1. Who are we?
Will We Be Heard (“we” or “us”) is a UK web-based not-for-profit organisation. Inquiries regarding this privacy notice and data subject rights can be made at firstname.lastname@example.org
2. What is the scope of this Privacy Notice ?
This Privacy Notice aims to inform website visitors & contributors about how we process your personal information. We are committed to processing personal data responsibly, securely and proportionally.
3. Do we collect your personal data?
The sharing of your testimony on the Will We Be Heard? website, is intended to be anonymous; we request you do not share your name or any other identifying details with us. We take additional steps to ensure, where possible, that we do not collect or retain your personal information when you submit this form (including IP address). However, there are circumstances where we may collect some personal data when you interact with us. For example, when you:
I. enquire about our activities via email
II. engage with us on Twitter or Instagram
4. What types of personal data do we collect?
In the circumstances noted above, we collect the following types of personal data about individuals:
email addresses, names, telephone numbers, details of social media accounts. These are processed when we engage in email, phone, or written correspondence with you or interact through social media platforms including Instagram & Twitter.
5. What is the lawful bases for processing your personal data ?
We process personal data on the following bases:
6. What do we do with your personal data?
We process your personal data with the purpose of:
• Enhancing our research or undertaking additional research with trusted parties to provide insights and produce speciality knowledge to advocate for change
• Undertaking awareness raising to advocate for policy reformations, support & to increase awareness through media publications
• Promoting our message and mission (marketing)
• Complying with legal and regulatory obligations
• Explicit consent must be obtained from Will We Be Heard? before the testimonies can be used or analysed in anyway by any external parties
7. How do we ensure your personal data are held securely?
We have put appropriate technical security to protect personal data from loss, misuse, alteration or destruction. We aim to ensure that access to your personal data are password protected. All data stored are restricted only to those who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information. We install and regularly update security and anti-virus software in use on our systems. Please be aware that the transmission of data via the Internet is not completely secure. Whilst we do our best to try to protect the security of your personal data, we cannot ensure or guarantee the security of your data transmitted to our site.
8. Do we share personal data with third parties?
We may occasionally share personal data with trusted third parties to help develop, research & deliver efficient high-quality services. When we do so, we ensure recipients are contractually bound to safeguard the data we entrust, before data sharing. We may engage with the following categories of recipients:
• Parties that support us in providing our services (e.g. Google Drive or other cloud-based services)
• Professional advisers, including lawyers, auditors and insurers
• Law enforcement, government or regulatory agencies & other third parties as required by and in accordance with applicable law/regulations.
9. Do we transfer your personal data outside the European Economic Area?
We store personal data on servers located in the European Economic Area (EEA) and outside of the EEA (in the USA). We transfer personal data to reputable third party service providers, namely Google Drive, situated both inside and outside the EEA. Please refer to their website for further information about their personal data handling. Each organisation is required to safeguard personal data in accordance with our contractual obligations and data protection legislation.
11. What are your data protection rights?
You have rights in relation to personal data we process which can be exercised by emailing us at email@example.com . These include:
-The Right to Withdraw Consent: you can withdraw consent you previously gave us, to one or more specified purposes regarding the processing of your personal data. This will not affect the lawfulness of any processing carried out before you withdrew your consent. It may subsequently prevent us from providing certain products or services to you, in which instance we will make you aware of this.
-Right to rectification and erasure: you can ask us to correct our records if you believe they contain incorrect or incomplete information about you. We will also erase your personal data if you withdraw consent to processing or when we no longer need it for the purpose it was originally collected.
-Right to restriction of processing: you can ask us to temporarily restrict our processing of your personal data if you contest its accuracy, prefer restriction to erasure, or need us to preserve it for you to establish, exercise, or defend a legal claim. A temporary restriction may apply while verifying if we have overriding legitimate grounds to process it. You can ask us to inform you before we lift any temporary processing restriction
-Right to Object: you can object to our use of your personal data for direct marketing purposes, including profiling or where processing has taken the form of automated decision making. However, we may need to keep some minimal information (e.g., email address) to comply with your request to cease marketing to you.
• Right to make a complaint to the UK Information Commissioner’s Office (https://ico.org.uk/concerns/handling/) regarding any concerns you may have about our data handling practices. We may need to request specific information from you to help ensure your right to access the information or exercise any of your other rights. This helps ensure personal data are not disclosed to any person with no right to receive it.
12. How long do we retain personal data?
We retain personal data to comply with applicable laws, regulations and professional obligations that we are subject to. Unless a different time frame applies, as a result of business needs or specific legal, regulatory, or contractual requirements, we retain personal data for a period of 5 years.
13. Does our website have links to other websites?
Our websites may contain links to other sites, which are not governed by this Privacy Notice. Please review the destination website's privacy policies before submitting personal data to that site. Whilst we attempt to limit linkage only to sites which share both our high standards and our respect for privacy, we are not responsible for the content, security, or privacy practices employed by other sites.
14. Do we change this Privacy Notice?
We regularly review this Privacy Notice and post updates here. This Privacy Notice was last updated 6th December 2021.
15. Contact us
If you have any concerns regarding our processing of your data, you can contact us by email at: firstname.lastname@example.org .
We will respond to your queries within 30 days of receipt.