The Parish Trust Privacy Notice
Last updated: 3 May 2026
Next review due: May 2027
This Privacy Notice explains how The Parish Trust collects, uses, stores and shares personal information. It applies to our public website, our Hub app, our Help Hub, our Volunteer Hub, our partner portals, our events, our projects, our donation and shop services, and the day-to-day work of the charity.
We have written this notice in plain language so that service users, referral partners, volunteers, donors, supporters, staff, trustees, job applicants, visitors and members of the public can understand what we do with their information and why.
This notice replaces our previous Data Protection & Privacy Policy.
1. Who we are
The Parish Trust is a Registered Charitable Incorporated Organisation in England and Wales, charity number 1186996.
Our charitable work includes community support, food and practical assistance through the CARE Project, baby and maternity support through the Baby Bank, youth and children’s activities, wellbeing activities, bereavement support, volunteering, fundraising, events, and the use of community facilities such as Trethomas Life Centre.
For data protection purposes, The Parish Trust is the data controller for the personal information we collect and use, unless we clearly say otherwise. This means we decide why and how personal information is used.
Contact details
The Parish Trust
7 Roundabout Court
Bedwas House Industrial Estate
Bedwas
Caerphilly
CF83 8FS
Telephone: 02921 880 212
Email: office@theparishtrust.org.uk
If your enquiry is about data protection, please mark it for the attention of the Chief Executive Officer.
2. What this notice covers
This notice covers personal information processed through, or in connection with:
- The Parish Trust website.
- The Parish Trust Hub app and internal administration systems.
- Help Hub, including CARE Project and Baby Bank requests, referrals, household records, delivery and collection records, referral partner accounts, stock and packing workflows, QR codes, and service-user communications.
- Volunteer Hub, including volunteer applications, safeguarding declarations, training, rotas, time clock, kiosk sign-in, shift reviews, attendance records, recognition, app notifications and volunteer communications.
- Donor, fundraising, Gift Aid, shop, event, booking, and supporter records.
- Our contact forms, newsletter sign-ups, surveys, questionnaires and feedback forms.
- Recruitment, employment, trustee, contractor and supplier administration.
- Safeguarding, incident management, complaints, health and safety, insurance, legal, regulatory and governance records.
3. Personal information we collect
The information we collect depends on your relationship with us.
3.1 General contact, website and enquiry information
We may collect:
- Name.
- Email address.
- Telephone number.
- Postal address.
- Organisation name and role, where relevant.
- Message content and enquiry details.
- Communication preferences.
- Website, device, browser, IP address and cookie information.
3.2 Service users and households
If you ask for help from the CARE Project, Baby Bank, bereavement support, wellbeing support, practical support, data support, or another project, we may collect:
- Name and contact details.
- Address and postcode.
- Household size and household composition.
- Age range or date of birth, where needed.
- Details of adults, children, pregnancy, babies or young children, where relevant to the support requested.
- Referral numbers, household help numbers, Baby Bank ticket numbers and other case references.
- Details of previous requests, referrals, restrictions, sanctions, suspensions or safeguarding concerns.
- Delivery or collection preferences.
- Notes about access, hard-to-find addresses, collection arrangements, or delivery issues.
- Food preferences, dietary needs, allergy information and essential non-food needs.
- Clothing sizes, baby item needs, maternity item needs, and household equipment needs.
- Reasons for requesting support, such as debt, benefit changes, bereavement, domestic abuse, sickness, disability, poor mental health, no recourse to public funds, unemployment or other circumstances.
- Case notes, follow-up notes, communications and outcomes.
- Questionnaire responses, survey responses and feedback.
We only ask for information that we believe is needed to assess eligibility, provide appropriate support, keep people safe, improve services, report responsibly to funders, and keep appropriate records.
3.3 Referral partners and professional referrers
If you refer someone to us, or if you are registered as a referral partner, we may collect:
- Your name, work email address and telephone number.
- Job title or role.
- Organisation name, department and type of organisation.
- Work address and website, where relevant.
