Donate now
Close

Privacy Policy

At PTEN Research, we are committed to protecting and respecting your privacy. This privacy notice tells you what to expect us to do with your personal information.

Contact details

By post to:

  • The Director of Finance & Business Administration, PTEN Research Foundation, 4th Floor, St. James House, St. James Square, CHELTENHAM, Gloucestershire, GL50 3PR, United Kingdom.

By email to:

  • contact@ptenresearch.org

What information we collect, use, and why

We collect the following personal information if you wish to subscribe to our newsletter:

  • Names and contact details.

This information is automatically collected via our website by Campaign Monitor, the company which manages the circulation of our newsletter on our behalf. You can read more about Campaign Monitor and how they process data here:  https://help.campaignmonitor.com/s/article/how-we-keep-your-data-private-and-secure.

We also collect personal information in order to process charitable donations that we receive by post, given our status as a charity registered with the Charity Commission for England and Wales:

  • Names and contact details of donors.
  • Your payment details (including card or bank information for transfers and direct debits).
  • Your financial transaction information.

Our website directs prospective donors to KindLink, the charitable donation platform with which we have an account, and which processes donations on our behalf. Donors who use KindLink to make donations to us are directed to the privacy statement on KindLink’s website here https://www.kindlink.com/privacy-policy We access donors’ personal information through our KindLink account to ensure donations to the Foundation and related Gift Aid claims from HMRC are properly processed. 

In the event that donors wish to make substantial donations (typically of £10,000 or more), we may ask you to provide us with additional information in order for us to comply with the UK Fundraising Code of Practice and the Proceeds of Crime Act 2002.

Lawful bases

Our lawful bases for collecting or using personal information for subscription to our newsletter and for processing charitable donations are:

  • Consent - we have permission from you after we give you all relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
  • Legitimate interests – we are collecting or using your information because it benefits you, our organisation or someone else, without causing an undue risk of harm to anyone. All of your data protection rights may apply, except the right to portability. Our legitimate interests are that we collect personal information of donors who send us cheques in the post so that they can be credited to our bank accounts and used for the charitable purpose intended by the donor

In respect of substantial donations, where we may ask for additional information from donors in order to comply with the UK Fundraising Code of Practice and the Proceeds of Crime Act, we may be obliged to report these to the Charity Commission under its Serious Reporting Regime if our due diligence requirements are not met.

Where we get personal information from

How long we keep information

We retain personal information on subscribers to our newsletters only for so long as you chose to remain a subscriber.

We retain personal information on donors for 6 years following the end of the financial year in which a donation is made in order to comply with Companies Act and HMRC requirements. The Foundation's financial year ends 31st March.

Who we share information with

  • HMRC – in instances where Gift Aid claims are made. The HMRC is a controller of information relating to Gift Aid claimants, and we must provide HMRC with the information necessary for donors who are eligible for Gift Aid to receive their associated tax credits.HMRC’s privacy statement can be found here https://www.gov.uk/government/publications/data-protection-act-dpa-information-hm-revenue-and-customs-hold-about-you/data-protection-act-dpa-information-hm-revenue-and-customs-hold-about-you.
  • Campaign Monitor - if you sign up to receive our newsletter, your details are processed by the company, Campaign Monitor, who manage our newsletter circulation on our behalf. You can read more about Campaign Monitor and how they process data here https://help.campaignmonitor.com/s/article/how-we-keep-your-data-private-and-secure.
  • Webreality – a company that manages our website for us. Webreality processes information as directed by the Foundation, for the purposes set out in this privacy notice. Webreality also provide Google Analytics with de-identified data on visitors to our website for the purpose of providing us with feedback that will improve the experience of visitors to our website.You can read more about how Webreality process data here https://www.webreality.co.uk/privacy-policy/#:~:text=We%20will%20only%20use%20your%20personal%20information%20for%20the%20purposes,compatible%20with%20the%20original%20purpose.
  • Dropbox and CloudAlly - cloud-based platforms with which we contract to store our data. These organisations have multi-layered security that includes encryption and maintain our data on servers located internationally. We limit access to such information held on our behalf to Foundation staff and trustees for whom such access is essential for operating and governance purposes.
  • GoDaddy - a company that manages our email and other software applications that we use. GoDaddy has multi-layered security that includes encryption and maintains our data on servers that are located internationally.
  • Where necessary, personal information may also be shared with regulatory authorities, courts, tribunals, government agencies and law enforcement agencies. While unlikely, we may be required to disclose your information to comply with regulatory requirements. We will use reasonable endeavors to notify you before we do this, unless we are legally restricted from doing so.

How we protect your information

When you provide personal information to PTEN Research, we implement a variety of security measures to maintain the safety and integrity of your details, and protect your information from loss, misuse, unauthorised access or disclosure, alteration, or destruction. The details about you kept by us, or by  the third-party organisations with which we contract, are protected with restricted and limited access, as well as a rigorous authorisation process upon accessing.

Your data protection rights

Under data protection law, you have rights including:

  • Your right of access - You have the right to ask us for copies of your personal data.
  • Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances.
  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances.
  • Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
  • Your right to data portability - You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.
  • Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent.

You do not usually need to pay a fee to exercise your rights. If you make a request, we have one calendar month to respond to you.

To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.

How to complain

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice.

If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.

The ICO’s address:           

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

Website: https://www.ico.org.uk/make-a-complaint

Last updated

September 2024