Privacy Policy

This policy was last updated in January 2022.


1. Introduction

This policy outlines how Friends of Lindi collects, processes, stores and uses data. It also describes your choices regarding use, access, and correction of your personal information.

By using our website or subscribing to any of our newsletters and updates, you consent to the data practices described in this Privacy Policy and you consent to our use of cookies. If you do not agree with the data practices or the use of cookies described in this Privacy Policy, you should not use our website or subscribe to our newsletters and updates. We may update this policy from time to time by publishing a new version on our website. Check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy by email.

Friends of Lindi (“we”, “us”. “our”) take your privacy seriously.

Friends of Lindi is the operating name for the UK charity Friends of Lindi (Tanzania), registered charity no.: 1176494.

We are committed to keeping your information secure and managing it in accordance with our legal responsibilities, under the General Data Protection Regulation (Regulation (EC) 2016/679 (“GDPR”) in the European Union (“EU”).

2. Who this policy applies to

This policy applies to anyone: using our websites; subscribing to our newsletters and updates; donating or funding; who is a member; taking part in campaign activity which requires the provision of data; enquiring about our services; who is a client; who is an associate.

3. Data gathering and usage

We collect data in the following ways:

3.1 Through our website

The primary purpose of our websites is to provide you with information regarding the services provided by Friends of Lindi and its activities.

We may process data about your use of our websites (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Google Analytics.

More information about the ways in which Google collect and process your personal data can be found here.

Usage data may be processed for the purposes of analysing the use of the website and services.

We may make usage data available privately or publicly to help others to understand who is making use of our websites and how. Data will be aggregated and the personal data of individual users will not be identifiable.

Our websites and newsletters include hyperlinks to third party websites. We are not responsible for the practices and privacy policies and practices of third parties. Please inform us if links signpost to harmful content.

It may be possible to set up a user account. You will be asked to register a username, password and email address so you can gain secure access to your account. Other personal data can also be provided and in some circumstances may be essential for the provision of a service.

Our websites use cookies. Cookies are small computer files which are downloaded onto your device when you browse the web. They collect information about the way in which you navigate and use the website and the wider web. This information may allow us to identify you or your approximate location. Cookies may help us provide you with a more personal experience. Information from cookies also allows us to make improvements to our services.

You may delete and block all cookies, or just certain types of cookies, via your browser settings. However, if you choose to block or delete cookies, this may affect the functionality of the website.

3.2 Through online forms or emails

We may process information submitted to us through forms on our websites or from emails sent to us (“submitted data”) such as: enquiries, contact forms, online pledges or newsletter subscriptions. Submitted data may be processed for the purposes of: providing updates and information about our programmes and services; promoting news and information from third parties which we believe might be of interest to you; and offering, marketing and selling relevant products and/or services to you.

Where submission data relates to a subscription to newsletters or updates we store you data in our own database using third party software, MailPoet, a marketing automation package to store and manage data and send electronic communications. By subscribing to newsletters and updates users acknowledge that the information they provide will be transferred to MailPoet for processing in accordance with their Privacy Policy. Personal data will not be used to subscribe an individual to a mailing list without their consent.

3.3 Through purchases and donations

We may process information relating to transactions, including donations, purchases of goods and services directly and/or through our websites (“transaction data”). The transaction data may include your contact details, your card or bank details, and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely our interest in the proper administration of our website and business.

Financial transactions through our websites may be handled by our payment services providers, PayPal or Stripe. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments, and dealing with complaints and queries relating to such payments and refunds. By making online transactions users acknowledge that the information they provide will be transferred to payment service providers for processing in accordance with PayPal’s and Stripe’s Privacy Policies. Transactions may also be processed via a third party website, People’s Fundraising. To complete these transactions you will be transferred to the Friends of Lindi account on the People’s Fundraising website. We will be able to access your data in order for us to complete the contractual arrangements of the transaction. People’s Fundraising Privacy Policy can be viewed here.

Transactions for events may also be handled by the event management service Eventbrite. Data provided by users to Eventbrite will be accessible to us and may be transferred to our data systems for processing in accordance with this policy. By making online transactions users acknowledge that the information they provide to Eventbrite will be processed in accordance with Eventbrite’s Privacy Policy.

3.4 Through service delivery

We may process personal data that is provided in the course of the use of our services (“service data”). The service data may include name, email address, postal address, service preferences, basic financial information and any correspondence. The source of the service data comes from clients/ potential clients during the negotiation and delivery of services.

We may also collate other forms of information which is in the public domain to assist with carrying out the services. Information may include published financial accounts, information on websites, information and reports on other websites and other forms of media and social media.

