Privacy Notice - Sheffield & Rotherham Wildlife Trust

Our Privacy Notice: Keeping Your Personal Data Safe

Sheffield & Rotherham Wildlife Trust works for a better future for wildlife, people and the green spaces we all rely on. We are a legally registered as a charity and a company in the name of ‘Sheffield Wildlife Trust’ and one of network of 46 Wildlife Trusts across the UK. Our registered charity number is 700638.

Wildscapes, our Community Interest Company, is a registered company number: 5911369. This company is a wholly owned subsidiary of Sheffield & Rotherham Wildlife Trust and trades only to raise funds for our charitable organisation.

These privacy notices apply to both the Trust and Wildscapes.

Our Policy: Sheffield & Rotherham Wildlife Trust (SRWT) is committed to keeping an individual’s personal details safe. We will never sell your personal data.

Becoming a supporter or member of Sheffield & Rotherham Wildlife Trust
Becoming a volunteer with Sheffield & Rotherham Wildlife Trust
Interested in our work? Subscribing to our contacts list
Booking an event and buying online
Getting involved in a Nature Reserve group, Natural Neighbours, Wild@Heart or similar Trust project
Using our website
Children, young people and vulnerable adults
Outdoor learning services: groups, schools and teachers
Contributing to our evidence work
Wildscapes contacts and clients
Sheffield Lakeland Landscape Partnership
What are your rights? Making a complaint
Our Privacy Notice for Trustees: Keeping Your Personal Data Safe

Becoming a supporter or member of Sheffield & Rotherham Wildlife Trust

Why do we collect your personal data and how do we use it

We collect personal data from you in order to administer your donation and/or membership subscription, which may involve:

Sending you your membership welcome pack when you first join us
Processing your Direct Debit subscription payments, if you have set this donation process up with us
Sending you your membership renewal letter
Getting in touch should there be any issues about administering your membership or processing your donation
Acknowledging receipt and thanking you for your donation
Keeping you up to date about the impact of your support

Your data will be stored on our secure online database provided by Donorfy.

The ICO define the lawful basis for processing your data for these purposes as ‘contractual’.

Joint and family membership: If you are a ‘joint’ or a ‘family’ member of our Wildlife Trust, we will collect personal data for all those listed on your membership. In line with data protection law, we will not collect, store or process personal details for children under 13 years of age; unless we have the express permission from a parent or guardian to do so.

If we have the permission of a parent or guardian, for Wildlife Watch members, we will capture your date of birth at the point of joining. This is so that we can send you information that we feel is suitable to your age.

Gift membership: If your Wildlife Trust membership was purchased as a gift, we will use the personal data provided by the purchaser to send you information about our work in the post. This will include a ‘renewal letter’, which we will send you when your membership is due to expire, to see if you would like to continue supporting our work.

We will also collect additional personal data about you in order to get to know you better and contact you about our work in a timely and relevant way, to suit you. We will use this personal data to send you further information about our work that we think you will be interested in including: sending you a regular membership magazine, relevant project or campaign updates, fundraising appeals that we feel you would like to hear about, events, membership services, products, e-newsletters, feedback, competitions and other activities, as well as information about other carefully selected organisations that we work in partnership with (such as Vine House Farm’s bird seed catalogue). From time to time, we may also use your personal data to ask for your opinion about our work.

This is in addition to administering your donation or membership and is defined as ‘direct marketing’ by the ICO. We use two different lawful bases for processing your data for ‘direct marketing’ purposes:

Legitimate interest: This is where we have identified a genuine and legitimate reason for contacting you, which crucially does not override your rights or interests. We use legitimate interest to send you the information listed above by post or telephone (if you are not registered with the Telephone Preference Service, and you have given us your telephone number).

Opt-in consent: This is where you have given us express permission to contact you by particular communication channels such as email, text message (SMS) or telephone (if you are registered with the Telephone Preference Service)

We respect your right to update the way we get in touch with you about our work at any time.

What kind of personal data do we collect?

To administer your donation and/or membership, we will collect personal data from you that includes your name, address, email, phone number and bank details (for membership fees).

Most of the time, we collect this data from you directly. This may be online, in person, over the telephone, in writing or through an email. Occasionally we obtain information, such as your telephone number or other contact details, from external sources (only where you have given permission for such information to be shared).

