top of page

Sponsored by BlueBoxIT

Privacy & Data Protection Policy

At The Charity Hub, we are committed to protecting your personal data and respecting your privacy. This policy outlines how we collect, use, store, and safeguard your personal information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

The Charity Hub is a Community Interest Company (CIC) supporting third sector organisations through networking, training, advocacy, and collaborative projects. We collect and process data as part of delivering our services to members, partners, event attendees, and stakeholders.

If you have questions about this policy or your data, please contact:
Brett Riley-Tomlinson
Email: info@thecharityhub.org.uk
Registered Address: Unit 12, New Street, Doncaster, DN1 3QU

2. What Data We Collect

We may collect and process the following types of personal data:

  • Identity Information: Name, job title, organisation name
     

  • Contact Details: Email address, phone number, postal address
     

  • Membership Details: Event attendance, membership status, survey responses
     

  • Consent Records: Permissions for marketing, photography, or video use
     

  • Feedback: Post-event or training evaluations
     

  • Website Data: IP address, browser type, cookies (see our Cookie Policy)
     

We do not collect any unnecessary or excessive data.

 

3. Why We Collect Your Data

We only collect personal data when it is necessary to:

  • Administer your membership or event booking
     

  • Provide access to training, resources, and networking opportunities
     

  • Share updates, newsletters, or marketing (only if you’ve opted in)
     

  • Measure and report our impact (in anonymised or aggregated form)
     

  • Comply with legal obligations or funder requirements
     

We never sell your data or use it for profiling.

 

4. Lawful Basis for Processing

We rely on one or more of the following lawful bases:

  • Consent – when you opt in to marketing or give explicit permission
     

  • Contract – when processing is necessary to fulfil a service you request
     

  • Legitimate Interests – to operate and improve our services
     

  • Legal Obligation – for compliance with laws or funding rules
     

 

5. How We Store and Protect Your Data

Your data is securely stored using cloud-based systems with the following safeguards:

  • Password protection and encryption
     

  • Role-based access for staff
     

  • Regular data access reviews
     

  • Secure email protocols
     

  • Staff trained in data security and confidentiality
     

If we work with third-party providers (e.g., CRM or survey platforms), we ensure they meet equivalent security standards.

 

6. Sharing Your Data

We only share personal data when necessary, and only with trusted partners or service providers that:

  • Support the delivery of our services
     

  • Are bound by confidentiality and data protection obligations
     

  • Are not allowed to use your data for their own purposes
     

We may also share anonymised data with funders for reporting impact.

 

7. Your Rights Under UK GDPR

You have the right to:

  • Access the personal data we hold about you
     

  • Correct any inaccuracies
     

  • Request deletion (also known as the “right to be forgotten”)
     

  • Object to or restrict how we use your data
     

  • Withdraw consent at any time
     

  • Data portability (where applicable)
     

To exercise any of these rights, contact us via email and we’ll respond within 30 days.

 

8. Data Retention

We only keep personal data for as long as is necessary:

  • For membership data: up to 5 years after the last interaction
     

  • For event or training data: up to 5 years unless required for reporting
     

  • For financial records: up to 6 years (in line with HMRC guidance)
     

When no longer needed, data is securely deleted or anonymised.

 

9. Cookies and Website Analytics

We use cookies on our website to enhance user experience and monitor site performance. You can control or disable cookies via your browser settings. See our [Terms and Conditions] for more details.

 

10. Data Breaches

In the unlikely event of a data breach, we will:

  • Notify affected individuals promptly if there’s a risk to their rights or freedoms
     

  • Report serious breaches to the Information Commissioner’s Office (ICO) within 72 hours
     

 

11. Updates to This Policy

We may update this policy periodically to reflect changes in law or how we operate. The latest version will always be published on our website.

 

12. Complaints

If you have concerns about how we handle your data, please contact us first. If you are not satisfied with our response, you can escalate your concern to:

Information Commissioner’s Office (ICO)
www.ico.org.uk
0303 123 1113

 

Summary

We take your data seriously. We only collect what we need, use it respectfully, and keep it safe. You’re always in control, and we’re always here to help if you have questions.

bottom of page