Privacy & Data Protection statement

What personal data we collect from you, why and for how long:

We collect, but are not limited to, the following personal information: Contact information (name, address, phone, email etc), relevant medical information, next of kin details, and bank details (only to process payments).

We use contact information for email and postal campaigns in relation to our charitable services. We do not use any of your information in automated profiling or decision-making purposes. The information we gather is used for the provision of our charitable services.

We only hold your data for as long as is required to provide, or contact you in relation to, our charitable services and as long as is required by law under business regulations.

How we store, process and protect your information:

Your personal data is stored on two systems. Details of these systems and their protection systems are below:

  • Lamplight

    This is our cloud-based database. All information stored on it is held on UK based encrypted servers. Lamplight’s privacy & data protection policies can be found here: http://www.lamplightdb.co.uk/the-system/gdpr/system-security

  • Microsoft Office

    Personal information is also stored as part of our working records on desktop computers and laptops. These records are prepared on Microsoft Office desktop products. These records are password protected then saved and backed up on multiple, encrypted, external drives on a regular basis.

How we use and distribute your information:

We only ever use your personal information in order to provide, or contact you in relation to, our charitable services or events. The only times we will distribute your personal data are: In providing our services, if requested to directly by you or due to legal requirements.

Your rights under the General Data Protection Regulations:

Under the general data protection regulations, you have the following rights in relation to the data we hold on you:

  • To be informed of what data we hold on you.
  • To access the information we hold on you, and port it to other platforms if you wish
  • To request that we rectify any information we hold that is incorrect.
  • To request that your information is deleted from our records, if there is no legal obligation for us to retain it.
  • To request we restrict the processing of your information. This means we may store the data but not use it.
  • To object to the processing of your information for direct marketing purposes.

You can request changes, deletion, or supply of your information as described above by contacting our Data Protection Officer (DPO), Mr Pip Millard, whose contact details are given at the bottom of the page.

Complaints and Queries:

If you have any queries in relation to the protection of your data or wish to raise a complaint please contact our Data Protection Officer (DPO): Mr Pip Millard, Northfield House, 51 Staplegrove Road, Taunton, TA1 1DG, E: accounts@somersetsight.org.uk: P: 01823 333818.

Our governing body in relation to Data Protection is the ICO, Wycliffe House, Wilmslow, Cheshire, SK9 5AF