- Account login details and permissions within our partner portal.
- Records of referrals you make.
- Evidence that you have obtained the service user’s understanding, authority or consent where required.
- Communications between you and us.
- Audit logs showing when referrals were created, viewed, updated or managed.
Where referral partners provide information about service users, they must ensure that the information is accurate, necessary, shared lawfully, and that the service user has been given appropriate privacy information.
3.4 Volunteers
If you apply to volunteer, or volunteer with us, we may collect:
- Name and contact details.
- Address and postcode.
- Date of birth or confirmation of age.
- Emergency contact details.
- Parent or guardian details for under-18 volunteers.
- Role preferences, availability, project interests and skills.
- Application responses and interview notes.
- References, where required.
- Safeguarding self-declarations.
- DBS or criminal record check information, where appropriate for the role.
- Training records and policy confirmations.
- Rotas, claimed shifts, attendance records, kiosk sign-ins and time clock records.
- Shift review responses and supervisor notes.
- Volunteer status, recognition, awards, hours and Tempo Time Credit records.
- App device details needed for push notifications, where enabled.
- Incident, conduct, capability, safeguarding or restriction records, where relevant.
3.5 Donors, fundraisers, supporters and shop users
We may collect:
- Name and contact details.
- Donation history and fundraising activity.
- Gift Aid declarations and tax-related information.
- Payment references and transaction records.
- Shop orders, event bookings, delivery details and account details.
- Supporter preferences and communication preferences.
- Notes of conversations or pledges.
We do not normally store full card details. Card payments are handled by payment providers.
3.6 Event attendees, course participants and facility users
We may collect:
- Name and contact details.
- Booking information.
- Attendance records.
- Payment records, where applicable.
- Access, dietary, allergy, health, pastoral or safeguarding information, where needed for the event or activity.
- Emergency contact details for some activities.
- Photographs or media consent choices, where relevant.
3.7 Children and young people
Where we work with children and young people, we may collect:
- Child’s name, age, date of birth or school year.
- Parent, guardian or carer details.
- Emergency contact details.
- Medical, allergy, dietary, additional learning needs or accessibility information.
- Attendance records.
- Consent forms.
- Safeguarding, incident or welfare notes.
- Photographs, video or media permissions, where consent has been given.
We take extra care when processing children’s information. We only collect what is necessary, restrict access to those who need it, and use the information for the purposes explained at the time of collection.
3.8 Staff, trustees, job applicants, contractors and suppliers
We may collect information needed for recruitment, employment, governance and administration, including:
- Name and contact details.
- Application forms, CVs, cover letters and interview notes.
- Employment history, qualifications, references and right-to-work information.
- Payroll, pension, tax and bank details.
- Absence, sickness, performance, appraisal and training records.
- Safeguarding, DBS, disciplinary or grievance records, where relevant.
- Trustee eligibility and governance records.
- Supplier contracts, invoices, insurance and payment details.
Staff, trustee and applicant information may also be covered by separate staff, recruitment or trustee privacy notices where appropriate.
4. Special category data and sensitive information
Some of the information we process is more sensitive. This may include information about:
- Health, disability, sickness, mental health, allergies or dietary needs.
- Pregnancy, maternity or family circumstances.
- Religious or philosophical belief, where relevant to our charitable or pastoral work.
- Racial or ethnic origin, where collected for equality monitoring or reporting.
- Safeguarding, domestic abuse, vulnerability, poverty, debt, bereavement, housing or social circumstances.
- Criminal convictions, cautions, allegations, DBS checks or safeguarding self-declarations.
We only process this type of information where it is necessary and where we have both:
- A lawful basis under UK GDPR Article 6; and
- A special category condition under UK GDPR Article 9, or an appropriate condition for criminal offence data under the Data Protection Act 2018.
This may include processing because it is necessary for safeguarding, providing support to people in need, carrying out employment or volunteer checks, meeting legal obligations, protecting vital interests, carrying out our not-for-profit charitable activities, or with explicit consent where that is the most appropriate basis.
