Build Africa is an England and Wales charitable company limited by guarantee (with company number 2200793), charity number 298316. We believe in the power of education to end poverty and rely on the generosity of thousands of supporters to help us create brighter futures for children in rural Uganda and Kenya.
What this policy tells you
As part of our work, it is often necessary to collect data from our supporters. The purpose of the policy is to clearly outline the data we collect, and how we manage, use and protect your data. If you would like more information about how we use your data, or would like to change the way we communicate with you, you can contact us in any of the following ways:
- Email: [email protected]
- Post: Data Protection Officer, 14th Floor, Tower Building, 11 York Road, London, SE1 7NX
- Phone: +44 (0)1892 519 619
What information does Build Africa collect about me?
When you get in touch with Build Africa, we may collect some data from you. For example, when you sign up to our newsletter or an event, make a donation or simply ask more about our work. Depending on how you get in touch with us, we might collect that information in person, over the phone, online or on paper.
The kind of information we will typically collect might include personal data such as your name and contact details (email address, telephone number, postal address) and your bank details if you’re making a donation. We also store information about the nature of your enquiry. This helps us understand what our supporters find the most interesting about our work, enabling us to generate exciting content and campaigns for people in the future. In specific circumstances (asking your consent first, naturally) we might ask for some sensitive data, like health-related information if you were signing up for a marathon.
How is my information used?
We collect your data so we can process your donation, deal with your request and communicate with you about our work and other ways you can engage with us. For example:
- Processing your donation and thanking you appropriately
- Sending you a gift you have purchased through our gift shop
- Sending you our regular newsletter
- To let you know about new campaigns and projects
- To send you information about our work or events we think you will find interesting
- Recording contact we’ve had with you, to make sure we’re providing all the support and information you need
We will only ever send you marketing via email or SMS with your consent – which you can update at any time. If you are receiving marketing from us via post, you can opt out at any time by using the contact details at the beginning of this document.
People in vulnerable circumstances
Build Africa understand that there can be specific considerations if and when we collect data from people in vulnerable circumstances. We are proud to adhere to the Institute of Fundraising’s ‘Treating Donors Fairly’ Guidance, and all of our fundraising staff receive training in this.
How do we work with third parties in collecting/processing personal data?
Certain third party organisations collect data on behalf of Build Africa, as well as for their own use.
Third party organisations we currently receive data from are: Committed Giving, Virgin Money Giving, Just Giving, Mailchimp, Fretwell, Survey Monkey, Guardian Jobs, Givergy, Global Event Challenges, Eventbrite, Shopify and external events providers such as New York Marathon and London Marathon. These organisations have their own data protection and privacy policies which you should be aware of before submitting your data.
Profiling - we may engage third parties to make use of profiling and screening to ensure our communications are relevant for the individuals we’re seeking to engage. Profiling can help us use our limited resources effectively by allowing to gain an understanding of donor’s interests and capacity to give.
In order to do this, we may use publically-available information - such as records at Companies House, online biographies and articles in newspapers. We may also choose to obtain further details such as date of birth, change of address information and other details related to wealth, media consumption and geodemographic data from tools like ACORN.
Marketing on Facebook - like many other organisations, Build Africa may participate in the Custom Audience program on Facebook. This enables us to present relevant adverts to our supporters when they visit Facebook. An example of this might be that we could tell all of our previous marathon runners that we have a new challenge event that they can join by presenting an advert in their news feed. We may also use Lookalike Audiences which help to find groups of people who have display similar interests and behaviour to our supporters, so that we can reach the right types of people with our message.
We never present these adverts to individuals, rather the groups of supporters we feel will find it most relevant. In order to do this we may provide your email address and/or mobile phone number to Facebook – but this will always be in an encrypted formatted, and if it does not match a Facebook account it is then deleted. We only do this so that Facebook can check who out of the group holds an active account, and it is never used for their, or anyone else’s marketing. If you’d like to learn more about the Custom Audience program you can find out more here.
We may also disclose or use personal information if required to do so by law and may use external data for the purposes of fraud prevention, for example to comply with money laundering regulations or to otherwise protect the rights, property or safety of individuals.
How do you keep my information safe?
Build Africa takes the care of your data very seriously. All our staff receive induction and refresher training in secure data management practices. Our digital information storage is protected through a range of measures including password protection, secure servers and firewalls.
The processing of credit card payments is in line with industry standards and personal information transferred between locations will be encrypted and password protected.
How long do you keep my information for?
Build Africa will keep your information for as long as you have an active relationship with us. It is possible to unsubscribe from mailing lists at any time, and if doing so we’ll keep some of your information to ensure we don’t contact you with marketing in the future.
We are also required to retain some of your information for auditing purposes, or if you have previously agreed to Gift Aid your donations. In these instances we may need to retain your data for up to six years.
How do I opt out of future communications?
Build Africa will give clear opportunities to opt out of future communications every time we communicate with you. If you prefer, you can contact our team directly and a member of staff will ensure that you are removed from our marketing communications right away.
Do you share my data outside the UK?
GDPR regulations cover the whole of the EU. Build Africa do not currently have third party partners elsewhere in Europe, but if we did, these partners would be covered by the same laws we are.
Build Africa has sister organisations in Uganda and Kenya. In responding to donor enquiries and in making sure reports are tailored for supporters who would like specific information, we may need to share limited amounts of information with our colleagues overseas. However, this information would not include financial details and it would only ever be used for clearly defined purposes, such as tailored and specific reporting information.
We are currently registered as a non-profit organisation the United States as Build Africa Incorporated with 501© status and engage with one third-party provider in the US. Though they are not governed by GDPR principles we undertake due diligence to ensure any partners outside of the EU adhere to similarly stringent guidelines relating to data protection. Build Africa currently uses a supplier in the USA. We have ensured they meet the EU-US Privacy Shield, which sets out clear safeguards and transparency responsibilities for US-based organisations processing data from EU citizens.
How do you use my information if I apply for a job?
We will only use the information you share with us for your recruitment process. We store recruitment process data for a maximum of six months and then archive it if no further action is required. Human resources folders used to store this data are password protected and only accessible by staff involved in the relevant recruitment processes.
If your application for employment with us is successful, we will need to disclose your details when seeking references and obtaining disclosure from the Disclosure Barring Service. We will inform you in advance of doing so. If successful in your application to work for us, a personnel file will be established which contains your information. It will be kept secure and only be used for purposes directly relating to your employment.
How do I access the information you hold on me?
You can request an information access report (which describes all the details we hold about you) at any time from our Data Protection Officer. Please write to us at the following address to do so:
- Data Protection Officer, 14th Floor, Tower Building, 11 York Road, London, SE1 7NX
We will aim to send an initial response within five working days and a full information access report within forty days of receipt.
Changes to our Privacy Notice
Our Privacy Notice may be updated from time to time as the work we undertake, and the environment we operate in changes. Please do check this page occasionally to see if we have included any updates or changes, and that you are happy with them. If we make substantial changes to this policy we do reserve the right to send this proactively to our supporters.
(Last updated: May 2018)
Our Cookies Policy