We may also collect information about you that helps us to get to know you better, including:

information about your wildlife interests, which you tell us through our surveys
records of donations you’ve made towards fundraising appeals
your preferences of how you would like us to contact you
ways you’ve helped us through volunteering your time
records of events you’ve attended, or campaigns or activities that you’ve been involved in
your opinion on our work or future activity

Once again, most of the time we collect this data from you directly.

Sometimes we may collect information about your gender, age or ethnicity to help us monitor how inclusive we are across our community. We will only do so with your specific consent. In these situations, we collect the data from you directly and will be very clear about why and how we intend to use this information.

We may also collect demographic and consumption data about you (eg using ACORN categories), including information related to your wealth. This will be drawn from public registers and other publicly available sources such as Companies House, newspapers and magazines. If you do not wish your data to be collected in any of these ways, or have questions about them, please contact us.

How we store your data

The majority of the personal data processing we undertake is carried out by our staff at the Trust. For the purposes of IT backups and maintenance this information is located on secure servers within the European Union and UK, with the exception of Gmail and GDrive which is hosted by Google worldwide. We do, however, transfer some data to third parties eg financial data to our bank for processing, addresses to our mailing house. When we do so we will always have a contract in place with the relevant third party to ensure they will at no point have ownership over the data we provide.

We have data protection procedures in place to oversee the effective and secure processing of your personal data. Personal electronic data is held in databases stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data.

Payment security: All electronic Sheffield & Rotherham Wildlife Trust forms that request financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers. If you use a credit card to purchase a membership or make a donation we do not see or have access to your card details. Instead, your details are passed (encrypted) directly for processing to one of our secure payment providers, PayPal or Stripe.

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. We hold membership personal data on our database for the period of your membership and beyond for an indefinite period of time to allow us to monitor our membership development and improve our services through related statistical analysis. Please contact us if you wish us to delete the personal data we hold about you. If you are a current member please be aware that this will affect our ability to administer your membership. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

Becoming a volunteer with Sheffield & Rotherham Wildlife Trust

Why do we collect your personal data and how do we use it?

We collect your personal data so that we can keep in touch with you about, for example:

Changes to planned volunteer work programmes that you may be taking part in
The positive impact you have on our work, by sending you our volunteer newsletter
Dedicated volunteer thank-you events

As defined by the ICO, the lawful basis for processing your data for these purposes is ‘contractual’ (we are administering your volunteer record) and ‘legitimate interest’ (when sending you information about our work).

We may also collect sensitive personal data about you. When we do so, we will ask your permission and be very clear as to why we are collecting such information.

What kind of personal data do we collect?

To keep in touch with you about volunteering, we will collect personal data from you that includes your name, address, email and phone number. We may also collect your bank details if you are claiming expenses and would prefer these paid directly to your account.

We may also collect sensitive data from you, for example:

references and certificates to confirm experience or qualifications
disclosure barring service check if working with children, young people or vulnerable adults
details of emergency contacts and any medical conditions and welfare issues so that we can help keep you safe and look after you
your gender, age band or ethnicity to help us monitor how inclusive we are across our community and to report to funders
photographs and images of you carrying out volunteering activity to share with our supporters and the wider public

In these situations, we will collect the data from you directly and be very clear about why and how we intend to use this information.

In the event of an accident whilst volunteering with us, we may collect sensitive personal data about you that we may transfer to an emergency service. This information will be retained for legal reasons, for health & safety and safeguarding purposes and to protect us (including in the event of an insurance or legal claim). If this does occur, we’ll take extra care to ensure your privacy rights are protected.

How we store your data

The majority of the personal data processing we undertake is carried out by our staff at the Trust. For the purposes of IT backups and maintenance this information is located on secure servers within the European Union and UK, with the exception of Gmail and GDrive which is hosted by Google worldwide. We do, however, transfer financial data to our bank for processing. When we do so we will always have a contract in place with the relevant third party to ensure they will at no point have ownership over the data we provide.

We have data protection procedures in place to oversee the effective and secure processing of your personal data. Personal electronic data (including sensitive data) is held in databases stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data. Sensitive data may also be stored in paper format, for example, for use by the leader on site or for reference in a locked filing cabinets with restricted staff access by identified key holders only.

