The Hymans Robertson Foundation is committed to protecting and respecting your privacy.
This privacy notice explains what personal information we collect about you, how and why we use it, who we disclose it to, and how we protect it. It applies to you if you deal with The Hymans Robertson Foundation, for example as the contact in another charitable organisation that we work with.
Under data protection laws, we are the data controller in relation to your personal information. This means we are responsible for deciding what information to collect about you and how it is used. Our contact details are set out in the “Contacting Us” section of this privacy notice.
Who we are
The Hymans Robertson Foundation was established in 2016 with the aim of providing focus to all our charitable activities, helping us grow the quality and quantity of the benefit we can offer and supporting our vision of helping to secure better futures for all. We are a registered charity.
What are the data protection laws?
The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 contain most of the rules about how personal information should be collected and processed. Other rules exist which govern things like email direct marketing.
This privacy notice takes account of all of the rules, including GDPR. We will keep it under review.
What is personal information?
Personal information broadly means any information about a living individual who can be identified from that information directly, or indirectly (for example if it is combined with other available information).
- What personal information do we collect?
- Using your personal information lawfully
- Sharing your personal information with others
- How we protect your personal information
- How long we keep your personal information
- Your rights
- Contacting us
- Contacting the Information Commissioner’s Office
- Changes to this privacy notice
What personal information do we collect?
We will collect and process personal information about you when you access our site, apply for a grant or contact us with an enquiry. This may include:
- Your name and contact details at the organisation you work for
- The organisation with which you are affiliated and your relationship with that organisation
Please note that we work with other charitable organisations – we do not work with beneficiaries directly and do not receive any personal information about beneficiaries.
We do not collect special categories of personal information (also known as “sensitive personal data”, which includes information about health, racial or ethnic origin, political opinions, religious or philosophical beliefs and sexual life) without your agreement. We ask you, please, not to send us this kind of information.
We will always try to keep the amount of personal information we collect to the minimum needed.
Using your personal information lawfully
We will use your personal information to respond to your online enquiry and to deal with you concerning a grant or grant application.
We’ll also use information we collect to help ensure that content from our site is presented in the most effective manner for you and for your computer, and monitor how our website is used, in order to improve it.
Processing your personal information is necessary for these reasons and for our legitimate interests of furthering our charitable work.
Sharing personal information with others
Sometimes we need to share your personal information with others.
We’ll only do this for the purposes explained in this privacy notice and we’ll take steps to ensure they keep the information secure and confidential and use it only for the agreed purposes.
We may share your personal information with the following:
- our service providers, including Hymans Robertson LLP,
- our event or service partners, so that they can contact you about the event you’ve registered for or the service you’re interested in,
- regulators, ombudsmen, dispute resolution bodies, government bodies or the courts, where we are under a legal obligation to do so, or to protect our rights or property, or the safety of our people, clients or others, so that we can meet our legal obligations.
How we protect your personal information
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.
Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our workers also protect sensitive or confidential information when storing or transmitting information electronically and must undertake annual training on this.
Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information.
How long we keep your personal information
We will keep your personal information for as long as we are using it for the purposes explained in this notice.
When we no longer need it, we will archive your personal information after a certain period (usually 7 years), and then delete it permanently after an additional period (usually 13 years).
We set these periods according to the time limits on legal claims. This is for our protection and yours.
We may in certain circumstances need to hold your personal information for longer, for example in relation to a legal dispute or because of regulatory requirements.
You have a number of rights under data protection laws.
Your rights include:
- to request access your personal information,
- to request that your personal information is corrected if it is out of date, inaccurate or incomplete,
- to request that your personal information is deleted or removed from our records and systems,
- to withdraw your consent to the processing of your personal information (where we need your consent to process your personal information),
- to object to or restrict the processing of your personal information, and
- to make a complaint to the Information Commissioner’s Office.
How do I exercise my rights?
If you would like to make a request to access or correct your personal information, or to exercise any of your other rights, you can contact us at any time at HRFoundation@hymans.co.uk.
We will respond to any request received from you within one month from the day we receive your request.
Please note that some of your rights are restricted and apply only in certain circumstances. For example, we may refuse to delete your personal information whilst we need it for a valid purpose, including to defend any potential legal claims. We will set out in our response our reasons if we are unable to meet your request. To find out how to make a complaint to the Information Commissioner’s Office, see Contacting the Information Commissioner’s Office.
You can email: HRFoundation@hymans.co.uk. You can also write to us at: The Hymans Robertson Foundation, One London Wall, London, EC2Y 5EA.
Contacting the Information Commissioner’s Office
The Information Commissioner’s Office (ICO) is the UK’s independent body set up to uphold information rights. You can find out more about the ICO on its website.
The ICO can be contacted on 0303 123 1113, by using the email form on its website, or by writing to:
Information Commissioner’s Office
Changes to this privacy notice
This privacy notice is current as at June 2020. We may make changes from time to time and you should regularly check for updates.