includes information you provide when joining or communicating with us. For example: 

  • personal details (name, date of birth, email, address, telephone etc.) when you become a member, volunteer, or supporter; 

  • financial information (payment information such as credit/debit card or direct debit details, and whether donations are gift-aided);  

  • details of your interests and preferences (such as campaigns, the ways you support us, or types of wildlife you enjoy); 

  • Medical and next of kin information when you register to volunteer with us or attend an event when this is necessary. 

How we collect your information 

  • Your activities and involvement with the Trust will result in personal data being created. This could include details of volunteering or involvement in our campaigns and activities, including donation details, social media interactions or responses to our communications. 

  • We sometimes receive personal data about individuals from third parties. For example, if we are partnering with another organisation. 

  • Your information may be shared with us by independent third parties when you have indicated that you wish to support the Trust with your consent. 

  • Our website uses local storage (such as cookies) to provide you with the best possible experience and to allow you to make use of certain functionality, for example being able to shop online. Cookies are small text files that are placed on your computer or mobile device when you browse websites. For more information, check our Cookies Policy

  • Some of our premises have CCTV and you may be recorded when you visit them. CCTV will only be viewed when necessary, for example for security reasons or to detect or prevent crime. The Trust complies with the ICO’s CCTV Code of Practice, and we put up notices so you know when CCTV is in use. 

  • We may collect or store special categories of personal data (such as information relating to health, beliefs or political opinions) about supporters and members. For example, if you volunteer or work with us, participate in certain community activities or if you have an accident on one of our reserves. If this does occur, we’ll take extra care to ensure your sensitive information is protected. 

  • If you are a volunteer then we may collect extra information about you. For example, references, criminal records checks, details of emergency contacts, and medical conditions. 

  • We may collect demographic and consumption data generated through geo-demographic tools (such as CACI Acorn), as well as information related to your wealth. This may include information from public registers and other publicly available sources such as Companies House, newspapers and magazines.  

  • We may carry out research using publicly available information to identify individuals who may have an affinity to our cause but with whom we are not already in touch. This may include people connected to our current supporters, trustees or other lead volunteers. We may also use publicly available sources to carry out due diligence on donors in line with fundraising best practice and to meet money laundering regulations. If you do not wish your data to be collected in any of these ways, or have questions about them, please contact us. 

Young people 

When we collect and manage information from young people (under the age of 18) we manage it in a way which is appropriate for the age of the child. The information is usually collected when young people attend our education activities and initiatives, for example medical information for Health & Safety purposes. If a young member turns 16 and wishes to join the Trust as an adult, some of the personal data we hold about that individual will be carried over to their member profile. 

4. HOW WE USE INFORMATION 

We may use your personal data for one or more of the following legal bases and purposes, where it is necessary, in order to: 

  • Perform an activity that you have consented to; 

  • for example, we use personal data to communicate with people, to promote the Trust and to help with fundraising.  

  • Perform a contract with you; 

  • for example, administrative activities to carry out our charity and conservation work. 

  • Comply with a legal duty  

  • for example, fulfilling legal obligations required by bodies such as HMRC, FCA, Charity Commission, Companies House, the Health & Safety Executive. 

  • Protect your vital interests; 

  • for example, if you have an accident on one of our reserves and require emergency medical care. 

  • For our own (or a third party’s) legitimate interests,  

  • where your rights and interests don’t override these, following a detailed assessment. For example, internal data analysis to determine the success of campaigns and appeals, better understand behaviour and responses, and to identify patterns and trends. 

We may aggregate and effectively anonymise personal data so that it can no longer be linked to any particular person, where possible. This information can then be used for a variety of purposes, such as recruiting new supporters, or to identify trends or patterns within our existing supporter base. 

In any event, we’ll only use your information for the purpose(s) it was collected for (or else for compatible purposes). 

Profiling 

The profiling we carry out includes analysing our supporters to determine common characteristics and preferences. By grouping people together on the basis of common characteristics, we can ensure that group is provided with communications, products, and information which are of most importance to them. 

Young people 

We won’t use young people’s personal data for marketing purposes, and we won’t profile it. 

Parental permission: If your child is under 18 then we’ll need permission from you as their parent or guardian for them to attend events without parents or guardians, or to be included in a photograph to be used by the Trust for marketing purposes. We’ll only use their personal data with your consent. 

5. DISCLOSING AND SHARING DATA 

We will never sell your personal data to third parties. If you have opted-in to communications, we may contact you with information about our partners, or third party products and services, but these communications will always come from the Trust and are usually incorporated into our own communications (e.g. leaflets, articles in magazines or email newsletters). 

We may sometimes need to share personal data with subcontractors or suppliers who provide us with services. Where this is necessary we, and any third parties we share with, are required to comply with all aspects of the General Data Protection Regulations (GDPR). Sharing is always subject to a lawful basis for processing.  

Organisations that we share data with include: 

  • Our trading subsidiaries – to ensure that we are adhering to legal obligations and high levels of customer care throughout the Trust group; 

  • Organisations who process data on our behalf – for example, membership recruitment providers, mail and print services, consultants / sub-contractors who help us to analyse and improve our performance, and consultants / sub-contractors who help us by supporting our social media and online advertising and marketing campaigns; 

  • Our partners on partnership projects – for example, for the purposes of project monitoring and delivery, or if you register to attend a jointly-run event; 

  • Our funders – to demonstrate compliance to funding and contracts; 

  • Legal/compliance bodies where required – including insurers, auditors, pension providers, HMRC, Fundraising Regulator, ICO; 

  • Statutory bodies or agencies – for example, to respond to legal issues and risks; 

  • Healthcare, social and welfare organisations – to manage and safeguard the wellbeing of our staff, volunteers and supporters; 

  • Educators and examining bodies – for example, where we are supporting trainees; 

  • Current, past and prospective employers – for example, to provide references; 

  • Family, associates or representatives of the person whose personal data we are processing – for example, where we are administering a legacy; 

  • Survey or research organisations – for example, to verify species records. 

