Privacy Notice and Safeguarding
If you would like to receive a copy of the Sir Halley Stewart Trust’s Privacy Notice and / or Safeguarding Policy, please contact the Trust and specify if you would prefer an electronic version or hard copy.
This notice provides you with details of how the Sir Halley Stewart Trust (the “Trust”) collects and processes personal data in connection with the awarding of grants.
How The Trust Uses Personal Data
The Trust collects and processes the following types of personal data of grant applicants, grantees and other people connected with the application, award or the project which benefits from an award:
- Name and contact details
- CVs, references or letters of support
- Details of individuals’ involvement in past or current projects or activities relevant to the application for a grant
The Trust requires applicants that provide the data of another person in the application form to provide them with a copy of the Trust’s privacy notice and ensure they have a lawful basis to disclose the data to the Trust.
The Trust does not require applicants or grantees to provide special categories of personal data (listed below) but recognises that this type of data may, in limited circumstances, be provided to the Trust in connection with certain grant applications or awards. Applicants and grantees are prohibited from providing this type of personal data to the Trust without having obtained valid consent of the individual to the disclosure and use of that data by the Trust. An application will be rejected and deleted from our records if evidence of such consent is not provided to the Trust.
Special categories of personal data are data relating to a person’s:
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade union membership
- Genetic or biometric data
- Health, sex life or sexual orientation
The Trust processes personal data to:
- Manage the grant application, review and award process
- Manage grants, including the use of funding and progress reporting
- Conduct grant evaluations and maintain an archive of the Trust’s work for historical research purposes
- Publicise the Trust’s grant-making activities
- Raise awareness of funding opportunities with other potential applicants or possible co-funders, or to facilitate knowledge-sharing between organisations with shared interests
- Comply with legal charity reporting requirements and / or as part of external auditing requirements
- Contact applicants or grantees about Trust events, new grants programmes or other relevant information (e.g. newsletters)
The Trust’s legal basis for processing this personal data is as follows:
Legitimate Interests of the Trust and Third Parties – the processing is necessary for the Trust’s legitimate interest in assessing grant applications, the management of grants awarded as a charitable grant-making organisation, including the maintenance of an historical archive. Where we share limited personal data to raise awareness of funding opportunities or knowledge sharing this is necessary for the legitimate interests of both the Trust and the recipients in facilitating project funding and collaboration opportunities.
Compliance with a Legal Obligation – to ensure the Trust complies with relevant laws such as its reporting obligations to the Charity Commission.
Consent – from applicants to receive email communications from the Trust promoting its aims and ideals in the form of, for example, newsletters, event invitations, or publicity for a new grants programme.
Consent – obtained by an applicant or grantee where special categories of data are disclosed to the Trust.
Who The Trust Discloses Personal Data To
The Trust discloses personal data to the following categories of recipients:
- Employees, current and former trustees of the Trust
- Other applicants or potential co-funders
- Professional advisors
- Service providers, such as data storage companies
Employees, current and former Trustees are under obligations and duties of confidentiality and must comply with the Trust’s confidentiality and data protection policies. Other recipients (e.g. cloud service providers and professional advisors) may receive and process personal data under appropriate instructions from the Trust and are, where necessary, required by contract to keep confidential and secure the information they process on behalf of the Trust and may not use it for any purpose other than to carry out the services they are performing for the Trust.
Except as described in this notice, the Trust will not share personal data with third parties without an individual’s permission, unless to: (i) respond to duly authorized information requests of police and governmental authorities or (ii) comply with laws, regulations, or court orders; (iii) enforce/protect the rights and properties of the Trust, and in each case, in accordance with applicable law.
The Trust transfers personal data to the USA as a result of its usage of Microsoft Corporation services (including SharePoint, Outlook and OneDrive) and Salesforce and Formstack with regard to the Trust’s database and online application forms. The international transfer of personal data to these companies’ US operations is covered by the Standard Contractual Clauses recognised by the UK General Data Protection Regulation and Data Protection Act 2018. If you would like additional details about this transfer mechanism please contact the Trust by sending an email to firstname.lastname@example.org.
How Long The Trust Retains Personal Data
The Trust retains details of grant applications and awards permanently to maintain an historical archive of the Trust’s work for research purposes. Limited personal data may be retained in those records and the Trust deletes CVs provided with an application after 6 years.
Data Subject Rights And How To Exercise Them
Individuals whose data we collect have rights in relation to personal data processed by the Trust under data protection law. These may include the right to:
- request access or copies of personal data;
- rectify personal data, if inaccurate or incomplete;
- delete personal data;
- restrict the processing of personal data (in certain circumstances);
- data portability (in certain circumstances); and
- object to the processing of personal data and not to be subject to automated decision making including profiling (in certain circumstances)
These rights may be limited in some situations such as where the Trust can demonstrate that it has a legal requirement or legitimate interest to process the personal data.
If you would like to exercise your rights, please contact the Trust by sending an email to email@example.com.
If you consider that the processing of your personal data by the Trust infringes applicable data protection law, you have a right to lodge a complaint with the Information Commissioner (httpss://ico.org.uk).
If you have opted in to receiving email marketing communications from the Trust you can opt out at any time by sending an email to firstname.lastname@example.org.
How To Contact Us
If you any questions about this notice or the use of personal data by the Trust, please contact the Trust by sending an email to email@example.com.