Privacy Policy

Disclaimer: This privacy policy is a template and should be reviewed by legal professionals before use. It outlines standard practices for data handling but may need customization for your specific circumstances.

1. Introduction

The Philip O'Donnell Charitable Trust ("we", "us", "our") is committed to protecting your privacy. This policy explains how we collect, use, and protect your personal data when you use our website and services.

We are a registered charity (number 1083565) and our registered address is BBB MARKETING 2013 LIMITED, 7 Kensington Park Gardens, London, W11 3HB.

2. Data We Collect

We may collect the following types of personal data:

• Contact information: Name, email address, phone number, postal address
• Application data: Information provided in grant applications, including personal circumstances, financial information, and supporting documentation
• Communication data: Correspondence with us via email, phone, or post
• Technical data: IP address, browser type, operating system, referring website, pages visited, and date/time of visits (collected via server logs)
• Cookie data: Preferences and settings stored via cookies (see Cookie Policy below)

3. How We Use Your Data

We use your personal data for the following purposes:

• To process and assess grant applications
• To communicate with you about your application or enquiry
• To manage our relationship with you
• To improve our website and services
• To comply with legal and regulatory obligations
• To protect against fraud and misuse of our services

4. Legal Basis for Processing

We process your personal data on the following legal bases:

• Consent: When you explicitly consent to specific processing (e.g., storing cookie preferences)
• Contract: When processing is necessary to take steps at your request prior to entering a contract (e.g., processing your grant application)
• Legal obligation: When processing is necessary to comply with the law (e.g., record-keeping for regulatory purposes)
• Legitimate interests: When processing is necessary for our legitimate interests (e.g., website security, fraud prevention), provided these interests are not overridden by your rights

5. Data Sharing

We do not sell or rent your personal data to third parties. We may share your data with:

• Service providers: Companies that provide services on our behalf (e.g., IT hosting, email services)
• Professional advisors: Lawyers, accountants, and other professional advisors as necessary
• Regulatory authorities: When required by law or to protect our rights
• Trustees and volunteers: For the purpose of assessing applications and managing grants

All third parties are required to protect your data and use it only for the purposes we specify.

6. Data Retention

We retain your personal data only for as long as necessary:

• Successful applications: 7 years from the date of the grant (for audit and regulatory purposes)
• Unsuccessful applications: 2 years from the decision date (in case of appeals or future applications)
• Enquiries: 2 years from the date of last contact
• Website analytics: 26 months
• Cookie preferences: 1 year

After these periods, data is securely deleted or anonymised.

7. Your Rights

Under data protection law, you have rights including:

• Right of access: To request copies of your personal data
• Right to rectification: To request correction of inaccurate or incomplete data
• Right to erasure: To request deletion of your data in certain circumstances
• Right to restrict processing: To request limitation of how we use your data
• Right to data portability: To receive your data in a structured, machine-readable format
• Right to object: To object to processing based on legitimate interests
• Right to withdraw consent: To withdraw consent at any time (where processing is based on consent)

To exercise these rights, please contact us using the details below. We may need to verify your identity before responding.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:

• Secure servers and networks
• Encryption of sensitive data
• Access controls and authentication
• Regular security assessments
• Staff training on data protection

Despite our efforts, no security measures are 100% secure. We cannot guarantee absolute security of your data.

9. Cookies and Local Storage

We use cookies and local storage for:

• Essential functions: Remembering your cookie preferences, accessibility settings, and form progress
• Analytics: Understanding how our website is used (only with consent)

You can manage cookie preferences via the cookie banner when you first visit our website. Most browsers also allow you to control cookies through their settings.

10. International Transfers

We generally store and process your data within the UK. If we need to transfer data outside the UK, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses.

11. Changes to This Policy

We may update this privacy policy from time to time. The current version will always be available on our website. Significant changes will be communicated to you where appropriate.

12. Contact Us

If you have questions about this privacy policy or how we handle your data, please contact:

Data Protection Contact
Philip O'Donnell Charitable Trust
BBB MARKETING 2013 LIMITED
7 Kensington Park Gardens
London, W11 3HB
Email: philip@bbbplc.com
Phone: 020 7229 6632

13. Complaints

If you have concerns about how we handle your data, please contact us first. You also have the right to complain to the Information Commissioner's Office (ICO):

ICO Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Website: www.ico.org.uk
Helpline: 0303 123 1113

Last updated: January 2025