Shropshire Wildlife Trust protects wildlife where you live. We are the county's leading environmental charity, supported by 11,000 members.
Our mission is protect and enhance the wildlife and wild places of Shropshire and to promote understanding, enjoyment and involvement in the natural world.
With strength of numbers and over 50 years of experience behind us we are an increasingly effective champion for local wildlife.
2. Our commitment to your privacy
We are committed to keeping the personal details of our members and supporters safe. This policy explains how and why we use your personal data, to ensure that you remain informed and in control of your information.
Any references to Shropshire Wildlife Trust, the Trust, or to ‘we’ or ‘us’ refer to:
• Shropshire Wildlife Trust We are a registered charity in England and Wales, and our registered charity number is 212744.
• Shropshire Wildlife Trading Company Limited, our charitable trading company; (registered company number 729746). The company is a wholly owned subsidiary of Shropshire Wildlife Trust, which trades only to raise funds for our charitable organisation.
We use three key definitions to describe people mentioned in this policy. These are definitions used by the Information Commissioner’s Office (ICO), the UK’s independent body set up to uphold information rights (www.ico.org.uk)
• ‘Data subject’: this is you, one of our loyal members and supporters. As the data subject, we respect your right to control your data.
• ‘Data controller’: this is us, Shropshire Wildlife Trust. With your permission, we determine why and how your personal data is used (as outlined in this policy).
• ‘Data processor’: this is a person, or organisation, who processes your data on our behalf, with your permission. For example, this might be a mailing house who sends your membership magazine to you, on our behalf (due to the size of our organisation, it’s more cost-effective to outsource ad-hoc and large-scale tasks like this).
When we work with other organisations or individuals in this way, we always set up a written contract with them to protect your data. The third parties we work with at no point ‘own’ your data, so you will never hear from them independently and they will always delete your data from their systems when they have completed the task in hand. We always send your data to partner organisations securely, to minimise the risk of it being intercepted by unknown individuals and/or organisations.
We will never sell your personal data.
We use your personal data to keep in touch with you.
We will only ever collect, store and use your personal data when we have an identified purpose and reason to do so. The ICO refers to this as a ‘lawful basis’. Further information about why we collect your personal data is outlined below.
a) To administer your Shropshire Wildlife Trust membership
We collect your personal data to administer your membership, which may involve:
• Sending you your membership welcome pack when you first join us
• Processing your Direct Debit subscription payments, if you have set this donation process up with us
• Sending you your membership renewal letter
• Getting in touch should there ever be any issues processing your subscription payment
b) To send you items purchased from our online shop, including event bookings
We collect your personal data to send you:
• items you have purchased from our online shop
• information about events you have booked onto
The ICO define the lawful basis for processing your data for these purposes as ‘contractual’.
c) To send you information about our work and ask for your opinion
We also collect your personal data so that we can send you information about our work that we feel will be of interest to you. This includes your membership welcome pack, membership magazine, fundraising appeals, events, campaigning opportunities, membership, services, products, newsletter requests, feedback, competitions and other activities, as well as information about other carefully selected organisations that we work in partnership with (such as Vine House Farm’s bird seed catalogue). From time to time, we may also use your personal data to ask for your opinion about our work.
This information is in addition to that outlined in sections a) and b) and is defined as ‘direct marketing’ by the ICO.
i) Joint and family membership
If you are a ‘joint’ or a ‘family’ member of our Wildlife Trust, we will address communications to all those listed on your membership. If you wish to update this at any point, please let us know.
ii) Gift membership
If your Wildlife Trust membership was purchased as a gift, we will use the address provided by the purchaser by to send you information about our work in the post. This will include a ‘renewal letter’, which we will send you when your membership is due to expire, to see if you would like to continue supporting our charity.
iii) When your membership has ended
Unless we hear from you directly, we will continue to send you information about our work for up to [6 months] after your membership has ended. This is just in case your support was cancelled accidentally, by for example changing your bank account details, and you wish to update your details with us.
Your personal data also helps us to get to know you better and to develop a ‘profile’ of you on our secure supporter database. This ‘profile’ enables us to send you the information listed above in a timely and relevant way, to suit you. For example, keeping track of the donations you make to our organisation helps us to send you information about fundraising appeals that we feel you would like to hear about. Likewise, keeping a record of your wildlife interests that you may tell us about in one of our Membership Surveys, helps us to send you relevant project updates.
As defined by the ICO, we use two different lawful bases for processing your data for ‘direct marketing’ purposes:
i) Legitimate interest
This is where we have identified a genuine and legitimate reason for contacting you, which crucially does not override your rights or interests
We use legitimate interest to send you the information listed above by post or telephone (if you are not registered with the Telephone Preference Service, and you have given us your telephone number).
ii) Opt-in consent
This is where you have given us express permission to contact you by particular communication channels.
We use opt-in consent to send you the information listed above by email, text message (SMS) or telephone (if you are registered with the Telephone Preference Service)
We respect your right to update the way we get in touch with you about our work at any time.
d) To enable you to volunteer with us
If you are a Shropshire Wildlife Trust volunteer, we collect your personal data so that we can keep in touch with you about, for example:
• changes to planned volunteer work programmes that you may be taking part in
• the positive impact you have on our work, by sending you our volunteer newsletter
• dedicated volunteer thank-you events
As defined by the ICO, the lawful basis for processing your data for these purposes is ‘contractual’ (where administering your volunteer record) and ‘legitimate interest’ (when sending you information about our work).
4. What kind of personal data do we collect? How do we collect it?
a) Basic information
We will usually collect basic information about you, including your name, postal address, telephone number, email address and your bank details if you are supporting us financially.