We will treat sensitive information with particular care and will restrict access to those who need to see it.
5. Why we use personal information
We use personal information for the following purposes.
5.1 To provide charitable support and services
This includes:
- Assessing eligibility for CARE Project, Baby Bank and other support.
- Creating and managing service-user, household, referral and request records.
- Arranging food parcels, baby items, practical support, collections, deliveries and follow-up.
- Managing restrictions, sanctions, suspensions, repeat requests and service history.
- Matching people with appropriate support, staff or volunteers.
- Responding to enquiries, support requests and referrals.
- Recording outcomes and feedback.
5.2 To manage referral partner relationships
This includes:
- Registering partner organisations and users.
- Approving partner access.
- Managing partner permissions.
- Processing referrals made by professionals or partner organisations.
- Confirming that service users understand how their information will be used.
- Monitoring referral quality, misuse, safeguarding and eligibility.
5.3 To manage volunteering
This includes:
- Processing volunteer applications.
- Assessing suitability for roles.
- Completing safeguarding checks.
- Managing training, rotas, shift claiming, kiosk sign-in and time clock records.
- Sending shift reminders, updates, reviews and recognition messages.
- Managing volunteer conduct, incidents, concerns or restrictions.
- Keeping appropriate records of volunteer hours and activity.
5.4 To keep people safe
This includes:
- Safeguarding children, young people and adults at risk.
- Recording and managing safeguarding concerns.
- Sharing information with statutory agencies or other organisations where necessary and lawful.
- Managing incidents, accidents, complaints, risk assessments and health and safety matters.
- Ensuring that staff, trustees and volunteers are suitable for their roles.
- Preventing, detecting or responding to abuse, fraud, crime or serious misconduct.
5.5 To manage donations, fundraising, shop orders and Gift Aid
This includes:
- Processing donations and Gift Aid declarations.
- Keeping financial and accounting records.
- Managing donor relationships and supporter communications.
- Processing shop orders, event bookings and facility bookings.
- Meeting legal, tax, audit and charity accounting requirements.
5.6 To communicate with people
This includes:
- Responding to enquiries.
- Sending service updates, appointment details, delivery or collection information.
- Sending volunteer rota, training, shift or policy updates.
- Sending partner portal and referral updates.
- Sending newsletters, fundraising updates or marketing communications where allowed.
- Sending urgent safety, safeguarding, operational or service messages.
5.7 To run and improve our systems
This includes:
- Operating our website, Hub app, Help Hub, Volunteer Hub and internal systems.
- Managing accounts, passwords, permissions, audit logs and security.
- Troubleshooting, testing, backups and system improvements.
- Preventing unauthorised access, misuse, fraud or security incidents.
- Producing anonymous or aggregated reports about our work.
5.8 To meet legal, regulatory and governance obligations
This includes:
- Charity governance.
- Financial accounting and audit.
- Employment law and pensions.
- Health and safety.
- Safeguarding obligations.
- Insurance, legal claims and complaints.
- Reporting to funders, regulators and public authorities where required.
6. Our lawful bases for using personal information
We rely on different lawful bases depending on the purpose.
| Purpose | Likely lawful basis |
|---|---|
| Responding to enquiries | Legitimate interests, consent where appropriate |
| Providing charitable support and managing service-user records | Legitimate interests, recognised legitimate interests where applicable, vital interests in emergencies, legal obligation where applicable, explicit consent where appropriate |
| Processing referrals from partner organisations | Legitimate interests, recognised legitimate interests where applicable, legal obligation where applicable, explicit consent where appropriate |
| Safeguarding children and adults at risk | Recognised legitimate interests where applicable, legitimate interests, legal obligation, vital interests in emergencies |
| Managing volunteers | Legitimate interests, legal obligation, contract-like arrangements where applicable, consent for optional communications or media |
| Safeguarding checks, DBS and self-declarations | Legal obligation where applicable, legitimate interests, recognised legitimate interests where applicable, substantial public interest conditions under the Data Protection Act 2018 |
| Managing staff, trustees and job applicants | Contract, legal obligation, legitimate interests, explicit consent where appropriate |
| Processing donations, Gift Aid, shop orders and payments | Contract, legal obligation, legitimate interests, consent for marketing where required |
| Sending newsletters, fundraising and marketing messages | Consent, soft opt-in where legally available, legitimate interests for some postal or non-electronic communications where appropriate |
| Running websites, app accounts, portals, security and audit logs | Legitimate interests, legal obligation where applicable |
| Reporting to funders and regulators | Legal obligation, legitimate interests, public task where applicable to receiving bodies; we aim to use anonymised or aggregated data where possible |
| Managing complaints, claims and insurance | Legitimate interests, legal obligation, establishment, exercise or defence of legal claims |
Where we rely on legitimate interests, our interests include running the charity properly, providing services, protecting people, preventing misuse, keeping accurate records, improving our work, securing our systems, and fulfilling our charitable purposes. We consider the impact on individuals and only rely on this basis where our interests are not overridden by the rights and freedoms of the individual.
Where we rely on recognised legitimate interests, this may include safeguarding vulnerable people, responding to emergencies, preventing or investigating crime, or sharing information with a public authority or organisation that needs the information for its public task or function.
Where we rely on consent, you can withdraw your consent at any time. Withdrawing consent will not affect anything we have already done lawfully before consent was withdrawn. In some situations, we may still need to keep or use some information under another lawful basis, for example safeguarding, legal, finance, complaints, audit or service history purposes.
7. When we receive information from someone else
Sometimes we receive personal information from someone other than the person it relates to. This may include information from:
- Referral partners.
- Schools, health visitors, social services, housing associations, churches, charities, advice agencies, emergency services or other support organisations.
- Parents, guardians, carers or family members.
- Staff, volunteers, trustees or service users.
- Public authorities, regulators or safeguarding agencies.
- Online forms, app accounts, cookies, analytics and security tools.
Where we receive information indirectly, we will provide privacy information as soon as reasonably possible, unless an exemption applies or it would be disproportionate, impossible, or would seriously impair the purpose of the processing, such as in some safeguarding situations.
8. Who we share personal information with
We do not sell personal information.
We only share personal information where there is a proper reason to do so. Depending on the situation, we may share information with:
- Authorised staff, trustees and volunteers within The Parish Trust.
- Referral partners and professional referrers, where necessary for the support being provided.
- Delivery drivers, collection volunteers and packing teams, but only with information needed for their role.
- Safeguarding agencies, local authorities, police, emergency services, health professionals, schools, social services or other statutory bodies where necessary and lawful.
- Funders and grant makers, usually using anonymised or aggregated data unless personal data is genuinely required and lawful.
- Payment processors, banks and Gift Aid/HMRC systems.
- Website, Hub app, hosting, database, email, text message, push notification, backup, security, analytics, accounting, donation, booking, shop, form and technical support providers.
- SMS providers, including Twilio and BulkSMS, where we send service, operational, security or other lawful text messages.
- Professional advisers, auditors, insurers, legal advisers and accountants.
- Regulators, courts, tribunals or public authorities where required or permitted by law.
We restrict what we share to what is necessary for the purpose. We may use different suppliers from time to time, so this notice describes the main categories of providers rather than naming every individual supplier.
9. Referral partners and consent on behalf of service users
Referral partners must only submit a referral where they have a lawful basis for doing so and where the service user understands that their information will be shared with The Parish Trust.
In many cases, the referral partner will be expected to confirm that the service user:
- Knows that a referral is being made.
- Understands what information is being shared.
- Understands that The Parish Trust will use the information to assess eligibility, provide support, keep records, contact them, and manage safeguarding or service concerns.
- Has been given access to this Privacy Notice, or has had the important information explained to them in an accessible way.
We may refuse, query or delay a referral if the information provided is incomplete, unclear, unsafe, inappropriate, or does not show that the service user has been properly informed.
