How Virgin Money Giving holds and uses information about you.
This notice explains how Virgin Money Giving holds and uses your personal information when you are registered as an account holder for the charity you represent.
Data Protection law requires us to have one or more of the following reasons for using your information:
1. "Service" – where the information is needed to administer and provide the online fundraising service we provide.
2. "Legal obligation" – where we are required by law to process your information, e.g. to verify your identity.
3. "Legitimate interest" – in some cases we're allowed to use your information where, on balance, the benefits of us doing so are legitimate and not outweighed by your interests or legal rights e.g. for our own management analysis and reporting purposes.
These are the main ways we'll use your personal information (and the reasons for doing so):
We use the information about you to fulfil our obligations to your charity under the terms of our agreement, to promote the aims of your charity, encourage and enable online fundraising and to collect and administer donations. We use the information about you to provide you with secure access to restricted parts of our website specifically for our charity customers, to administer your account, and to personalise your repeat visits to our website and content you see from us on social media networks. We may send you service emails to help you administer your account or to tell you and your charity about changes to our service. (Service)
Whilst you're a registered with us, we will use your information to send your emails and reach you with content on social networking sites, all designed with the sole purpose to help you and your charity get the most out of the membership you have with us, but you can opt out of these at any time. However, if you do, you and your charity will miss out on important fundraising tips, alerts, reminders and any rewards we provide from time to time to our members, as well as these communications. (Service)
To combat the threats posed to our society by terrorism and money-laundering and to avoid losses caused by financial crime such as fraud. We may use information about you (including information about criminal proceedings) for the purpose of preventing, detecting and prosecuting financial crime and the funding of terrorism. (Legal obligation)
To run our business in a correct and commercially sensible way and to comply with our legal and regulatory responsibilities, we may use the information about you to help us do this, e.g. to analyse the performance of our marketing, products and any trends or behaviours. (Legitimate interest)
We may also use the information about you to help us develop and test our systems (including new technologies and services) to ensure that they are safe and will work in the ways in which we expect them to. When we do this we'll use processes and technologies that are designed to keep this information secure. (Legitimate interest)
All countries within the EEA, which includes the UK, have similar standards of legal protection for your personal information. To provide some products and services we transfer and process information in countries outside the EEA where there aren't similar standards. In these cases we'll take all reasonable steps necessary to make sure your information is protected to UK standards. This may be through only allowing transfers to countries which have been officially recognised as having an adequate legal framework for the protection of information (an 'adequacy decision'). It may be through having recognised safeguards in place with our commercial partners, such as using standard terms in the contracts we have with them that are recognised and approved by our regulators as imposing high standards for the protection of information or where our commercial partner is a signatory to a recognised and binding code of conduct.
To find out more about any particular uses of information in countries outside the EEA, the existence of an "adequacy decision" for that country or the safeguards we have put in place, please send an email to firstname.lastname@example.org
You have the right to access the information we hold about you, ask us to rectify any of that information, erase it, restrict or object in whole or part to the processing of it and ask us to make the information we hold about you portable. If you want to exercise any of these rights, please send an email to email@example.com
We'll retain information for no longer than is necessary and this will mean that we'll continue to hold some information for a period of time after our relationship has ended. This is to comply with our legal and regulatory obligations to keep records of our relationship, to resolve disputes or where it may be needed for future legal proceedings.
If for whatever reason you are unhappy with any way we are using your personal data you should contact us in the first instance so that we can understand your issue and try and resolve it. We may ask our Data Protection Officer to look at your situation. You can contact our Data Protection Officer by email at CYBG.firstname.lastname@example.org or by post at Group Data Protection Officer, Group Risk, Level 3, 51 West George Street, Glasgow G2 2JJ.
If we can't resolve the issue you have the right to complain to the Information Commissioners Office (ICO). The ICO is the UK's independent body set up to uphold information rights. For further information visit ico.org.uk