PRIVACY POLICY

Chapel and York EU Foundation is committed to protecting and respecting your privacy.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. “Personal Data” is information that might help identify you as an individual, such as your name, or contact details.

We are focused on the protection of your personal data and privacy, so please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting using our website www.chapel-yorknetherlands.org you are accepting and consenting to the practices described in this policy.

How do we collect personal data?

We collect and process personal data according to this Privacy Policy. Chapel and York EU Foundation collects your personal data from the following sources: (1) data you give us and (2) data we collect about you.

  1. Data you give us

Most of the personal data we collect is provided freely by you when filling any forms on the Chapel and York EU Foundation website or by corresponding with us by phone, e-mail or otherwise.

  1. Data we collect about you

For each of your visits to the Chapel and York EU Foundation website, we will automatically collect the following pieces of data:

Cookies

A cookie is a small file that is put on your computer. This file identifies specific information about your visits to the site. Cookies can only be read, and therefore used, by our web servers. Our cookies do not save or store any personal information as such; they take the form of a unique numerical identifier that enables a computer, but not an individual, to be recognised. Cookies do not detect and cannot access any information you may have on your computer.

Persistent cookies

A persistent cookie remembers your computer and, by doing so, allows us to identify specific information about your visits to the site.

We use Google Analytics to assess your experience on our website by storing a non-intrusive

persistent cookie on your browser. This tool gathers anonymous data, which we use to continually improve our online services and information.

What personal data do we collect?

The personal data you give us, or we collect may include the following.

  • Contact form: when you make an enquiry for a named or affiliate fund, you submit your;
    • Name, and email address.
  • Fund Application form: when applying for a fund, you submit your:
    • name, email, telephone, address, passport or driving licence
  • Donor form: when donating to the Foundation you submit your:
    • Name, address, telephone number, email address
  • Director/Trustee form: to be a Director/Trustee of the Foundation, you submit your;
    • Name, address, data of birth, nationality, email address, telephone number, occupation
  • Bank Application form: to be a signature of the Foundation bank account, you submit your;
    • Name, address, nationality, email address, telephone number, occupation

Purposes of data processing

The data we collect, and process serves to fulfil the following functions: set up, service, and finance. Each one of these functions entices several purposes of processing data, detailed below.

  1. Customer service. This includes:
  • Account management;
  • Contact and queries (processing any contact or query received by email or phone, or notifying you about a change in our services).

Other uses of the data include:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and products that you request from us;
  • as part of our efforts to keep the Chapel and York EU Foundation website safe and secure

We do not use your personal data for automated decision making or profiling.

Legal basis for the use of your data

We rely on the following clauses as a legal basis for the collection and processing of your data:

  1. Perform the contract we are about to enter into or have entered into with you
  2. Legitimate interest

We also process data when it is in our legitimate interest to do so and when this interest is not overridden by your data protection rights (see further down for more information about your rights).

Our legitimate interests means the interest of our Foundation in conducting and managing our business to enable us to give you the best service and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where are interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted by law.

  1. Chapel and York EU Foundation may process your data to comply with our legal and regulatory obligations e.g. preventing, investigating crime or working with law enforcement agencies.

Who do we share it with? (third parties)

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. We will ensure that your information is not subsequently shared further by these third parties without our agreement. We shall not share your personal data with any third parties for marketing purposes.

We shall however, share your personal data with third parties, for the following reasons:

  • To meet any agreed contractual arrangements we have with you,  we may share your information with other service providers that we use to perform that contractual service. Examples of service providers include hosting services, suppliers and sub-contractors. We may also need to share your personal data with third party software or IT support providers for the purpose of system administration, data security, data storage, back up, disaster recovery and IT support.
  • We will also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation.

How do we store and protect your data

Your data is securely stored and kept inside the European Economic Area (EEA) using access controls. The file sharing system is GDPR compliant.

We will regularly review our retention of your personal data and delete any personal data which is not necessary for us to retain. Your data is stored according to the following retention schedule:

Retention schedule

    • Donor data is no longer required and will be removed or anonymised.
    • Other data listed above with we reviewed category by category and on held on a need basis.

Retention cessation. If you request to delete your data, then the data will stop being retained and deleted or anonymised immediately.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to Chapel and York EU Foundation ; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

International transfers of personal data

Though Chapel and York EU Foundation is based within the EU and is subject to GDPR, there are instances where we may send information outside of the EU or EEA, due to the nature of Chapel and York EU Foundation (donor information to a grantee) and the technologies required (transmission of data via Internet), your data may be transferred to a destination outside the EEA.

In the case donor data your consent is required.

What are your rights as a data subject?

  1. You have the right to ask us not to process your personal data.
  2. You have the right to withdraw your consent to the processing of your personal data by submitting a written request to that effect to datacompliance@chapel-york.com
  3. You have the right to have your personal data corrected if inaccurate
  4. You always have the right to request for the deletion of your data.We have a formal process which we will follow if you decide you would no longer like us to retain our data. Once the request has been received, it will take 7 business days for it to be completed. Please e-mail datacompliance@chapel-york.com if you would like to request deletion of your data.
  5. You have the right to have access to your personal data that Chapel and York EU Foundation hold. If you require access the use a subject access request form.

If you are unhappy with the way your personal data has been processed by us, you have the right to lodge a complaint with the Dutch DPA

The Chapel and York EU Foundation website may, from time to time, contain links to and from the websites of our partner networks, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Changes to this policy

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to datacompliance@chapel-york.com.

info@chapel-yorkeu.org

Joop Geesinkweg 901-999, 1114 AB Amsterdam-Duivendrecht

+44 (0)1342 871910