10. Safeguarding, welfare and serious concerns
Sometimes we may need to use or share personal information without consent. This may happen where we believe it is necessary to:
- Protect a child, young person or adult at risk.
- Respond to domestic abuse, neglect, exploitation, coercion or serious welfare concerns.
- Protect someone’s life or physical safety.
- Prevent or detect crime.
- Comply with a legal obligation.
- Cooperate with a statutory safeguarding enquiry.
- Protect staff, volunteers, service users, visitors or members of the public.
We will consider each situation carefully and only share what is necessary and proportionate.
11. Restrictions, sanctions, suspensions and service history
The Parish Trust may need to keep records about service access, eligibility, restrictions, sanctions, suspensions, conduct issues, safeguarding concerns, delivery concerns, fraud prevention, misuse, threats, abuse, or other risks.
These records help us:
- Keep people safe.
- Make fair and consistent decisions.
- Understand previous contact and support history.
- Avoid repeatedly reassessing the same risk without context.
- Protect staff, volunteers, service users and partner organisations.
- Prevent misuse of charitable resources.
- Demonstrate why decisions were made.
Because these records may be needed for safeguarding, legal, audit, insurance, complaint handling or risk management purposes, we may not always be able to delete them immediately if someone asks us to do so. We will consider each request carefully and explain our decision.
12. App, website and system information
When you use our website, Hub app, Help Hub, Volunteer Hub, partner portals or related systems, we may collect technical information such as:
- IP address.
- Device type, browser type and operating system.
- Login times, access logs and audit records.
- Pages visited and actions taken.
- Error logs and security logs.
- App device tokens for push notifications, where enabled.
- Cookies and similar technologies.
We use this information to keep systems secure, maintain user accounts, prevent misuse, troubleshoot faults, improve services and provide relevant notifications.
13. Cookies and similar technologies
Our website and online systems may use cookies and similar technologies.
Cookies may be used for:
- Essential website and account functions.
- Security and fraud prevention.
- Remembering preferences, such as language or cookie choices.
- Analytics and performance monitoring.
- Embedded content, such as videos or social media content.
- Shop, basket, checkout, donation or payment functions.
Where cookies are essential, they may be used without consent because the website or service cannot function properly without them. For non-essential cookies, such as analytics or marketing cookies, we will ask for consent where required.
You can usually manage cookies through your browser settings and, where available, through the cookie controls on our website.
14. Email, text messages and push notifications
We may contact you by email, telephone, text message, letter, app notification or portal message.
Service messages may include:
- Confirmation of a request, referral or booking.
- Delivery or collection updates.
- Volunteer rota, shift, training or policy updates.
- Partner portal and referral updates.
- Safety, safeguarding or operational updates.
- Account, password or security messages.
Marketing or fundraising messages will only be sent where we have a lawful basis to do so. In many cases this will be consent. You can unsubscribe from marketing emails or ask us to stop sending marketing communications.
Opting out of marketing does not stop us from sending necessary service, safeguarding, legal, security or operational messages.
15. Photographs, video and media
We may take photographs or video at activities, events or projects.
Where images identify individuals, we will use a lawful basis for doing so. For children, young people, service users, volunteers or sensitive contexts, we will normally ask for consent before using identifiable images for publicity.
You can withdraw consent for future use of images. However, we may not always be able to remove images that have already been printed, published, shared, archived, or used in materials already in circulation.
16. Automated decision-making
We do not make decisions that have legal or similarly significant effects on individuals solely by automated means.
Our systems may use rules to support administration, such as calculating referral expiry dates, showing whether a request appears eligible, flagging duplicate households, checking annual request limits, identifying overdue collections, prioritising delayed parcels, or showing rota availability. These rules support staff and volunteer decision-making, but important decisions can be reviewed by an appropriate person.
17. How long we keep information
We only keep personal information for as long as necessary for the purpose it was collected, including legal, safeguarding, finance, audit, insurance, complaint handling and charity governance reasons.
The following table gives general guide periods. Some records may be kept longer or shorter depending on the situation.
| Type of record | Typical retention period |
|---|---|
| General enquiries | Up to 2 years after the enquiry is resolved, unless needed longer |
| Newsletter and marketing records | Until you unsubscribe or withdraw consent, plus suppression records to ensure we honour opt-outs |
| CARE Project service-user and household records | Usually up to 6 years after the last meaningful contact, request, referral, restriction or safeguarding note, unless a longer period is justified |
| Baby Bank referral and request records | Usually up to 6 years after the last meaningful contact, request, referral, restriction or safeguarding note, unless a longer period is justified |
| Referral partner account and referral records | Usually up to 6 years after the end of the partner relationship or the relevant referral history, unless needed longer |
| Safeguarding records | Kept in line with safeguarding requirements and the seriousness of the concern; significant records may need to be kept for a long period |
| Accident, incident and health and safety records | Usually at least 3 years, and longer where children, insurance, legal claims or safeguarding issues are involved |
| Volunteer application records where the person does not start volunteering | Usually up to 12 months after the recruitment/application process ends, unless needed longer |
| Active volunteer records | For the duration of volunteering and usually up to 6 years afterwards, unless safeguarding or legal reasons require longer |
| Volunteer safeguarding declarations and DBS-related decision records | Kept only as long as necessary and in line with safer recruitment and safeguarding requirements |
| Training, rota, attendance and time clock records | Usually up to 6 years after the end of the volunteering relationship or relevant financial/reporting period |
| Donation, Gift Aid, finance, accounting and transaction records | Usually 6 years after the end of the relevant financial year, or longer if required by law or HMRC |
| Shop orders and booking records | Usually up to 6 years after the transaction or booking |
| Job applicant records where no appointment is made | Usually up to 12 months after the recruitment process ends, unless needed longer |
| Staff and payroll records | In line with employment, tax, pension, safeguarding and legal requirements; many records are kept for 6 years after employment ends, with some kept longer |
| Trustee governance records | In line with charity governance, legal, safeguarding and regulatory requirements |
| Complaints and legal claims | Usually up to 6 years after closure, or longer where necessary |
| System audit logs and security logs | Usually between 6 months and 6 years depending on the system, risk and purpose |
| Backups | Retained for a limited period according to our backup cycle, unless needed for security, legal or disaster recovery reasons |
Where information is no longer needed, we will delete it, anonymise it, archive it securely, or restrict access to it as appropriate.
18. How we protect personal information
We use organisational and technical measures to protect personal information. These may include:
- Role-based access permissions.
- Password protection and account controls.
- Audit logs.
- Secure hosting and backups.
- Staff and volunteer confidentiality expectations.
- Safeguarding procedures.
- Training and internal guidance.
- Restricted access to sensitive records.
- Secure deletion or archiving where appropriate.
- Review of access rights when roles change.
No system can be guaranteed to be completely secure, but we work to protect the information we hold and respond promptly to security concerns.
19. International transfers
Most of our information is intended to be stored and used within the UK or the UK/European Economic Area.
Some technology providers may process information outside the UK or EEA, for example cloud, email, app, payment, analytics or support providers. Where this happens, we will take steps to ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, the UK International Data Transfer Agreement, or other lawful transfer mechanisms.
20. Your rights
You have rights under data protection law. Depending on the situation, these may include:
- The right to be informed about how your information is used.
- The right of access to your personal information.
- The right to have inaccurate information corrected.
- The right to have information erased in certain circumstances.
- The right to restrict processing in certain circumstances.
- The right to object to processing in certain circumstances.
- The right to data portability in certain circumstances.
- The right to withdraw consent where we rely on consent.
- Rights relating to automated decision-making, where applicable.
- The right to complain to the Information Commissioner’s Office.
These rights are not absolute. For example, we may need to keep information for safeguarding, legal, finance, audit, complaint handling, insurance, service history or regulatory reasons.
21. Asking to see, correct or delete your information
You can make a data rights request by contacting us using the details in this notice.
You may ask us to:
- Tell you what personal information we hold about you.