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. We hold personal data on our database for the period you volunteer with us and for 3 years afterwards (for references etc). Expenses information will be retained for 7 years for accounting purposes. Please contact us if you wish us to delete the personal data we hold about you. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

Interested in our work? Subscribing to our contacts list

Why do we collect your personal data and how do we use it?

If you have expressed an interest in finding out more about our work then we will collect personal data from you in order to regularly communicate with you about our work. We may also collect personal data about you in order to get to know you better and contact you in a more timely and relevant way, to suit you.

We will use this personal data to send you further information about our work that we think you will be interested in including emailing you about: projects or campaign updates, fundraising appeals, events, membership services, products, feedback, competitions and other activities, as well as information about other carefully selected organisations that we work in partnership with (such as Vine House Farm’s bird seed catalogue). This will often be in the form of our monthly e-newsletter. From time to time, we may also use your personal data to ask for your opinion about our work.

This is defined as ‘direct marketing’ by the ICO. We use two different lawful bases for processing your data for ‘direct marketing’ purposes:

Legitimate interest: This is where we have identified a genuine and legitimate reason for contacting you, which crucially does not override your rights or interests. We use legitimate interest to send you the information listed above by post or telephone (if you are not registered with the Telephone Preference Service, and you have given us your telephone number).

Opt-in consent: This is where you have given us express permission to contact you by particular communication channels such as email, text message (SMS) or telephone (if you are registered with the Telephone Preference Service)

We respect your right to update the way we get in touch with you about our work at any time.

Change your contact preferences by emailing admin@wildsheffield.com

What kind of personal data do we collect?

To administer our communications with you, we will collect personal data from you that includes your name, address, phone number and email.

Most of the time, we collect this data from you directly. Sometimes this is in person; other times, it is over the telephone, in writing or through an email. Occasionally we obtain your email, telephone number or other contact details, from external sources (only where you have given permission for such information to be shared).

We will also collect information about you that helps us to get to know you better, including:

information about your wildlife interests, which you tell us through our surveys
records of donations you’ve made towards fundraising appeals
your preferences of how you would like us to contact you
ways you’ve helped us through volunteering your time
records of events you’ve attended, or campaigns or activities that you’ve been involved in
your opinion on our work or future activity

Once again, most of the time we collect this data from you directly.

How we store your data

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. We hold contact personal data on our database for an indefinite period of time to allow us to monitor and improve our services through related statistical analysis. Please contact us if you wish us to delete the personal data we hold about you. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

Booking an event and buying online

Why do we collect your personal data and how do we use it?

We will collect your personal data to send you:

Items you have purchased from our online shop, including a payment for an activity
Information about events you have booked onto

The ICO define the lawful basis for processing your data for these purposes as ‘contractual’.

If, in booking on an event or making a purchase, you have expressed an interest in finding out more about our work, we will collect additional personal data about you in order to get to know you better and contact you about our work in a timely and relevant way, to suit you. We will use this personal data to send you further information about our work that we think you will be interested in including information about: projects or campaign updates, fundraising appeals, events, membership services, products, feedback, competitions and other activities, as well as information about other carefully selected organisations that we work in partnership with (such as Vine House Farm’s bird seed catalogue). This will often be in the form of our monthly e-newsletter. From time to time, we may also use your personal data to ask for your opinion about our work.

This is defined as ‘direct marketing’ by the ICO. We use two different lawful bases for processing your data for ‘direct marketing’ purposes:

Opt-in consent: This is where you have given us express permission to contact you by particular communication channels such as email, text message (SMS) or telephone (if you are registered with the Telephone Preference Service)

We respect your right to update the way we get in touch with you about our work at any time.

What kind of personal data do we collect?

To administer your booking or purchase with us, we will collect personal data from you that includes your name, address, email and phone number. Your payment details for events and purchases will be collected using your chosen payment method and processed by the relevant secure third-party partner for that payment method which includes Eventbrite, Stripe or Paypal.

Most of the time, we collect this data from you directly. This may be online, in person, over the telephone, in writing or through an email.

