Introduction

At Mary’s (St Mary Islington Community Partnership), we are committed to maintaining the trust and confidence of everyone we work with and for. We will therefore take all necessary steps to look after the personal data we obtain in the course of our work. We want to reassure you that we are not in the business of selling, renting or trading e-mail lists and contact details. We will always use personal data lawfully and in accordance with the intended purpose it was collected for in the first place. This Website privacy statement is written to give you complete clarity and transparency about why we collect personal data, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.

Who we are

Our website address is: http://marys.org.uk

Our registered legal name is St Mary Islington Community Partnership Registered Company number 6734354, Charity Registration 1127269. We are a "data controller" for the purposes of the General Data Protection Regulation 2016/679 ("GDPR" ). We are committed to protecting your privacy and processing your personal data fairly and lawfully in compliance with the GDPR.  Our registration reference with the Information Commissioner's Office is: Z2951030 . You can contact our Data Protection Lead by emailing [email protected].

In using our website and online bookings database and receiving our services you consent to the collection, use, disclosure and transfer of your Personal Data as set out in this Privacy Statement.

Fair and lawful Processing

We will only process your Personal Data, where:

(a) you have given your consent to such processing (which you may withdraw at any time, as detailed under section entitled “Your rights”);

(b) the processing is necessary to provide our services in our setting and through our website and third party hosted online databases;  

(c) the processing is necessary for compliance with our legal obligations; and / or

(d) for our legitimate interest or those of any third party recipients that receive your Personal Data (as detailed under section entitled “Third parties we may share your data with”).  

By "processing" , we mean the collection, recording, storage, use, disclosure and any other form of operations or dealings with you and your child’s Personal Data.

What types of personal information do we obtain/process?  

In the course of our business we may need to gather and use "Personal Data" about you, by which we mean any information about you from which you can be identified. We collect and use the following personal data:

  • Information about your computer and about your visits to and use of this website;
  • Information that you provide to us when completing a Contact Form on our web site (including your email address);
  • Information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters by becoming “Mary’s Friend”;
  • Information that you provide to us when using the services on our website, or that is generated in the course of the use of those services;
  • Information relating to any purchases you make of our services or any other transactions that you enter into through our website.  
  • Information contained in or relating to any communication that you send to us or send through our website; and
  • Any other personal information that you choose to send to us.
  • Before you disclose to us the personal information of another person, you must obtain that person's consent to both the disclosure and the processing of that personal information.

Using personal information

We may use your personal information to:

  • administer our website and services;
  • personalise our website for you;
  • enable your use of the services available on our website;
  • supply to you services purchased through our website;
  • send you non-marketing commercial communications;
  • send you email notifications relating to your bookings with us;
  • send you our email newsletter, if you have requested it (you can unsubscribe any time if you no longer require the newsletter);
  • send you marketing communications relating to our organisation,  where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications);
  • deal with enquiries and complaints made by or about you relating to our website;
  • keep our website secure and prevent fraud.

All our website financial transactions are handled through our payment services providers  GoCardless and  WorldPay. You can review the provider's privacy policies. We will share information with our payment services provider only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.

Disclosing personal information

We may disclose your personal information to our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this statement.

We may disclose your personal information:

  • to the extent that we are required to do so by law;
  • in connection with any ongoing or prospective legal proceedings;
  • in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
  • to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.

Except as provided in this policy, we will not provide your personal information to third parties.

Use of cookies

Cookies are small text files that are placed on your computer by websites that you visit. To learn more about cookies, you can visitwww.aboutcookies.org. You will also find details on how to block and delete cookies from your computer as well as more general information about cookies. For information on how to do this on the browser of your mobile phone you will need to refer to your handset manual.

The cookies we use

Google Analytics – These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. This data helps us to understand:

  •        Which pages people visit on the site
  •        Which internet browsers are being used
  •        What is popular on the site
  •        Which interactive tools are used by visitors

You can find out more about Google’s cookies on their privacy policy: http://www.google.com/intl/en/policies/privacy/.  You can also install the Google Analytics Opt-out tools in your browser:https://tools.google.com/dlpage/gaoptout

By using our website, you agree that we can place these types of cookies on your device.

YouTube & Vimeo – If you play an embedded video on our site, there may a cookie set by YouTube or Vimeo containing anonymous, non personally-identifiable information about the number of playbacks of embedded videos. To find out more please visit YouTube’s embedding videos information page. You can find out more on the Google Privacy Policy (Google owns YouTube):http://www.google.com/intl/ en/policies/privacy/ and the Vimeo Privacy Policy: http://vimeo.com/privacy

Sharing Tools – If you use one of the ‘Share’ buttons, an anonymous cookie may be set by addthis.com to help you to easily bookmark/share selected pages through a number of popular social networks. They also help us know what pages are being bookmarked/shared. You can find out more on the AddThis Privacy Policy:http:// www.addthis.com/privacy. If you ‘Like’ or ‘Tweet’ using these services, third party websites may set a cookie when you are also logged in to their service (like Facebook or Twitter). We do not control these cookies and you should check the relevant third party website for more information about these cookies.

Data security

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

How long we keep your personal data

We will keep your personal photographic/video data for 3 months unless it is required for one of the reasons listed above under ‘Why we process your personal information’ e.g. assisting with the prosecution of offenders in which case it will be kept for as long as the legal proceedings require it.

Your data may also be available to our website provider to enable us and them to deliver their service to us, carry out analysis and research on demographics, interests and behaviour of our users and supporters to help us gain a better understanding of them to enable us to improve our services. This may include connecting data we receive from you on the website to data available from other sources. Your personally identifiable data will only be used where it is necessary for the analysis required, and where your interests for privacy are not deemed to outweigh their legitimate interests in developing new services for us. In the case of this activity the following will apply:

  • Your data will be made available to our website provider
  • The data that may be available to them include any of the data we collect as described in this privacy policy.
  • Our website provider will not transfer your data to any other third party, or transfer your data outside of the EEA.
  • They will store your data for a maximum of 7 years.
  • This processing does not affect your rights as detailed in this privacy policy.



Your rights

You have the right to:

  • Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact the Data Protection Lead ([email protected]) in writing.

No fee usually required

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Questions and complaints

We have appointed a data protection lead (DPL) Balazs Csernus [email protected] to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPL. You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, which can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.