- Provide a copy of your personal information.
- Correct inaccurate information.
- Delete information where there is no longer a lawful reason for us to keep it.
- Restrict how we use your information.
- Object to how we use your information.
- Stop sending marketing communications.
We may need to confirm your identity before responding. We will usually respond within one month, although complex requests may take longer as allowed by law.
If we cannot do what you ask, or if we can only do part of it, we will explain why.
22. Requests to delete information
You can ask us to delete your personal information. We will consider the request carefully.
We will normally delete information where:
- We no longer need it.
- We are relying on consent and you withdraw that consent.
- There is no overriding legal, safeguarding, finance, audit, complaint, insurance or operational reason to keep it.
We may refuse or partly refuse deletion where we need to keep information for reasons such as:
- Safeguarding children, adults at risk, staff, volunteers, service users or the public.
- Recording restrictions, sanctions, serious incidents or service history.
- Preventing fraud, misuse, abuse or repeated unsafe conduct.
- Responding to complaints, claims, disputes or regulatory enquiries.
- Meeting legal, charity, finance, tax, employment, health and safety or insurance obligations.
- Keeping a minimal suppression record so we do not contact you again for marketing.
Where possible, we may restrict access, anonymise information, or delete parts of a record rather than keeping everything.
23. Complaints
If you are concerned about how we use your personal information, please contact us first so we can try to resolve the issue.
You can contact us at:
The Parish Trust
7 Roundabout Court
Bedwas House Industrial Estate
Bedwas
Caerphilly
CF83 8FS
Telephone: 02921 880 212
Email: office@theparishtrust.org.uk
You also have the right to complain to the Information Commissioner’s Office, the UK regulator for data protection.
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
24. Changes to this notice
We will review this notice regularly and update it when our services, systems, legal obligations or data processing change.
If we make significant changes, we will take reasonable steps to bring them to the attention of people affected, for example through our website, Hub app, email notices, portal notices, or updated form wording.
25. Short wording for forms
The following short wording can be used on forms, sign-up pages and app screens:
How we use your information
The Parish Trust will use the information you provide to process your request, referral, application, donation, booking or enquiry; provide our services; keep appropriate records; communicate with you; keep people safe; meet legal and charity obligations; and improve our work. We may share information with authorised staff, volunteers, referral partners, service providers, safeguarding agencies or public authorities where necessary and lawful. We will handle your information in line with our Privacy Notice.
For service-user and referral forms
By continuing, you confirm that the information provided is accurate and that you understand The Parish Trust will use it to assess eligibility, provide support, contact the service user, keep appropriate records, manage service history, and deal with safeguarding, welfare, audit or legal matters where necessary. Referral partners must ensure the service user understands that their information is being shared with The Parish Trust and has been given access to our Privacy Notice or had the key information explained to them.
For volunteers
By applying to volunteer, you understand that The Parish Trust will use your information to process your application, assess your suitability, manage safeguarding checks, provide training, manage rotas and attendance, communicate with you, keep appropriate records, and keep people safe. Some roles may require safeguarding declarations, references or DBS checks.
For marketing/newsletters
We would like to keep you updated about our work, news, events, fundraising and ways to support The Parish Trust. We will only send marketing communications where we are allowed to do so. You can unsubscribe or change your preferences at any time.
26. Publication status
This notice has been prepared as the main public Privacy Notice for The Parish Trust.
The Parish Trust has not appointed a statutory Data Protection Officer. Data protection enquiries should be marked for the attention of the Chief Executive Officer.
The Parish Trust may use third-party providers to support its website, Hub app, Help Hub, Volunteer Hub, email, SMS, push notifications, donations, payments, accounting, bookings, shop, security, analytics, forms, databases, backups and technical support. These providers act as processors where they handle personal information on our behalf.
The Parish Trust currently uses SMS services, including Twilio and BulkSMS, where text messages are needed for service, operational, security or other lawful communications.
The Parish Trust intends this notice to be linked from relevant website pages, Hub settings, data-rights pages, forms and portals.