We’ll only share information when necessary and for the purposes that you have provided the data to us. We will always endeavour to send data to partner organisations securely, to minimise the risk of it being intercepted by unknown individuals and/or organisations.  

6. MARKETING 

We may offer you news and information about our work, role, and opportunities including appeals, events and fundraising. We may also advertise events and activities, and offer products and services. Membership magazines are provided as part of our service to Trust members. We may use third parties to carry out these activities on our behalf. 

When you receive a communication, we may collect information about how you respond to or interact with that communication, and this may affect how we communicate with you in future. We will only contact you specifically about fundraising if you’ve opted into receiving marketing from us. 

When your membership has ended, unless we hear from you directly and/or you unsubscribe from communications, we will continue to send you information about our work for up to 24 months after your membership has ended. 

As defined by the Information Commissioner’s Office (ICO), we rely on two different lawful bases for processing your data for these direct marketing purposes, as most applicable to an activity: 

i) Legitimate interest 
This is where we have identified a genuine and legitimate reason for contacting you, which crucially does not override your rights or interests. 

ii) Opt-in consent 
This is where you have given us express permission to contact you by particular communication channels. 

You can, of course, unsubscribe from these communications at any time. Please see the contact details at the end of this notice. 

7. HOW WE PROTECT DATA 

We employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to, or use or disclosure of, your personal information. Electronic data and databases are stored on secure computer systems, and we control who has access to information. 

Payment security 

All electronic forms that request financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers. 

If you use a credit card to donate, purchase a membership or purchase something online, we will only collect the relevant payment information needed for the transaction. We will not request pin numbers or bank security information. The relevant details will be transferred securely using SSL in order to process the payment. 

We cannot guarantee the security of your home computer or the internet, and any online communications (e.g. information provided by email or via our website) are at the user’s own risk. 

8. LEAVING OUR WEBSITE 

We are not responsible for the privacy practices or the content of any other websites and social media platforms linked to our website. If you have followed a link from this website to another website you may be supplying information to a third party. 

9. INTERNATIONAL TRANSFERS 

The Trust’s operations are based solely in the UK and we store our data on servers located within the UK. Some organisations which provide services to us may transfer personal data outside of the UK, however third parties are obligated to ensure that transfers are subject to appropriate safeguards and transfer mechanisms. 

10. STORAGE 

We use and store information for no longer than is necessary for the purposes that it was collected for, and any statutory record keeping obligations. How long information will be stored therefore depends on the information in question and what it is being used for. We will regularly review what information we hold and securely delete any information that is no longer required, in line with our Data Retention Policy. 

11. YOUR DATA PROTECTION RIGHTS 

Your data subject rights are as follows: 

  • The right to be informed:  This Privacy Notice outlines how we capture, store and use your data. If you have any questions about this, please contact us using the details at the end of this notice. 

  • The right of access:  If you wish to obtain a record of the personal data we hold about you, through a Subject Access Request, we will respond within the statutory timeframes, based on ICO guidelines.  

  • The right to rectification:  If we have captured information about you that is inaccurate or incomplete, we will update it.    

  • The right to erasure (‘right to be forgotten’):  You can ask us to remove your personal details from our records.  

  • The right to restriction:  You can ask us to stop using your personal data. 

  • The right to data portability:  You can ask to obtain your personal data from us for your own purposes.  

  • The right to object: You can ask to be excluded from marketing activity. 

  • Rights in relation to automated decision making and profiling: We respect your right not to be subject to a decision that is based solely on automated processing, including profiling. 

For more information on your individual rights, please see the Information Commissioner’s Office website.   

Please note that there are statutory exemptions and restrictions that can, in some circumstances, be applied to exempt or qualify the right of individuals to exercise these rights. 

12. CHANGES TO THIS PRIVACY NOTICE 

We’ll amend this Privacy Notice from time to time to ensure it remains up-to-date and accurately reflects how and why we use your personal data. The current version of our Privacy Notice will always be posted on our website. 

This Privacy Notice was last updated on 21st November, 2024. 

13. CONTACT US 

You can decide not to receive communications or change how we contact you at any time. If you wish to do so, please contact membership@hiwwt.org.uk, call 01489 774400 (Monday-Friday 9am to 5pm), or write to the Membership Team, Hampshire & Isle of Wight Wildlife Trust, Beechcroft House, Vicarage Lane, Curdridge, Hampshire S032 2DP. 

If you would like further information on your rights or wish to exercise them, or have any questions in relation to this Privacy Notice or how we use your personal data, please contact Natasha Thorneloe, Director of Finances & Business Resources, Hampshire & Isle of Wight Wildlife Trust, Beechcroft House, Vicarage Lane, Curdridge, Hampshire S032 2DP or call 01489 774400 (Monday-Friday 9am to 5pm), or email membership@hiwwt.org.uk

If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can lodge a complaint with the Information Commissioner’s Office at www.ico.org.uk

If you wish to make a complaint (including a complaint about fundraising activity) which does not directly relate to your data protection and privacy rights, you can do so in accordance with our complaints procedure by contacting complaints@hiwwt.org.uk. Further information is available on our website: https://www.hiwwt.org.uk/contact-us