Hand in Hand is committed to protecting privacy with regard all data that we collect, process or that is provided to us. This policy outlines how we use personal data to this effect.
Data Controller: Persons Responsible – Board of Directors of Hand in Hand
Persons handling data: Service Manager, Fundraising Officer
Collection of your personal data
We collect personal data from you which you volunteer when you:
- Avail of the services which we provide.
- Provide services on behalf of the organization
- Sponsor or donate to the organisation
- Volunteer for the organization
- Enter the employment of the organisation
This personal data is provided to us in the course of fulfilling our legitimate business.
The data we collect will include:
Families
- Name, date of birth, address and diagnosis of child
- Parent/guardian contact details
- Family composition
Service Suppliers
- Name, address, telephone number and email address
Volunteers
- Name, address, telephone number, email address
- Information necessary for Garda Vetting where appropriate
Donors
- Name, address, telephone number, email address
- Financial information necessary for agreed transaction
Staff
- Name, address, telephone number, email address
- PPS Number
- Bank account information
- Information necessary for Garda Vetting
We may also process other data for the purpose of marketing initiatives etc when you access our website or complete a registration in paper based form, you will be asked if you would like to ‘opt in’ to the use of your personal data for this purpose.
Storage of your personal data
We are committed to implementing and maintaining appropriate security measures to protect the security of your personal data. Once we receive your personal data, we use appropriate security measures to protect from unauthorized access and use including:
Family/Service Supplier/Staff/Volunteer
- Identifiable personal data on computer is password protected and encrypted
- Manual data is kept in locked cabinet, office locked when not in use
- Access to data restricted to authorized personnel
- Manual files kept hidden from callers to office
- Appropriate disposal of manual data
Donors
- In addition to the above measures, the organization uses the platforms below for donor transactions
- Paypal
- Idonate
Uses made and retention of your personal data
As outlined in our ‘Retention Schedule’, available from the Data Controller, we will use your data for the following reasons:
- In the course of fulfilling our legitimate business interests
- Complying with relevant legislation or directives
- For maintaining and improving the services we provde
We shall store your personal data for the above purposes for varying periods of time, as per our retention schedule. We will always ensure that the storage period is relevant, not excessive and for a legitimate purpose.
Disclosure of your information
We may disclose your personal data to third parties in the course of fulfilling our legitimate business interests. Currently we disclose your data to the following providers:
Family data:
- Some data may be shared with service providers
- Electronic records are stored in Mindaclient
- Data may be shared where there is a legal requirement
Volunteers:
- Data may be shared for vetting purposes
The rights of data subjects
In adherence to EU legislation, including the General Data Protection Regulation, data subjects have the following rights:
- The right to access data relating to you
- to obtain such copy a person must make a written request to Hand in Hand CLG, outlining sufficient detail to identify the data.
- The organization will acknowledge receipt of the request within 10 working days from the date of receipt.
- The organization will provide copies of data held and an explanation of said data within 30 working days of receipt of request.
- The right to rectification of data relating to you
- The right to object to processing of personal data relating to you
- The right to restrict the processing of personal data relating to you
- The right to erase or delate personal data relating to you
This policy will be reviewed annually and must be approved by the Board of Directors of Hand in Hand CLG. The policy may be reviewed more frequently if deemed necessary.
This policy should be viewed in conjunction with our Donor Charter for Data Protection issues relating to donors, sponsors and fundraisers and supporters, as well as the organisation’s volunteer policy.
Any changes to this policy will be updated on the Hand in Hand website where the most up to date policy will be available.
Any questions or requests in relation to this policy can be made to the Data Controller, Sarah Geoghegan ( sarah@handinhand.ie )