Privacy Policy

Last updated: 15 November 2021

As operators of this website, Genesis Sun (“We”, “Us”) is committed to protecting and respecting your privacy. This Privacy Policy (“Policy”) sets out the basis on which your personal data will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

You should read this Policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Policy supplements other notices and privacy policies and is not intended to override them.

For the purpose of the General Data Protection Regulations 2016 (“UK GDPR”), the data controller is Genesis Sun (Company No. 12768237) of Wildings, 862-864, Washwood Heath Road, Birmingham, West Midlands, United Kingdom, B8 2NG. This means that we are responsible for deciding how we hold and use personal information about you.

Genesis Sun is a not-for-profit social enterprise whose vision is to create a stronger and more diverse nation through inspiring, encouraging and promoting talent. Genesis Sun aims to unlock the potential of young black people and underserved groups and enable them to be strong, confident and resilient and empower significant and lasting contributions to society as a whole.

  1. DATA PROTECTION PRINCIPLES

We will comply with data protection law and principles, which means that your data will be:

  • Used lawfully, fairly and in a transparent way;
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  • Relevant to the purposes we have told you about and limited only to those purposes;
  • Accurate and kept up to date;
  • Kept only as long as necessary for the purposes we have told you about; and
  • Kept securely.
  1. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA

We collect and use personal data to manage our relationships with our young people and supporters, and to better understand how we can meet and exceed their expectations. This allows us to operate and fundraise more efficiently and effectively to ultimately help us reach our goal to inspire and encourage young black people from the age of 13 throughout their education.

Under the UK GDPR and the DPA, we must have a legal reason to collect, keep and use your data. We rely on the following legal basis for processing your data:

1) Consent

2) Legitimate Interests

We process your personal data for our legitimate interests to allow us to run Genesis Sun t as a charitable entity effectively and in pursuit of our objectives.  When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you and your rights under data protection laws. We will always ensure that your personal data will not be used where our interests are overridden by the impact on you.

  1. THE DATA WE COLLECT ABOUT YOU

Personal data (or personal information) means any information about an individual from which that person can be identified. It does not include data where the identity of the individual has been removed (anonymous data). We may collect, use, store, transfer and process different kinds of personal data about you including the following:

  • Identity data including first name and last name, gender and date of birth;
  • Contact data including address, email address, telephone number and social media contact details;
  • Family and spouse details/partner details, relationships to other supporters;
  • Your educational details in terms of what school you are attending, what year, etc.
  • Current interests and activities.
  • Gift aid status and records of donations;
  • Contact preferences;
  • Information about your wealth (at a high level);
  • Potential media articles about you;
  • Your bank details or credit card details in line with payment card industry standards;
  • Technical data including internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our Websites. This also includes details of your visits to our Websites including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources that you access as detailed in our cookies policy;
  • Usage data including information about how you use our Websites and services.
  • Any other information provided by yourself at the request of Genesis Sun.

Due to the nature of the offerings that Genesis Sun provide,  we may also collect certain “sensitive or special categories of personal data” (as defined in GDPR artricle 9), such as race, ethnicity and religion. This data will always be collected with your specific consent, and will be not be shared with other parties.

Where we need to collect personal data by law, or under the terms of service we have with you, and you fail to provide that data when requested, we may not be able to offer the service we envisage but we will notify you if this is the case at the relevant time.

  1. HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including through: 

Information you give us

Genesis Sun may obtain personal information from you when, for example, you complete an online form to participate on a programme, register with us for a mailing list, apply to become a volunteer, take part in an event or make a donation.

Information from Third Parties

We may also receive information about you from independent third parties, such as fundraising sites like JustGiving or Virgin Money Giving or event organisers. We may also receive contact details and other personal information regarding media contacts and influencers from a variety of sources. We will only receive information from third parties in this way if you have given your consent for your information to be passed on to us. You should check their Privacy Notice when you provide your information to understand how they will process your information. Once we have obtained this information from the third party it will be covered by our Privacy Notice as well as by the originating third party.

Information we get from your use of our website and services

We collect information about the services you use and how you use them, like when you watch a video on YouTube, visit our websites or view and interact with our adverts and content.

Information in the public domain

We may obtain some information from publicly available sources such as Companies House, newspaper articles or open postings on social media such as Facebook and LinkedIn.

  1. THIRD PARTY LINKS

The websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Websites, we encourage you to read the privacy policy of every website you visit.

  1. HOW WE USE YOUR PERSONAL INFORMATION

We only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following ways:

If you are involved in one of Genesis Sun’s programmes, Genesis Sun will use your information to run, fund, develop and evaluate the programmes we run. 

If you support us, for example by making a donation, volunteering, registering to fundraise, or signing up for an event, we will mainly use your information to:

  • Provide you with the services, products or information that you asked for;
  • Provide you information about other services, products or information we think might interest you where you have consented to being contacted;
  • Administer your donation or support your fundraising, including processing Gift Aid;
  • Send you surveys, and for market research;
  • Invite you to events;
  • Keep a record of your relationship with us and record the contact we have with you; and
  • Ensure we know how you prefer to be contacted.

We may also use tracking tools to improve the effectiveness of our communications with you, including tracking whether you open emails we send you and which links you click within a message.

  1. DISCLOSURES OF YOUR PERSONAL INFORMATION

Any information shared with us will only be disclosed with those acting as agents or data processors carrying out work on our behalf. In all cases there will be a data processing agreement in place. If this is a new party or for a new purpose we will inform you.

However, we may disclose your personal information to third parties:

  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Website Terms and Conditions and other agreements;
  • to protect the rights, property, or safety of us, the Websites, our users and any third party we interact with the to provide the Websites; or

We will not sell your data to any third parties.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

  1. RETENTION OF YOUR PERSONAL DATA

We will hold your personal information on our systems for as long as is necessary for the relevant activity.

If you exercise your right to erasure, we will retain all information we are legally obliged to do so, for the period that is set out by that legal obligation. We may also keep your name and the bare minimum of contact details so that we do not contact you or re-enter your details inadvertently in the future. Where technology allows, any data that we retain following an erasure request, will be anonymised.

  1. IP ADDRESSES AND COOKIES

Please see our cookies policy.

  1. DATA SECURITY

The transmission of any information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data whilst being transmitted to our Websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used to accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  1. YOUR RIGHTS

You have rights under data protection laws in relation to your personal data. Your rights as per GDPR are:

  • right to be informed about how and why your personal data is being used and/or processed.
  • right to request access to your personal data (commonly known as a “data subject access request”. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • right to request of rectification of your personal data. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • right to request erasure of your personal data (right to be forgotten). This enables you to ask us to delete or remove your personal data. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons. If this is the case, you will be notified.
  • right to object to processing of your personal data. You have the right to object to the processing of your personal data in certain circumstances.
  • right of data portability/to request transfer of your personal data. You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

If you wish to exercise any of the rights set out above, please contact us using the details below.

  1. CHANGES TO OUR PRIVACY POLICY

We keep this Policy under regular review, and we reserve the right to modify this Policy at any time. Any changes we make in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy notice.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

This notice was last updated in November 2021.

  1. CONTACT

If you have any queries about this policy, please contact your Genesis Sun representative in the first instance. If you do not know their details, please contact us via the Genesis Sun website here.

You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.