Most of the time, we collect this data from you directly. Sometimes this is in person; other times, it is over the telephone, in writing or through an email. Occasionally we obtain information, such as your telephone number or other contact details, from external sources (only where you have given permission for such information to be shared).
b) Getting to know you better
We also collect information about you that helps us to get to know you better. This may include:
• information about your wildlife interests, which you tell us through our Membership Surveys
• records of donations you’ve made towards fundraising appeals
• your preferences of how you would like us to contact you
• ways you’ve helped us through volunteering your time
• records of events you’ve attended, or campaigns or activities that you’ve been involved in
Sometimes we will collect other information about you such as your date of birth and gender. When we do so, we will be very clear as to why we are collecting such information, and we will only do so with your specific consent and permission.
Once again, most of the time we collect this data from you directly.
Other ways in which we collect personal data to get to know you better include:
i) Our website
Our website uses ‘cookies’ to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites.
Our cookies help us:
• Make our website work as you'd expect
• Remember your settings during and between visits
• Improve the speed/security of the site
• Allow you to share pages with social networks like Facebook
• Continuously improve our website for you
ii) Third parties
From time to time we may pay for the contact details of people who might be interested in hearing from us in future. Before we purchase contact information, we always check the wording used when your information was originally collected, to make sure that we only contact people who have actively expressed an interest in receiving information from third parties.
When providing permission for third party organisations to share your data you should check their Privacy Policies carefully to understand fully how they will process your data.
c) Sensitive personal data
We do not normally collect or store sensitive personal data (such as information relating to health, beliefs or political affiliation) about supporters and members. However, there are some situations where this will occur.
When we do so, we will be very clear as to why we are collecting such information, and we will only do so with your specific consent and permission. In these situations, we collect the data from you directly.
If you are a volunteer then we may collect extra information about you, for example:
• criminal records checks
• details of emergency contacts
• medical conditions
We may also collect sensitive personal data if you have an accident on one of our reserves. This information will be retained for legal reasons, for safeguarding purposes and to protect us (including in the event of an insurance or legal claim). If this does occur, we’ll take extra care to ensure your privacy rights are protected.
d) Children and young people
In line with data protection law, we will not collect, store or process your personal details if you are under 13 years of age; unless we have the express permission from your parent or guardian to do so.
If we have the permission of your parent or guardian, and you are a Wildlife Watch member, we will capture your date of birth at the point of joining. This is so that we can send you information that we feel is suitable to your age.
For further information, please see our Safeguarding Vulnerable People policy.
5. How do we store your data?
All of the personal data we process is processed by our staff in the UK. However, for the purposes of IT hosting and maintenance your information may be situated outside of the European Economic Area (EEA). This will be done in accordance with guidance issued by the Information Commissioner’s Office.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data.
b) Payment security
All electronic Shropshire Wildlife Trust forms that request financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers.
If you use a credit card to donate, purchase a membership or purchase something online we will pass your credit card details securely to our payment provider (Stripe). Other payment methods (e.g. Paypal) are handled in a similar manner.
Shropshire Wildlife Trust complies with the payment card industry data security standard (PCI-DSS) published by the PCI Security Standards Council, and will never store card details.
Of course, we cannot guarantee the security of your home computer or the internet, and any online communications (e.g. information provided by email or our website) are at the user’s own risk.
c) Data retention policy
We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required.
For further information, please see our Data Retention Policy.
6. Your rights
We respect your right to control your data. Your rights include:
a) The right to be informed
This privacy notice outlines how we capture, store and use your data. If you have any questions about any elements of this policy, please contact us.
b) The right of access
If you wish to obtain a record of the personal data we hold about you, through a Subject Access Request, we will respond within one month.
c) The right to rectification
If we have captured information about you that is inaccurate or incomplete, we will update it.
d) The right to erase
You can ask us to remove or randomise your personal details from our records.
e) The right to restrict processing
You can ask us to stop using your personal data.
f) The right to data portability
You can ask to obtain your personal data from us for your own purposes.
g) The right to object
You can ask to be excluded from marketing activity.
h) Rights in relation to automated decision making and profiling
We respect your right not to be subject to a decision that is based on automated processing.
For more information on your individual rights, please see the Information Commissioner’s Office.
Shropshire Wildlife Trust want to exceed your expectation in everything we do. However, we know that there may be times when we do not meet our own high standards. When this happens, we want to hear about it, in order to deal with the situation as quickly as possible and put measures in place to stop it happening again.
We take complaints very seriously and we treat them as an opportunity to develop our approach. This is why we are always very grateful to hear from people who are willing to take the time to help us improve.
Our policy is:
• To provide a fair complaints procedure that is clear and easy to use for anyone wishing to make a complaint.
• To publicise the existence of our complaints procedure so that people know how to contact us to make a complaint.
• To make sure everyone in our organisation knows what to do if a complaint is received.
• To make sure all complaints are investigated fairly and in a timely way.
• To make sure that complaints are, wherever possible, resolved and that relationships are repaired.
• To learn from complaints and feedback to help us to improve what we do.
All complaint information will be handled sensitively, in line with relevant data protection requirements.
Overall responsibility for this policy and its implementation lies with the CEO.
Information Commissioner’s Office
For further assistance with complaints regarding your data, please contact the Information Commissioner’s Office, whose remit covers the UK.
Information Commissioner’s Office
We are not responsible for the privacy practices or the content of any other websites linked to our website. If you have followed a link from this website to another website you may be supplying information to a third party.
We update this policy periodically.
Last updated: May 2018