SPONSOR
DONATE
Data Protection, Information Security, and Privacy Policy

Introduction

We acknowledge and respect the confidentiality of personal data and information shared with us. We understand the importance of using, processing, and storing personal data securely and lawfully, in compliance with the UK General Data Protection Regulation (UK GDPR) and the guidance from the ICO (Information Commissioner’s Office). This policy statement explains how we collect, use, disclose, and safeguard your information when you visit our website, engage with our services, or interact with us.

Information We Collect

We may collect and process the following data about you:

  • Personal Information: Name, email address, postal address, phone number, and whether you are a taxpayer and authorise us to claim Gift Aid
  • Financial Information: Bank details and transaction history for donation and payment information.
    If you use your credit or debit card to donate or make payment to us, we will use a specialist payment processor. We will also ensure that card details are handled securely under Payment Card Industry (PCI) Data Security Standards. We do not store your credit or debit card details after completion of a transaction and all card details and validation codes are securely destroyed once the payment or donation has been processed.
  • Technical Data: IP address, browser type, and usage data for analytics and website improvement.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

How We Collect Information

We use different methods to collect data from and about you, including:

  • Direct Interactions: You may provide us with your personal data when you fill in forms, make a donation, subscribe to our services, or correspond with us by post, phone, email, or otherwise.
  • Automated Technologies or Interactions: As you interact with our website, we may automatically collect technical data about your equipment, browsing actions, and patterns through cookies, server logs, and other similar technologies.
  • Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties, including analytics providers, advertising networks, and search information providers.

Use of Your Information

We use the information we collect for the following purposes:

  • 1. To process donations and manage sponsorships
  • 2. To communicate with you, including responding to inquiries and providing updates about our initiatives.
  • 3. To improve our website and services by analysing user behaviour.
  • 4. To provide information about other services we offer that may interest you.
  • 5. To comply with legal and regulatory obligations.

Legal Basis for Processing

We process your personal data based on your consent, contractual necessity, or legitimate interest for the foundation's operation and service improvement.

Data Sharing and Disclosure

We do not sell or lease your personal data. We may share your information with trusted third-parties strictly for operational purposes.

  • Service Providers: Third-party companies that perform services on our behalf, such as payment processors, IT service providers, and marketing agencies.
  • Affiliated Organisations: Partners involved in our projects, including those based in the UK and Pakistan.
  • Legal Requirements: Authorities or regulators when required by law (e.g. to hold Gift Aid data for HMRC) or to protect the rights and safety of our organisation or others.

Cookies

Our website uses cookies to improve user experience and analyse website performance. Cookies may collect data such as your IP address, browser type, and pages visited. You can manage or disable cookies through your browser settings. However, disabling cookies may affect your experience on our website.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law. Personal information we no longer need will be securely deleted or anonymized.

Data Security

We implement strict security measures to protect your personal data from unauthorized access, alteration, or destruction.

Your Data Protection Rights

Depending on your location and applicable laws, you have the following rights:

  • Right to Access: Request a copy of your personal data.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data, subject to legal obligations.
  • Right to Restrict Processing: Request limitations on the processing of your data.
  • Right to Data Portability: Request transfer of your personal data to another organisation.
  • Right to Object: Object to data processing for certain purposes, including marketing.

To exercise your rights, please contact us using the details provided below.

International Data Transfers

As we operate in both the UK and Pakistan, your data may be processed outside of your home country. We take appropriate safeguards to ensure your data remains secure, including compliance with data protection regulations.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page, and we encourage you to review it periodically.