The service data may be processed for the purposes of providing our services, ensuring the security of our information and services, maintaining back-ups of our databases and files and for communicating with clients. We may generate information relating to clients whilst undertaking services, such as from conducting interviews with service users and staff, and undertaking impact assessment research.

We may administer online, paper form or telephone surveys using survey tools on our websites or through the online survey provider Survey Monkey. By providing responses to surveys respondents acknowledge that the information they provide will be processed in accordance with this policy and/or Survey Monkey’s Privacy Policy.

4. Compliance and legal claims

In addition to the specific purposes for which we may collect and process personal data as set out in section 3 we may also process personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

We will only use personal information in accordance with this Policy, or where we are required or authorised by law to disclose your information to others or, have your permission to do so.

We may process any of personal data identified in the other provisions of this policy where necessary for the establishment, exercise, or defence, of legal claims, whether in court proceedings or in an administrative, or out-of-court, procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

5. Other People’s Personal Data

Please do not supply any other person’s personal data to us, unless managing such data is part of a service agreement, under which circumstances the collection, usage and purpose for this data will be outlined in the service contract. In which case it must be ensured that they have agreed to this. We would advise keeping a record of their agreement and provide them with a copy of, or link to, this Privacy Policy.

Please be aware that we are not responsible for the data processing activities of others, such as our clients or funders. We will take reasonable endeavour to ensure suppliers will manage data in accordance with the law.

6. Passing data to third parties

We may pass your data to other campaigns that are in the furtherment of Friends of Lindi’s charitable objectives, but we will not subscribe individuals to services, newsletters and updates other than those they have consented to.

It may be necessary to disclose personal data to Volunteers and Associates working on our behalf for the purposes of effectively carrying out services. Volunteers and Associates will be required to uphold this policy when working on our behalf.

Personal data will be passed to and from our payment and other service providers, see section 3.

We may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Users acknowledge that personal data submitted for publication through our websites or other services may be publicly available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others. Options to contribute personal data, and therefore engage with the activity, without being publicly identified will be made available where possible.

7. Sensitive data

From time to time, we may seek consent to process sensitive personal data in respect of certain specific and limited purposes. We will always do this before processing any sensitive personal data: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning health or sex life and sexual orientation, genetic and/or biometric data. Do not provide us with sensitive personal data unless it is specifically requested, and we have your consent.

8. Retaining and deleting personal data

We keep your personal data for as long as required to provide our services, and in accordance with legal, tax and accounting requirements. Where personal data is no longer required, we will ensure it is disposed of in a secure manner. Where required by law, we will notify users when this has happened.

9. Security of personal data

We will take appropriate technical and organisational precautions to secure your personal data and to prevent the loss, misuse, or alteration of your personal data. We will store all your personal data on secure servers, personal computers, and mobile devices, and in secure manual record-keeping systems.

Any passwords you provide us will be stored by us in encrypted form.

Data relating to financial transactions that is sent from your web browser to our web server, or from our web server to your web browser, will be protected using encryption technology. Users acknowledge that the transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and we cannot guarantee the security of that data sent over the internet.

Users with accounts on our website should ensure their login password is not susceptible to being guessed, whether by a person or a computer program. Users are responsible for keeping their own password confidential. We will not ask users for their passwords.

Passwords may be provided to you, or changed, by our website administration and in which case should be changed by the user immediately.

We reserve the right to change a password or lock or delete a user’s account without notice if we believe that account has been compromised or is being misused by the user or another person or entity – that is promoting offensive content or operating significantly outside of the remit and purpose of the website they are subscribed to. Users will be informed of such action and provided with a reason for the action.

10. Rights under data protection law.

Users have the right to request copies of their personal data held by us. If they think any of that data is inaccurate, they may ask us to correct it. They may also have a right, in certain circumstances, to require us to stop processing personal data. Also, they have the right to ask us to transfer personal data to someone they nominate for their own purposes. They may exercise any of their rights in relation to personal data by contacting us using the email or postal address below.

Nobody is obliged to provide any personal data to us. However, please note that this may mean we will have difficulty in providing the full range of services to you.

Remember, consent previously given may be withdrawn at any time. Also, users have the right to ask us to stop processing any personal data and to have it erased.

Where personal data has been removed we reserve the right to maintain basic personal data such as your name, address and email address to ensure that personal data isn’t processed by us in the future.

11. Complaints

Complaints about how we have handled personal data can be made to us using the details below, and we will investigate your complaint. Please use the same contact details to instruct us to cease processing your personal data.

12. Contacting us

For questions about this Privacy Policy, or to exercise rights with respect to personal data, please contact us via the contact form on the homepage write to us at:

Data Administrator
Sandale
Old Lane
CROWBOROUGH
TN6 2AB