Privacy Policy
This notice applies to all websites & applications developed and delivered by Bring Together Ltd and its affiliate Ukrainians Together.uk. Bring Together Ltd is a registered social enterprise company incorporated in Scotland under company number SC789814 and has a registered office at Flat D Windsor Court, 57 Church Street, Broughty Ferry, Dundee, DD5 1EU. All significant decisions about data processing and policy implementation will be made using The UK GDPR (The UK General Data Protection Regulation). This notice is set out to help you understand the types of data that we collect from you, and/or your business, and how that data is collected processed and stored.
Commitment
Bring Together Ltd are committed to protecting the privacy and security of your personal data. We continually monitor compliance through implementing policies & procedures to safeguard data and by setting regular reviews to manage these policies and procedures.
Data Controller
In accordance with ICO (Information Commissioners Office) requirements of Data Controllers (the main decision maker when it comes to how people’s personal information is managed), Bring Together Ltd is registered with the Information Commissioners Office (ZB682844). When you are using Bring Together Ltd.’s website, Bring Together Ltd is the Data Controller.
About Us
Bring Together Ltd, works with individuals, communities, organisations, and those seeking refuge in the UK to support communication. We use our knowledge and skills to deliver emotional resilience and communication skills workshops for these groups, give talks on our experience and deliver training for local councils to help them more effectively and empathetically engage with communities.
Information we collect
Personal data is information about you and from which you can be identified. We will collect and process personal data about you depending on our relationship with you. Most of the personal information we process is provided to us directly by you. Data collection can be through a variety of channels, including by telephone, email, via our website or on site. We may also be provided with information about you indirectly where you have signed up for an event via third parties such as Eventbrite, Business Gateway, Elevator, LinkedIn. Categories of data we may collect include Personal, Professional, Sensitive data.
Who are our stakeholders?
Clients, Media Outlets, Associates, Delegates, Supporting Organisation, Suppliers, Statutory & Regulatory Bodies.
Website
Bring Together Ltd collects personal data from web forms submitted by individuals requesting information in the form of general enquiries or to register for the events and services provided by Bring Together Ltd. This comprises the name, phone number, email address, mailing address, company name, subject & message of the person making the enquiry.
Payment data
We collect payments directly from customers who sign up for services We also collect payments from organisations who have commissioned us to carry out services. Information collected for these purposes will be personal and financial data such as name, billing address, e-mail address, bank/debit/credit card or account information and transaction references.
Some of our commissioned services may involve collecting 3rd party donations through fundraising portals such as Go Fund Me. Personal and financial information will be collected. This includes but is not limited to your name, billing address, email address, credit/debit card information, or other payment details. This information is securely processed by the funding portal, and we do not store or have access to your full payment details.
The processing of payment information is governed by the funding portals own Privacy Policy, which you can review on their website It is important to familiarise yourself with their privacy practices to understand how they will handle your data.
Google Analytics
Bring Together Ltd may also collect personal data from the website using Google Analytics to anonymously track how users interact with our site. This involves installing Google Analytics code on our website in the form of a ‘cookie’. Cookies contain an ID number which is assigned to a user and provides us with the following information:
- Your IP address (An IP address does not provide identifiable personal information)
- Your visits to our website
- The time of your visits and the length of time you spent on our website.
- The pages that you visited.
- Your location (although this might be influenced by the location of your server)
- The browser you are using.
- Type of operating system
- The device you are using (e.g., desktop, tablet or mobile)
- Referral source (how you arrived on our site, e.g. search engine, direct URL, social media, or third-party website).
If you would like to opt-out of Google Analytics monitoring your behaviour on our website, please use this link
Social Media
Bring Together Ltd can be found on social media platforms such as Facebook, Twitter, Instagram, and LinkedIn. Social media is an important part of our awareness effort, so you may be presented with retargeting ads & emails in future following a visit to our website. We may target ads at audiences that we believe match the profile of our target audience and would therefore be interested in our services. We will also regularly tag or mention you where we are carrying out business promotion on your behalf or to raise your professional profile.
These platforms are run by commercial companies and Bring Together Ltd is not the Data Controller or Data Processor of your social media profile. You should contact these social media platforms directly if you have concerns over how your personal data is being used and stored by them.
Online & Onsite Training Workshops & Webinars
We may collect and process the following information during events and webinars:
|
|
3rd Parties
Our websites & information we share around events & involving stakeholders may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website. In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
How we use your information
Bring Together Ltd will only process personal data where we have a lawful basis for doing so. The legal grounds for processing data will depend on the purpose of the data collected and its processing requirements. Under the UK GDPR, there are six available lawful basis, namely: Consent, Contract, Legal Obligation, Vital Interests, Public Task, and Legitimate Interests. We will only process data, which is relevant, and limited to what is necessary for processing.
