PRIVACY POLICY

Your privacy is important to us

We ask that you read this privacy policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal information. There’s also information on your rights in relation to your personal information and how to contact us, as well as supervisory authorities, in the event you have a complaint.

This privacy policy is divided into the following sections:

  • Who we are
  • Our website
  • Our collection and use of your personal information
  • Transfer of your information out of the UK and EEA
  • Cookies and similar technologies
  • Marketing
  • Your rights
  • Keeping your personal information secure
  • How to complain
  • Changes to this privacy policy
  • How to contact us
  • Do you need extra help?

Who we are

We are Collateral Global (“Collateral Global”, “us”, “we” or “our”). Collateral Global is a company registered in England and Wales with company number 12998042 and whose registered office is at 71-75 Shelton Street, Covent Garden, London WC2H 9JQ.

We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union and the United Kingdom and we are responsible as ‘controller’ of that personal information for the purposes of those laws.

Our website

This privacy policy relates to our use of your personal information and your use of our website, collateralglobal.org only.

Throughout our website, we may link to other websites owned and operated by certain trusted third parties to provide the website service to you. These other third-party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other third-party websites, please consult their privacy policies as appropriate.

Our collection and use of your personal information

We may collect personal information about you when you access our website, contact us in any way, send us an email, provide your personal information to us during an interview or by any other method or make a donation via the Donor Box on our website.

We may collect this personal information from you either directly, such as when you contact us or provide us with data as part of our research or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below).

The personal information we collect about you may include:

  • date of birth, gender and marital status
  • your name, title, address, telephone number and contact details
  • bank account and payment details when making donations via Donor Box
  • details of any feedback you give us by phone, email, post or via social media
  • information about the services we provide to you
  • if applicable, your account details, such as username, login details

Certain categories of personal information are regarded by the law as more sensitive than others.

This is known as Special Categories of Personal Data and covers things like your race or ethnicity, religious or philosophical beliefs, sex life, information about your health, trade union membership and genetic and biometric data that is used to identify you.

We will always make it clear when we collect this information from you and why we are collecting it. We will only collect this personal information with your explicit consent.

We may use this personal information to:

  • create and manage a profile about you
  • verify your identity. Please note that your identity will not be published online or in any research paper, but we will need to verify your identity for Data Protection purposes.
  • to invite you to participate in surveys or research
  • deal with enquiries and requests about our organisation and/or services submitted to us via email or phone
  • for internal management such as internal record keeping or enquiries, feedback, complaints and data
  • to contact you and/or provide you with general information using the contact information you have provided
  • to create an email archive/database for research purposes
  • publish articles, interviews on our website
  • use as evidence within our own published content articles whether on our website or on a third-party’s website
  • verify any responses you provide to us within a recent market research study
  • analyse the information you provide us with other freely available public information
  • if applicable, provide services to you
  • customise our website and its content to your particular preferences
  • notify you of any changes to our website or to our services that may affect you
  • improve our services
  • other specific purposes that you may agree to from time to time

We do not knowingly collect or use personal information relating to children.

Our legal basis for processing your personal information

When we use your personal information, we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why.

The legal bases we may rely on include:

  • consent: in most instances, we will rely on obtaining your consent to use your personal information in a certain way (and we may ask for your explicit consent to share sensitive personal information with us).
  • legitimate interests: we typically rely on “legitimate interests” as a ground for processing your personal information as we believe it is in your legitimate interests to process your personal information. When we process your personal information in this way, we also consider and balance any potential impact on you (both positive and negative) and your rights under data protection laws. We will not use your personal information for activities where our interests are overridden by the impact on you.
  • contract: if applicable, where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
  • legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations)
  • Vital interests: where our use of your personal information is necessary to protect you or someone else’s life
  • Public task: where our use of your personal information is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.

Who we share your personal information with

We routinely share your email address and name with third parties, for example, in the following circumstances:

  • To research partners who need to access your personal information for research purposes.

If you would like further information about which third parties we share your personal information with please contact us using the details set out below.

This data sharing enables us to complete our research and write articles.

Some of those third-party recipients may be based outside the United Kingdom and European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the UK and EEA’.

We will share personal information with law enforcement or other authorities if required by applicable law.

We will not share your personal information with any other third party.

Whether information has to be provided by you, and if so why

We do not require you to provide us with personal information to access our website. We will inform you at the point of collecting information from you, whether you are required to provide the information to us in order to access a specific feature or service, such as submitting a contact request form.

Transfer of your information out of the UK and EEA

We may transfer your personal information to the following which are located outside the United Kingdom (UK) and European Economic Area (EEA) as follows:

  • to our website servers hosted by Amazon Web Services in order to make the website available to you. Please see Amazon Web Services privacy policy here.
  • The United States of America. The EU-US Privacy Shield Framework, as may be amended from time to time, allows for the transfer of personal information to a third party who is acting as a service provider, agent or data processor if we take certain steps to assure privacy and security protections. We take reasonable steps to require the third party recipient to protect your personal information in accordance with the EU-US Privacy Shield Framework.

Such countries do not have the same data protection laws as the UK and EEA. While the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the UK and EEA, any transfer of your personal information will be subject to appropriate safeguards (as permitted under Article 46(2) of the General Data Protection Regulation) that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. To obtain a copy of such safeguards you can email us at info@collateralglobal.org.

If you would like further information, please contact us (see ‘How to contact us’ below). We will not otherwise transfer your personal data outside of the area comprising the UK and EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

Cookies and other tracking technologies

A cookie is a small text file that is placed onto your device (eg computer, smartphone or other electronic devices) when you use our website. We use cookies on our website. These help us understand how our website is used.

For further information on cookies and other marketing technologies, our use of cookies or relevant similar technologies, when we will request your consent before placing them, and how to disable them, please see our Cookie Policy.

Marketing

We would like to send you information about our objectives, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call.

We will only ask whether you would like us and other organisations to send you marketing messages when you tick the relevant boxes while submit your details to us for any reason.

If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:

  • contacting us at info@collateralglobal.org
  • using the ‘unsubscribe’ link in emails

It may take up to seven days for this to take place.

For more information on your rights in relation to marketing, see ‘Your rights’ below.

Your rights

Under the General Data Protection Regulation, you have a number of important rights free of charge. In summary, those include rights to:

  • fair processing of information and transparency over how we use your use personal information
  • access to your personal information and to certain other supplementary information that this privacy policy is already designed to address
  • require us to correct any mistakes in your information which we hold
  • require the erasure of personal information concerning you in certain situations
  • receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
  • object at any time to processing of personal information concerning you for direct marketing
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
  • object in certain other situations to our continued processing of your personal information
  • otherwise restrict our processing of your personal information in certain circumstances

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

  • email us at info@collateralglobal.org,
  • let us have enough information to identify you such as your email address if you have submitted it to the website,
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
  • let us know the information to which your request relates.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

How to complain

We hope that we, or our Data Protection Officer, can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in a European Economic Area state or in the United Kingdom if you work, normally live or if any alleged infringement of data protection laws occurred in the relevant state. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

Changes to this privacy policy

This privacy policy was published on 1 November 2020 and last updated in April 2021.

We may change this privacy policy from time to time, when we do we will publish the policy to the website or, if possible, send you an updated version. You should check back periodically for changes. If you provided us with an email address, then we may email your email address to notify you of such changes.

How to contact us

Please contact us, or our Data Protection Officer, if you have any questions about this privacy policy or the information, we hold about you.

If you wish to contact us, please use the contact form found here.

Do you need extra help?

If you would like this privacy policy in another format (for example: audio, large print, braille) please contact us (see ‘How to contact us’ above).