We may also collect information about you that helps us to get to know you better, including:

information about your wildlife interests, which you tell us through our surveys
your preferences of how you would like us to contact you
ways you’ve helped us through volunteering your time
records of events you’ve attended, or campaigns or activities that you’ve been involved in
records of donations you’ve made towards fundraising appeals your opinion on our work or future activity

Once again, most of the time we collect this data from you directly.

How we store your data

All electronic Sheffield & Rotherham Wildlife Trust forms that request financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers. If you use a credit card to purchase online we do not see or have access to your card details. Instead, your details are passed (encrypted) directly for processing to one of our secure payment providers, PayPal or Stripe.

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. We hold contact personal data on our database for an indefinite period of time to allow us to monitor and improve our services through related statistical analysis. Please contact us if you wish us to delete the personal data we hold about you. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

Getting involved in a Nature Reserve group, Natural Neighbours, Wild@Heart or similar Trust project

Why do we collect your personal data and how do we use it?

We collect your personal data so that we can keep in touch with you about, for example:

Changes to planned meetings and programmes that you may be taking part in
The positive impact you have on our work, by sending you our newsletter
Dedicated thank-you events

As defined by the ICO, the lawful basis for processing your data for these purposes is ‘contractual’ (where are administering your record as a participant) and ‘legitimate interest’ (when sending you information about our work).

We may also collect sensitive personal data about you. When we do so, we will be very clear as to why we are collecting such information.

What kind of personal data do we collect?

To keep in touch with you about the group or project you are involved in, we will collect personal data from you that includes your name, address, email and phone number. We may also collect your bank details if you are claiming expenses and would prefer these paid directly to your account.

Most of the time, we collect this data from you directly. This may be online, in person, over the telephone, in writing or through an email. Occasionally we obtain information, such as your telephone number or other contact details, from external sources (only where you have given permission for such information to be shared).

We may also collect sensitive data from you, for example:

details of emergency contacts and any medical conditions and welfare issues so that we can help keep you safe and look after you
your gender, age band or ethnicity to help us monitor how inclusive we are across our community and to report to funders
photographs and images of you carrying out project activity to share with our supporters and the wider public

In these situations, we will collect the data from you directly and be very clear about why and how we intend to use this information. We will only do so with your specific consent.

In the event of an accident with us, we may collect sensitive personal data about you that we may transfer to an emergency service. This information will be retained for legal reasons, for health & safety and safeguarding purposes and to protect us (including in the event of an insurance or legal claim). If this does occur, we’ll take extra care to ensure your privacy rights are protected.

How we store your data

The majority of the personal data processing we undertake is carried out by our staff at the Trust. . For the purposes of IT backups and maintenance this information is located on secure servers within the European Union and UK, with the exception of Gmail and GDrive which is hosted by Google worldwide. We do, however, transfer financial data to our bank for processing.

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. We hold your personal data on our database for the period you are involved with us and, once anonymised, for an indefinite period of time after that to allow us to be audited by funders, monitor our engagement work and improve our services through related statistical analysis. Please contact us if you wish us to delete the personal data we hold about you. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

Using Our Website

Why do we collect your personal data and how do we use it?

Our website uses ‘cookies’ to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites. Our cookies help us:

Make our website work as you’d expect
Remember your settings during and between visits
Improve the speed/security of the site
Allow you to share pages with social networks like Facebook
Continuously improve our website for you.

You can learn more about all the cookies we use below.

There are two types of cookie you may encounter when using this site:

First party cookies: these are our own cookies, controlled by us and used to provide information about usage of our site.

Third party cookies: these are cookies found in other companies’ internet tools which we are using to enhance our site. We use a number of suppliers who may also set cookies on their websites’ on its behalf. This site does not control the dissemination of these cookies. You should check the third party websites for more information about these.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org

Cookies on our website:

This site uses cookies in several places –

Google analytics / Google ads: collects data by placing a cookie on a user’s browser when they visit your site, thereby providing insights such as how many users you have, where they are from, and which pages they click on. Additionally Google Ads may track visits and conversions for the purposes of improving targeting, or to target existing or previous users of the site – privacy statement.
Facebook: tracking conversions from Facebook ads, and to target existing users on the site – data policy.
Stripe: essential cookies to enable payments for products, events, memberships, renewals and donations and tracks user sessions – privacy policy.
Youtube: we embed videos from YouTube. This may set cookies on your computer, particularly if you are logged into a Google or YouTube account. To find out more, please visit YouTube’s embedding videos information page.
Hotjar: the way you interact with the website may be tracked for the purposes of improving navigation and content. Hotjar specifically records interactions and not sensitive data. Find out more at Hotjar’s privacy page.

Links to Wildlife Trust websites and other external websites

Sheffield & Rotherham Wildlife Trust is not responsible for the privacy practices or the content of any other websites linked to this site. If you have followed a link from this website to another website you may be supplying information to a third party.

Children, Young People and Vulnerable Adults

In line with data protection law, we will not collect, store or process your personal details if you are under 13 years of age; unless we have the express permission from your parent or guardian to do so.

If we have the permission of your parent or guardian, and you are a Wildlife Watch member, we will capture your date of birth at the point of joining. This is so that we can send you information that we feel is suitable to your age.

A copy of our safeguarding policy is available on request.

Outdoor learning services: families, groups, schools and teachers

Why do we collect your personal data and how do we use it?

We collect personal data from you in order to administer your booking of an outdoor learning experience, family activity, or another event or workshop run by our team, which may involve:

Sending you your booking form and invoices
Sending you your activity information
Getting in touch should there be any issues about booking

The ICO define the lawful basis for processing your data for these purposes as ‘contractual’.

If you have attended an event, enquired about a booking or activity with us, for yourself, an organisation you represent or on behalf of others, or expressed an interest in finding out more about our outdoor learning activities and our outdoor learning networks then we will collect personal data from you in order to regularly communicate with you about this. We may also collect personal data about you in order to get to know you better and contact you in a more timely and relevant way, to suit you.

We will use this personal data to send you further information about our work and the work of others that we think you will be interested in including emailing you about: outdoor learning news, resources, advice and services, related projects, learning and play products, events, teacher training, networks, competitions and other activities. This will often be in the form of fortnightly email and regular social media posts. From time to time, we may also use your personal data to ask for your opinion about our work.

This is defined as ‘direct marketing’ by the ICO. We use two different lawful bases for processing your data for ‘direct marketing’ purposes:

We respect your right to update the way we get in touch with you about our work at any time.

What kind of personal data do we collect?

To administer your booking, we will collect personal data from you that includes your name and the following school or personal details as decided by you: address, email, phone number and bank details (for booking fees).

We will also collect information about you that helps us to get to know you better, including:

information about your interests in relation our outdoor learning service, which you may tell us through our surveys, networks or feedback forms
your preferences of how you would like us to contact you
records of bookings made, events you’ve attended, activities that you’ve been involved in
your opinion on our work or future activity
your social media handle(s), where you have given these to us or communicated with us using these
images and videos, where you have given permission to do so

Once again, most of the time we collect this data from you directly.

How we store your data

Payment security: All electronic Sheffield & Rotherham Wildlife Trust forms that request financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers. If you use a credit card to purchase a membership we do not see or have access to your card details. Instead, your details are passed (encrypted) directly for processing to one of our secure payment providers, PayPal or Stripe.

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. Please contact us if you wish us to delete the personal data we hold about you. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

Contributing to our evidence work

SRWT collects a range of evidence and data to inform our work, help us monitor what we do, and make better, more evidence based decisions.

The type of data we collect and work with includes but is not limited to;

Species data, including the species name, date it was recorded, who it was recorded by and where it was recorded.
Habitat data, including what habitat an area is, the species composition of an area, who surveyed the area, why and when.
Spatial data mapped in Geographical Information Systems (GIS) including mapping participation in our activities, mapping action individuals or groups have taken for nature and mapping which provides us with insights about our community.
Survey and evaluation data from members, participants and volunteers.

The type of work we use this data for includes, but is not limited to;

Monitor wildlife on our nature reserves and around Sheffield and Rotherham.
Direct our work more effectively to the communities that need it most.
Provide communities with data on their area and encourage people to take action for nature.
Improve our services through responding to evaluation.
Verify and validate data submitted to us through citizen science initiatives.

Lawful Basis

We use two different lawful bases as defined by the ICO for processing your data to contribute to our evidence work.

Legitimate interest: This is where we have identified a genuine and legitimate reason for collecting and processing your personal data.

Opt-in consent: This is where you have given us express permission to collect and processing your personal data.

What kind of personal data do we collect?

We will collect your names, and the location and date of habitat and species records as these are integral to helping us verify the quality of data submitted.
We may collect your email address for the purposes of sharing this with people or groups carrying out similar activities to you in Sheffield and Rotherham. This is to help encourage others to take action for nature. We will only do this if you give us your consent to do so.
We will also collect your email address to help us validate and verify data you submit. We may contact you to do this.
Health and wellbeing data if you are taking part in an activity aimed at increasing the health and wellbeing of its participants.
Your gender, age band or ethnicity to help us monitor how inclusive we are across our community and to report to funders
Your postcode, to help us understand where our participants, volunteers and members come from.

How we store and analyse your data

Species data is collected and analysed on our Nature Counts database. This stores data on the UK Centre for Ecology and Hydrology’s Biological Record Centre data warehouse. This data is then also transferred to the National Biodiversity Network Atlas and the Global Biodiversity Information Forum. The National Biodiversity Network Atlas makes this data publicly available for research and conservation purposes. We may share data locally with Sheffield and/or Rotherham Local Environment Record Centres.
Habitats and ecological monitoring data is collected and analysed on our Nature Counts database and/or our GIS systems.
Some GIS data is stored externally to the Trust on ESRI’s Arc Online platform. Servers for this are located in Europe.
SRWT uses Google’s Looker Studio to carry out a range of data analysis. Google’s servers are hosted worldwide.
Data is also saved on SRWT’s server and backed up on cloud services in the UK and Europe.

How long will we keep your data?

We will only use and store information for as long as it is required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required.

Your rights

The right to erasure under GDPR does not apply to scientific records, which includes species records and environmental data.

The right to restrict use of data under GDPR is limited in relation to research/science, and therefore each request will be decided on a case by case basis.

Wildscapes contacts and clients

Why do we collect your personal data and how do we use it?

We collect personal data from you in order to administer your enquiry, contract or purchase, which may involve:

Sending you your invoice and confirmation, reports and paperwork
Processing your payment
Contacting you about your contract or project with us.

The ICO define the lawful basis for processing your data for these purposes as ‘contractual’.

If you have enquired about a Wildscapes consultancy service or expressed an interest in finding out more about work then we will collect personal data from you in order to regularly communicate with you about this. We may also collect personal data about you in order to get to know you better and contact you in a more timely and relevant way, to suit you.

We will use this personal data to send you further information about our work that we think you will be interested in, including emailing you about: ecology and land management services, training courses and other Wildscapes products and services, news and events, advice and resources we think you might be interested in, and other activities. From time to time, we may also use your personal data to ask for your opinion about our work.

This is defined as ‘direct marketing’ by the ICO. We use two different lawful bases for processing your data for ‘direct marketing’ purposes:

We respect your right to update the way we get in touch with you about our work at any time.

What kind of personal data do we collect?

To administer your contract, we will collect personal data from you that includes your name and the following organisation or personal details as decided by you: address, email, phone number and bank details (for payment).

We will also collect information about you that helps us to get to know you better, including:

information about your interests in relation our consultancy service, which you may tell us through our surveys, networks or feedback forms
your preferences of how you would like us to contact you
records of enquiries and contracts, events you’ve attended, activities that you’ve been involved in with us
your opinion on our work or future activity

Once again, most of the time we collect this data from you directly.

How we store your data

The majority of the personal data processing we undertake is carried out by our staff at the Trust. For the purposes of IT backupsand maintenance this information is located on secure servers within the European Union and UK, with the exception of Gmail and GDrive which is hosted by Google worldwide. We do, however, transfer some data to third parties eg financial data to our bank for processing, addresses to our mailing house. When we do so we will always have a contract in place with the relevant third party to ensure they will at no point have ownership over the data we provide.

Payment security: All electronic Sheffield & Rotherham Wildlife Trust forms that request financial data will use the Secure Sockets Layer (SSL) protocol to encrypt the data between your browser and our servers. If you use a credit card to purchase online we do not see or have access to your card details. Instead, your details are passed (encrypted) directly for processing to one of our secure payment providers, PayPal or Stripe.

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. We hold Wildscapes contact data on our database for up to 7 years after your last contract: for accounting purposes and to allow us to monitor and improve our services through related statistical analysis. Please contact us if you wish us to delete the personal data we hold about you. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

Sheffield Lakeland Landscape Partnership

Why do we collect your personal data and how do we use it?

If you have expressed an interest in finding out more about the Sheffield Lakeland Landscape Partnership then we will collect personal data from you in order to regularly communicate with you about our work. We may also collect personal data about you in order to get to know you better and contact you in a more timely and relevant way, to suit you.

We will use this personal data to send you further information about our work that we think you will be interested in, including emailing you about: our progress, projects, events, feedback, volunteer opportunities, competitions and other activities, as well as information about our partners. This will often be in the form of an e-newsletter or seasonal greetings. From time to time, we may also use your personal data to ask for your opinion about our project progress.

This is defined as ‘direct marketing’ by the ICO. We use two different lawful bases for processing your data for ‘direct marketing’ purposes:

Legitimate interest: This is where we have identified a genuine and legitimate reason for contacting you, which crucially does not override your rights or interests. We will use legitimate interest to send you the information listed above by post or telephone (if you are not registered with the Telephone Preference Service, and you have given us your telephone number).

Opt-in consent: This is where you have given us express permission to contact you by particular communication channels such as , text message (SMS) or telephone (if you are registered with the Telephone Preference Service)

We respect your right to update the way we get in touch with you about our work at any time.

What kind of personal data do we collect?

To administer our communications with you, we will collect personal data from you that includes your name, address, phone number and .

We will also collect information about you that helps us to get to know you better, including:

information about your interests in relation to the Sheffield Lakeland, which you tell us through our meetings, surveys or feedback forms
your preferences of how you would like us to contact you
records of events you’ve attended or activities that you’ve been involved in
your opinion on our work or future activity

Once again, most of the time we collect this data from you directly.

Sometimes we may collect information about your gender, age or ethnicity to help us monitor how inclusive we are across our community. will only do so with your specific consent. In these situations, we collect the data from you directly and will be very clear about why and how we intend to use this information.

How we store your data

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. We will hold your personal data on our database for up to 7 years after the project has ended: for accounting purposes, to allow us to monitor and improve our services through related statistical analysis and to report to. Please contact us if you wish us to delete the personal data we hold about you. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

What are your rights? Making a complaint

We respect your right to control your data: to be informed, access, correct, delete, restrict and use your own data.

If you wish to raise a complaint on how we have handled your personal data, you can contact our Senior Admin Officer (using the contact details below) who will investigate further. Please also refer to our Complaints and Compliments Procedure on how to make a complaint.

Telephone: 0114 263 4335
Email: hr@wildsheffield.com
Post: Victoria Hall, 37 Stafford Road, Sheffield S2 2SF

You also have the right to request a copy of the information we hold about you at any time. If at any point you believe the personal data we hold about you is incorrect, you can request to see this information and have it corrected or deleted.

If you would like a copy of some or all of your personal data then please contact us using the above details to request a Personal Data Enquiry Form to complete and return by post or email. Please clearly label as a ‘Personal Data Enquiry’. We will respond to your request within 28 days of receipt. We may make a charge for this service but only in exceptional circumstances.

For further assistance with complaints regarding your data, please contact the Information Commissioner’s Office, whose remit covers the UK.
Telephone: 0303 123 1113
Email: casework@ico.org.uk

Our Privacy Notice for Trustees: Keeping Your Personal Data Safe

Our Policy: Sheffield & Rotherham Wildlife Trust (SRWT) is committed to keeping an individual’s personal details safe. We will never sell your personal data.

Why do we collect your personal data and how do we use it?

We collect your personal data so that we can administer your role as Trustee, for example:

Processing your Trustee application (including submission of information to the Charity Commission & Companies House)
Assessing your suitability to become a Trustee of Sheffield & Rotherham Wildlife Trust
Setting and updating you about meetings and workshops
Providing you with reports and information about Board and Trust business and governance.
Updating you on key decisions, the positive impact of the Trust’s work, campaigns, successes, achievements as well as risks and concerns
Promoting information about training opportunities
Providing information about you to our funders and grant distributors eg Entrust
Providing our members and the public with information about who governs the Trust
Monitoring and managing the length of Trustee terms on the Board in line with our Memorandum and Article of Association.

