At Cornerstone, we’re committed to protecting and respecting your privacy.
This policy explains when and why we collect personal information about people who visit our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We may change this policy from time-to-time so please check this page occasionally to make sure you have the most up-to-date version.
Any questions regarding this policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to Cornerstone, Centurion Court, North Esplanade West, Aberdeen, AB11 5QH. Alternatively, you can telephone 0300 131 3333.
Who are we?
Cornerstone is one of Scotland’s largest charities whose purpose is to deliver high-quality care to everyone they support, enabling them to live a valued life – the life they choose. We are a registered charity (Scottish Charity No. SC004780). The company is registered in Scotland as Cornerstone Community Care operating as Cornerstone, Company No. SC070762 and our registered office is 39 Huntly Street, Aberdeen, AB10 1TJ.
How do we collect information from you?
We obtain information about you when you use our website, for example, when you contact us about products and services, to make a donation or if you register to receive one of our publications.
What type of information is collected from you?
The personal information we collect might include your name, address, email address, details of your enquiry and/or donation, IP address, and information regarding what pages you have accessed and when. If you make a donation online or purchase a product from us, your credit card information is not held by us, it is collected by our third-party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions, as explained below.
How is your information used?
We may use your information to:
- process a donation that you have made;
- process orders that you have submitted;
- to carry out our obligations arising from any contracts entered into by you and us;
- seek your feedback, views or comments on the services we provide;
- notify you of changes to our services;
- hold your details on our client relationship management system;
- send you communications, which you have requested and that may be of interest to you. These may include information about campaigns, appeals, and other fundraising activities;
- process a grant or job application.
When we use your personal information, we are required to have a lawful basis for doing so. There are various different lawful bases upon which we may rely, depending on what personal information we process and why.
The lawful bases we may rely on include:
- consent: where you have given us clear consent for us to process your personal information for a specific purpose (in limited circumstances);
- contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract;
- legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations);
- legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third-party (unless there is a good reason to protect your personal information which overrides our legitimate interests).
Where you make a donation or submit an order, we will send you communications about the vital work we do for the people we support and our exciting products and services for the purposes of our legitimate interests to promote our activities.
You may ask us to stop sending such communications or change your marketing preferences at any time by contacting us by email email@example.com or telephone on 0300 131 3333.
How long we keep your information
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example, the collection of Gift Aid for seven years after the tax year). We will hold your personal information on our systems for as long as is necessary for the purposes we have set out above. Where records need to be retained for a specific length of time, they will be stored securely. We will review and may delete any information that we no longer have a legitimate reason to keep.
Who has access to your information?
We will not sell, share or rent your information to third parties.
Third-party service providers working on our behalf: We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example, to process donations and send you mailings).
However, when we use third-party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond Cornerstone for them to use for their own purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
We work closely with various third-party product providers to bring you a range of quality and reliable products and services. When you enquire about or purchase one or more of these products from a third-party provider, the relevant third-party product provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. To find out more about our third-party providers, please contact us at firstname.lastname@example.org or telephone 0330 131 3333.
When you are using our secure online donation pages, your donation is processed by a third-party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us at email@example.com or telephone 0330 131 3333.
How you can access and update your information
The accuracy of your personal information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address or any of the other information we hold is inaccurate or out of date, please email us at firstname.lastname@example.org, or write to us at Cornerstone, Centurion Court, North Esplanade West, Aberdeen, AB11 5QH. Alternatively, you can telephone 0300 131 3333.
You have the right to ask for a copy of the information Cornerstone holds about you. Security precautions are in place to protect the loss, misuse or alteration of your information.
You also have rights to ask that we delete the personal information that we hold about you in certain circumstances, that we restrict the processing of your personal information for specific purposes or to request the personal information that we hold about you for your own reuse in certain circumstances. You may also object to any processing of the personal data that we hold about you.
Any of the above rights can be exercised by emailing us at email@example.com or writing to us at Cornerstone, Centurion Court, North Esplanade West, Aberdeen, AB11 5QH. Alternatively, you can telephone 0300 131 3333.
Keeping your information secure
We store your personal information on our systems within the UK and have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with 128 Bit encryption software on SSL. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer.
Non-sensitive details (your email address, etc.) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Use of 'cookies'
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies off may result in a loss of functionality when using our website.
Links to other websites
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.
16 or Under
We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
Review of this Policy
We keep this policy under regular review. This policy was last updated in September 2018.