London Arts in Health Forum (LAHF) is a membership organisation which aims to develop the role of culture in wellbeing and to promote and support arts in health activity across London and nationally.
LAHF is a registered charity. Our work is almost entirely funded through voluntary income thanks to the generosity of members of the public, charitable trusts, foundations, and philanthropic businesses and individuals.
This policy explains how we use and protect your data as part of our work. LAHF promises to safely process and store your personal data. We strive to ensure that our paperwork and forms are clear about how we will use the data we collect.
Data plays a big role in what we do. It is fundamental for the safe and effective running of our courses, programmes and our charity. The section on ‘how we use your personal information’ will explain how we use data about you. As per the section on ‘what we collect’, you may withdraw your consent for us to process your information at any time.
What this policy is about
If you have any questions about this policy or how we use your personal information, please contact us using the contact details given below.
Organisations are permitted to process data if they have a legal basis in doing so. We process data when:
LAHF may change this policy from time to time and any such changes will be published on our website. Notwithstanding any change to this policy, we will continue to process your personal data in accordance with your rights and our obligations in law.
Your personal information: what we collect
The personal information we collect about you will depend on whether you are supporting us by giving a gift, a student participating in one of our activities, signing up to our mentor scheme, registering your child on a programme or course, applying for a job, volunteering vacancy or expressing interest in supporting us. It may include (but isn’t limited to):
You also have the right to raise any issues of concern about us regarding data protection and our processing of your information to the data protection regulator, The Information Commissioner’s Office (ICO). Here is a helpful link to their website.
We would also never sell your information to a third party.
We use profiling and screening techniques to ensure communications are relevant and timely, and provide an improved experience for our supporters. Profiling allows us to target our resources effectively, which we know will be important to our supporters. We do this because it allows us to understand the background of the people who support us and it helps us to make appropriate requests to supporters who may be able and willing to give more than they already do. Importantly, it enables us to raise more funds, sooner and more cost-effectively than we otherwise would.
When building a profile we may analyse geographic, demographic and other information relating to you in order to better understand your interests, preferences and motivation for giving, in order to contact you with the most relevant communications. In doing this, we may use additional information from third party sources or publicly available sources. This could be, for example, addresses, education history, listed job titles or typical earnings in a given area
How we use your personal information
We use your personal information for the following purposes:
Who we share your personal information with
We do not sell or share personal details to third parties for the purposes of marketing.
If we run an event or fundraising activity, it may require the service of a third party and then we might need to share your details with them. This would happen if your data was required to deliver the specific activity, for example we would share your data with an outsourced mailing house provider, in order for us to send you a fundraising appeal.
If we share your data with colleagues or programme partners, including outside of the European Union, we will only do so if we are confident that they adhere to the same high standards that we do when processing data and protecting its privacy and security.
If we share your information with other organisations or data processors we do not allow them to use your information for their own purposes and they have to follow our strict instructions whilst complying with appropriate security measures. We regularly assess their security measures and we continue to monitor their compliance throughout the time we use their services.
We may also share your data with law enforcement agencies, regulators, courts, public authorities or emergency services when required to do so.
Cookies and other similar technologies
Cookies are small text files placed on your device which uniquely identify your device. Cookies cannot be used to run programs or deliver viruses to your device.
For more information about our use of these technologies please contact firstname.lastname@example.org.
How long we keep your personal information
The period for which we keep your information depends on the purpose for which your information was collected and the use. We will not keep your personal information for longer than necessary for those purposes or for any other legal requirements.
We review all data retention periods every two years. Data collected for accounts purposes are kept for seven years plus an additional period of six months. You can request your data to be forgotten and we will delete all your data other than anything we have to retain for legal reasons.
Keeping your personal information up to date
We want to make sure that any personal information we hold about you is up to date. So if you think your personal information is inaccurate, you can ask us to correct or remove it at no charge to you. This is called your right to rectification. Please email our office at email@example.com if you would like to change any information that we may hold on you.
Under the GDPR, you have a right to know what personal information we hold about you. To request any information, please email us at firstname.lastname@example.org and we will make sure that this is handled in a swift and appropriate manner.
If you do not want to receive information from us, please get in touch with us and we will change your preferences: email@example.com.
How we protect your personal information
We maintain the highest standards of data privacy and security to protect your personal details and other information about you because we want you to feel completely confident about the communications you receive from us. We regularly review our processes and procedures to protect your information from unauthorised access and use, accidental loss and/or destruction.
How to Contact Us
Please contact our Data Controller at: firstname.lastname@example.org