Bring Together Ltd collects, processes, and stores personal data for the following reasons: –
- To respond, make assessments and recommendations around products and services we provide.
- Provide reporting statistical analysis, identify customer trends and measuring effectiveness of marketing campaigns. Service quality, improvements & identify training requirements.
- To deliver services and to provide service support to our clients including survey and feedback to help improve our services.
- To process financial transactions including verification, invoicing, payments & regulatory submissions.
- To post testimonials. We post testimonials on our website that may contain personal information.
- To host training events on behalf of stakeholder(s), collect feedback on events and services we provide & to sign post similar future events.
- To send you marketing personalised email communications, newsletters, about services and products.
The principles
Whether we are acting as a data controller or processor we continue to apply the UK GDPR principles to all personal & Sensitive data that we hold, or process and these principles lie at the heart of our approach to processing personal data.
1) Processed lawfully, fairly and in a transparent manner in relation to individuals.
2) Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be incompatible with the initial purposes.
3) Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
4) Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased, or rectified without delay.
5) Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the UK GDPR in order to safeguard the rights and freedoms of individuals.
6) Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
The principles
Whether we are acting as a data controller or processor we continue to apply the UK GDPR principles to all personal & Sensitive data that we hold, or process and these principles lie at the heart of our approach to processing personal data.
1) Processed lawfully, fairly and in a transparent manner in relation to individuals.
2) Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be incompatible with the initial purposes.
3) Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
4) Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased, or rectified without delay.
5) Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the UK GDPR in order to safeguard the rights and freedoms of individuals.
6) Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
Sharing Information
Bring Together Ltd use third party hosting for this website and associated data processing is carried out only to provide you with user friendly functionality.
We will not share your information with any third parties for the purposes of direct marketing.
We will not transfer any personal data out with the UK or European Economic Area or to any third party without your knowledge.
We will share names, email addresses, pictures, job roles and organisational information as part of business-to-business networking events & with organisations & contractors commissioned to assist & co-ordinate these events.
Where an Organisation has commissioned us to host an online seminar or event, your registration & attendance information & any feedback you provide will be shared with this Organisation.
Pre & post event/online seminar management will include grouped online communications such as meeting invites in meeting chats and document sharing. Others attending may see your name email address and may see conversation responses and questions you may ask.
We may be required to transfer your information to a third party as part of a sale of some or all of our business assets to third party as part of any business restructuring or reorganization.
We may also be required to disclose or share your personal data to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property, or safety of our customers. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
Children
We do not offer services directly to children through online platforms or applications. We do manage projects tailored for families and children, often involving the collection of sensitive data indirectly from parents or guardians.
Protecting your personal information
Bring Together Ltd will continue to look for new ways to protect data, we have effective processes and procedures in place to be able to detect, investigate, risk assess and record incidents and breaches. However, in the unlikely event of a data incident/breach, we will if required to, notify the ICO within 72 hours of becoming aware of the breach as well as take steps to inform any individuals affected, where we don’t yet have all the relevant details, we will notify the ICO if required when we expect to have the results of the investigation.
International
All significant decisions about data processing and policy implementation will be made using The UK GDPR. As part of the services offered to you the information which you provide to us will not be transferred to countries outside the UK or European Economic Area. Our servers are Located inside European Economic Area or UK. If we have a requirement to transfer your information outside of these areas in any way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you use our services while you are outside the UK or the European Economic Area, your information may be transferred outside these areas in order to provide you with those services.
Your data protection rights.
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
If you wish to make a request, please contact us at +447392751536, or in writing to: –
Flat D Windsor Court,
57 Church Street,
Broughty Ferry,
Dundee,
DD5 1EU.
Communications & Direct Marketing
The Privacy and Electronic Communication Regulations (PECR) sits alongside the Data Protection Act and the UK GDPR and gives individuals specific rights around electronic communication. This means if we send electronic marketing or use cookies or similar technologies, we must comply with both PECR and the UK GDPR
Although PECR covers a number of areas which provide public electronic communication network or services PECR applies to Bring Together Ltd for
- Direct Marketing by phone, email, text, or fax
- Website cookies
Direct Marketing
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request unless an exemption applies. There are several ways you can stop direct marketing communications from us.
- Click the “unsubscribe” link in any direct marketing email communication that we send you. We will then stop any further direct marketing emails.
- You can also email, call, or write to us to ask us to add you to our suppression list.
Exemptions
If you unsubscribe from our marketing mailing lists, you will still receive service & support communications from us where you are an existing customer, supplier or have a relationship with us that requires us to process your information as part of a contract or where the law requires us to do so.
Cookies
‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. example, we use cookies to store your country preference. This helps us to improve our website and deliver a better more personalised service. It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our websites.
Regulatory Information
Further information around your rights can be found here.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF