Privacy notice

The Chartered Secretaries’ Charitable Trust (‘the Trust’) was incorporated on 9 July 2013. Registered charity no. 1152784. Company registration no. 8602517. The Trust:

• serves The Chartered Governance Institute UK & Ireland members, graduates, students, employees and their families to relieve and help prevent financial difficulties,
• facilitates research to increase good governance for the benefit of the public and
• encourages the expertise of those in the field of governance with bursaries and prizes.

This Privacy policy statement describes the ways in which the Trust use and disclose personal data. This includes information received from applicants for financial assistance, our volunteer visitors and supporters, our Trustees and Support and Grants Committee members and from third parties.

Personal data

Personal data includes any information that identifies you personally, such as your name, address, email address or telephone number. The Trust respects the privacy of your personal information and complies with General Data Protection Regulations and the Privacy and Electronic Communications Regulations. Our privacy notice that provides greater details for applicants for financial assistance, along with our Data protection policy is available on our website and on request.

How personal data is obtained

The Trust processes personal information supplied to us in writing, via email, via the telephone, in person or online. This may be combined with information obtained from CGIUKI, our volunteer visitors, other charitable organisations, suppliers of bespoke services, our bank and online donation platforms.

Purpose of using your data

The Trust processes personal information where you have given your consent, or where there is a legitimate interest to fulfil charitable objectives and comply with legal requirements. For example:

• Applicants to the Trust for financial assistance are requested to provide information on their relationship to CGIUKI along with financial details of their household and health conditions of themselves or any dependents. This sensitive information helps to inform the Trust on additional financial needs.

The Trust has a legitimate interest in retaining and using this personal data as appropriate, to ensure that assistance is only provided to those who have a relationship to CGIUKI and that they have a genuine financial hardship.

• Volunteer visitors, Trustees and Support and Grants Committee members are required to consent to provide evidence of identity.

The Trust requires that all visitors undertake a criminal records check prior to their commencement of visits to beneficiaries. Prior to appointment, all Trustees are subject to checks that include the Charity Commission and Companies House.

• Supporters who Gift aid their donations are required to provide their address and sign a declaration and may also consent to give bank details to pay donations by direct debit.

The Trust has a legal obligation to provide data to HMRC where the donor has consented to claim Gift aid and an operational need for bank details should the supporter consent to provide ongoing regular donations.

Disclosure of information

All data is managed as strictly confidential, is only used for the purposes it was intended and is only disclosed to parties who have a need to access it to fulfil the charitable objectives or where required to do so by law. The Trust would always gain the individual’s consent prior to sharing with the third party and this consent can be withdrawn at any time.

• The Trust needs to disclose data to CGIUKI.

While the Trust controls the purposes, policies and processes of the data it obtains, records, uses and stores, the employees responsible for the day to day administration are employed by CGIUKI. CGIUKI also provide appropriate support through for example, their examinations, finance, IT and membership departments. CGIUKI is not permitted to use this information for any other purpose than to perform the processing service as instructed by the Trust.

• The Trust may disclose data to other third parties who provide services on behalf of the Trust.

The Trust may offer a beneficiary a bespoke service, for example an emergency alarm system to frail beneficiaries so that they can reach for assistance in case of a fall.

How long information is held

The Trust will securely maintain records in line with our Data protection policy. As a general rule, data is held for a maximum of six years following the cessation of the Trust’s relationship with the individual. After the six years, all paper and electronically held records would be securely destroyed. Please see our full Data protection policy for details.

Storage and security of personal data

To prevent unauthorised access, maintain data accuracy and ensure the correct use of information, the Trust has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information collected and processed on behalf of the Trust.

Your rights

You have the right to be informed about the processing of your personal data, request access to, rectification, deletion or restrict processing at any point. You also have the right to move, copy or transfer your personal data, object to the processing and rights in relation to automated decision making including profiling. To find out more, refer to the Information Commissioner’s Office (ICO) website: https://ico.org.uk

If you have any questions regarding this statement or concerns on the accuracy and use of your data, please contact the Charities Officer, (CSCT@cgi.org.uk), telephone: 020 7612 7048 who is responsible for the day-to-day administration of the Trust and for reporting any data breaches in respect of the Trust to the ICO and any serious incidents to the Charity Commission.