At Dads Unlimited we want everyone who supports us, or who receives a service from us, to feel confident about how we use and protect any personal information that you share with us. This privacy notice is intended to explain how we collect and process data in compliance with the General Data Protection Regulation (GDPR) of 2018.
We are committed to protecting your personal data and making sure that we collect only the data that we need, that it is processed in a fair, transparent and lawful manner, that it is kept no longer than necessary and that it is thereafter securely destroyed.
We’ve implemented appropriate physical, technical and organisational measures to protect the personal data we have under our control, both on and off-line, from improper access, use, alteration, destruction and loss.
We will never sell or share your personal data with other organisations for marketing purposes.
Who we are
We are the charity ‘Dads Unlimited’. We are Registered Charity No. 1174832.
Our website address is: https://www.dadsunltd.org.uk.
What personal data we collect and why we collect it
If you complete the contact form on our website then you consent to us transmitting, receiving, and holding the data which you have provided. In terms of our registration form, this includes personal data and may include special category data. We hold this data securely and we will not share this data with anyone other than the Police and Social Services if there is a safeguarding or welfare issue. If you want to have your data removed from our system then please contact us and let us know.
If you are supporting us, for example by making a donation, we will collect data about your identity and any other information you choose to provide us with. The lawful basis on which we collect this data is ‘consent’. We will ask for your consent at the point at which we collect the data from you. The information will be used to process your engagement with us, for example processing a donation or Gift Aid.
We may also want to contact you with information about our work, such as events and training or other ways you can support us. However, we will only contact you in this manner if we have your explicit consent to do so. We will always let you know how you can stop receiving communications from us, for example with an ‘unsubscribe’ link in an email newsletter.
If you attend an event or take part in a promotional activity, we may ask to take your photograph or film you. We will need your consent in order to take and use these images fairly and lawfully.
If you share your personal experience or the experiences of a friend or relative, we may also collect this data. This kind of sensitive information is called ‘special category’ data, and we will treat it with extra care and confidentiality as discussed in the next section.
If we are providing you with a mentoring service, the lawful basis on which we collect personal data is ‘legitimate interest’. The legitimate interest we have identified is the pursuit of our mission as a charity – ‘to support separated families.’ To provide an effective and safe service we need to process information about you. We process this data only so far as is necessary for the provision of these services. Any additional processing of your data requires a different lawful basis – that of your ‘consent’.
If we have an agreement or contract with you to provide a specific service, for example, a training programme or counselling, the lawful basis on which we collect and process data is ‘contract’. This means that we are processing data in order to fulfil – or respond to your request to determine if we are able to fulfil – our obligations to you under the agreement.
We will only use personal and special category data to provide and evaluate the services we provide. We will not pass on the data we have about you to anyone apart from our Data Processors without your express permission except in exceptional circumstances, the lawful basis of which would be ‘vital interests’. Examples of these circumstances might include information that suggests you might be a danger to yourself or someone else, or information about a child at risk of harm or neglect.
Whilst you were employed, there are various ways in which we used your data. The type of information we initially hold may include: your application form and references, your contract of employment and any amendments to it; correspondence with or about you, for example letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary; information needed for payroll, benefits and expenses purposes; contact and emergency contact details; records of holiday, sickness and other absence; information needed for equal opportunities monitoring; and records relating to your career history, such as training records, appraisals, other performance measures and, where appropriate, disciplinary and grievance records. At the end of your employment all of your data associated with various software accounts we use to carry out our work are deleted. However, it is also useful for us to keep some of your data, which is limited to employment contracts, disciplinary, grievance and/or investigation records and HMRC payroll information, for a period of time, seven years, after the end of your employment; after which we will take all reasonable steps to permanently destroy all information we hold on you within six months. GDPR permits us to use this data for certain reasons only – the most common reasons we keep some of your data after your employment has terminated is where we need to keep your data in order to deal with any legal disputes that may arise involving you and/or where we need your data to carry out the charity’s legitimate interests.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use Jetpack analytics from Automattic (WordPress)
Who we share your data with (Data Processors)
We use secure software from providers including Go Cardless, Mailchimp, Microsoft Exchange, PayPal, Total Giving, Twilio, Typeform, WordPress, Xero, and Zoho. We have Data Processing Agreements in place to ensure the security of your data.
Anonymised data is shared with researchers and academic studies to further the interests of the Dads Unlimited community.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profiles. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
For service users that register for mentoring, counselling, pastoral support, or for those who email us at email@example.com – your data will be stored within our case management system for up to a maximum of 16 years. This is to ensure accurate record-keeping in the event of a Safeguarding issue.
What rights you have over your data
You have the right to request access to a copy of the personal data that we hold about you, along with information on what personal data we use, why we use it, who we share it with, and how long we keep it for.
If you have given us your consent to use personal data (for example, for marketing), you can withdraw your consent at any time.
You can ask us to change or complete any inaccurate or incomplete personal data held about you.
You can ask us to delete your personal data where it is no longer necessary for us to use it if you have withdrawn consent, or where we have no lawful basis for keeping it.
You can ask us to provide you or a third party with some of the personal data that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
You can ask us to restrict the personal data we use about you where you have asked for it to be erased or where you have objected to our use of it.
Note that some of these rights only apply in certain circumstances and we may not be able to fulfil every request.
If you wish to exercise any of these rights, or if you want to discuss with us any aspect of our privacy practices or make a complaint, please contact our Data Controller as shown below. Should you be unable to resolve a matter with us you can make a complaint to the Information Commissioner’s Office at https://ico.org.uk/
Our contact information (the data controller)
Unit 5 – 7 Metford, Evegate Business Park, Station Road, Smeeth, Ashford, Kent TN25 6SX
How we protect your data
All data is protected via industry-standard security protocols and passwords. Only those employees and contractors who need access to the data have access to data. Contractors have data processing agreements in place with us that ensures they comply with our high standards. Any data we share with outside agencies is anonymised.
What data breach procedures we have in place
As soon as we are made aware of any data breach we will publish a notice on the home page of this website and alert everyone we can via direct message or social media if they have been affected and if we have their contact details.
What third parties we receive data from
Any referring agencies who refer clients to us will share data with us