As defined by the ICO, the lawful basis for processing your data for these purposes is ‘legal obligation’ (eg. we are legally obliged to submit personal data about our Board to Companies House and the Charity Commission) and ‘legitimate interest’ (when sending you information about meetings, our work etc).

What kind of personal data do we collect?

To keep in touch with you as a Trustee, we will collect personal data from you that includes your name, address, email and phone number. We may also collect your bank details if you are claiming expenses and would prefer these paid directly to your account.

On considering whether to become a Trustee, we will collect information from you, usually in the form of a CV, about your experience or qualifications.

On appointment to the Board, we will ask you to provide a photograph and short biography to post on our website and to use as and when required for Trust business and governance. You will also be required by law to complete and submit a ‘Fit & Proper’ persons test to ensure that you are not legally disqualified from becoming a Trustee or Company Director. We also ask you to submit a Declaration of Interest form that we use to manage conflicts of interest and submit to the auditor.

We may collect data from you, for example, for a disclosure barring service check if you’re involved with our safeguarding work with children, young people or vulnerable adults We may also collect sensitive data from you, for example:

If you agree to become a signatory on one of our bank accounts we will collect data from you as required by the bank’s application process and submit it to the bank for processing
Details of emergency contacts and any medical conditions and welfare issues so that we can help keep you safe and look after you
Your gender, age band or ethnicity to help us monitor how inclusive we are across our community and to report to funders

In these situations, we will collect the data from you directly and be very clear about why and how we intend to use this information. In the event of an accident whilst visiting us on site or at a Board meeting, we may collect sensitive personal data about you that we may transfer to an emergency service. This information will be retained for legal reasons, for health & safety and safeguarding purposes and to protect us (including in the event of an insurance or legal claim). If this does occur, we’ll take extra care to ensure your privacy rights are protected.

How we store and share your data

The majority of the personal data processing we undertake is carried out by our staff at the Trust. For the purposes of IT backups and maintenance this information is located on secure servers within the European Union and UK, with the exception of Gmail and GDrive which is hosted by Google worldwide. We do, however, transfer financial data to our bank for processing (eg expenses claims). When we do so we will always have a contract in place with the relevant third party to ensure they will at no point have ownership over the data we provide. We upload personal data about our Trustees to the Charity Commission and Companies House for their public records.

We have data protection procedures in place to oversee the effective and secure processing of your personal data. Personal electronic data (including sensitive data) is held in databases/spreadsheets, stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data. Sensitive data may also be stored in paper format, for example, for reference in a locked filing cabinets with restricted staff access by identified key holders only.

How long will we keep your data?

We will only use and store information for as long as it required for the purposes it was collected for. We continually review what information we hold, and delete what is no longer required. We hold your personal data on both our electronic systems and in hard copy (eg Nomination Forms) for the period you are a Trustee with us and for 3 years afterwards (for governance purposes). Expenses information will be retained for 7 years for accounting purposes. Please contact us if you wish us to delete the personal data we hold about you. For more information about how long we keep different types of personal data please contact us about our data retention schedule.

What are your rights? Making a complaint

We respect your right to control your data: to be informed, access, correct, delete, restrict and use your own data.

If at any point you believe the personal data we hold about you is incorrect, you can request to see this information and have it corrected or deleted. If you wish to raise a complaint on how we

have handled your personal data, you can contact the Chief Executive/Company Secretary or our Senior Admin Officer who will investigate further. You also have the right to request a copy of the information we hold about you at any time. If you would like a copy of some or all of your personal data then please email or write to us at the following address

Telephone: 0114 2634335
Email: hr@wildsheffield.com
Post: Victoria Hall, 37 Stafford Road, Sheffield S2 2SF.Please clearly label your enquiry ‘Personal Data Request’. We will send you an Access Request Form to complete and return and will respond to your request within 28 days of
receipt. We may make a charge for this service in exceptional circumstances.

For further assistance with complaints regarding your data, please contact the Information Commissioner’s Office, whose remit covers the UK.
Telephone: 0303 123 1113
Email: casework@ico.org.uk