DATA PRIVACY NOTICE for ROMANIA INTERNATIONAL CHILDREN’S FOUNDATION 

May 2018 (to be updated May 2021)
 
1. Your personal data – what is it?


Personal data relates to a living individual who can be identified from that data.  Identification can be by the information alone or in conjunction with any other information in the data controller's (i.e. RICF) possession or likely to come into such possession. RICF keeps personal data such as names, addresses, email addresses, phone numbers where provided, and details of mailings sent to each person, and details of any donations made by each person.
 
Where donations or other payments are made through the charity’s website, payment information is transmitted and processed securely and is not held on the website or on the website provider’s servers. Where donations are made by other means, e.g. Easyfundraising, Justtextgiving etc, personal data provided by you to those third party organisations will be processed according to their own terms and conditions. Some of these services anonymise donations at which point RICF will not receive your personal data. 
 
In addition RICF keeps other personal information each individual has provided to RICF such as through correspondence by post or by email, and any other additional information provided when the individual signed up on the charity website.

For charity volunteers and those who visit Romania to see the work supported by RICF, we keep volunteer application forms and other supporting information, references and visit reports where provided.
 
Data may be held electronically and / or in written / printed format. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

 
2. Who are we?

Romania International Children’s Foundation (RICF), UK charity no 1063235, is the data controller for the purposes of GDPR (contact details below).  This means it decides how your personal data is processed and for what purposes.

 
3. How do we process your personal data?

RICF complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
 
We use your personal data to administer records of donors, supporters, contacts and other interested individuals and organisations, whose contribution to the work of RICF enables us to achieve the charity’s objectives, namely:

  • Providing loving families for abandoned and orphaned Romanian children.
  • Where possible, reuniting children with their own families, or else placing children with Romanian foster families who we recruit, train and oversee.
  • Educating and supporting mothers at high risk of abandoning their babies, to prevent child abandonment.
 More specifically we use your personal data:
  • To fundraise and promote the interests of the charity;
  • To maintain our own accounts and records (including the processing of gift aid applications);
  • To acknowledge donations;
  • To provide a security mechanism whereby we can restrict content on our website to a single user or a certain group of users;
  • To manage the charity’s volunteers and professional contacts;
  • To inform you of news, events and activities being organised by RICF and its partner organisation in Romania - Fundatia Internationala pentru Copii Romania (FICR).

4. What is the legal basis for processing your personal data?

  • Processing is necessary for carrying out legal obligations in relation to keeping financial records and processing of Gift Aid.
  • For individuals who have served as volunteers or have visited the projects supported by RICF in Romania, we keep details of your visit and your personal data for safeguarding purposes.
  • For individuals and organisations receiving regular updates, RICF has received your consent so that we can keep you informed about news, events and activities related to the work of RICF and its partner organisation FICR. If you are receiving these updates and do not feel that you have consented to receive them, please contact RICF or unsubscribe.  
  • RICF has a legitimate interest to acknowledge donations.

5. Sharing your personal data

 

Your personal data will be treated as confidential and will only be shared between approved members of the RICF team in order to carry out the activities of the charity. Team members will include individuals such as charity trustees, regional representatives, approved auditor / independent examiner of charity accounts, administrative assistant and website administrator. These team members will all be made aware of the charity’s requirement to treat personal data as confidential and will have agreed to abide by the charity’s privacy notice and confidentiality agreement.

  • The charity’s website, donor management and email marketing platform is Insight by Endis (https://www.endis.co.uk/).
  • Your personal data will not be shared with the Romanian-registered partner organisation FICR without your consent.
  • We will not share any individual user details (including your email address) with any third party without your consent.

 6. How long do we keep your personal data?


We keep data in accordance with the following timescales:
  • Data relating to donations and Gift Aid donations for a minimum of 7 years after the calendar year to which they relate;
  • Data relating to individuals who have consented to receive updates whilst their consent is active. If they withdraw their consent and ask to unsubscribe from mailings we will also delete their record from the charity’s database so long as this is not required for the purposes of financial records / Gift Aid records.
  • Data relating to trustees, volunteers and visitors to Romania permanently.
     

7. Your rights and your personal data 

 

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -

  • The right to request a copy of your personal data which RICF holds about you;

  • The right to request that RICF corrects any personal data if it is found to be inaccurate or out of date; 

  • The right to request your personal data is erased where RICF has no legal obligation to keep your data;

  • The right to withdraw your consent to the processing at any time;

  • The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller;

  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;

  • The right to object to the processing of personal data;

  • The right to lodge a complaint with the Information Commissioners Office.

For details on how to request a copy of your personal data, please see RICF's policy on responding to requests for personal data


8. Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

 

9. Contact Details

 
To exercise all relevant rights, queries or complaints please in the first instance contact RICF by email at admin@ricf.net or in writing to RICF at 53 Park Spring Drive, Sheffield, S2 3QS.
 
You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
 
 

 

General reminders from Endis about privacy

Remember to close your browser when you have finished your user session. This is to ensure that others cannot access your personal information and correspondence if you share a computer with someone else or are using a computer in a public place like a library or internet cafe. You as an individual are responsible for the security of, and access to, your own computer.

Please be aware that whenever you voluntarily disclose personal information over the internet that this information can be collected and used by others. In short, if you post personal information in publicly accessible online forums, you may receive unsolicited messages from other parties in return. Ultimately, you are solely responsible for maintaining the secrecy of your usernames and passwords and any account information. Please be careful and responsible whenever you are using the internet.

Our pages may contain links to other websites, and you should be aware that we are not responsible for the privacy practices on other websites.