The privacy and security of your personal information is extremely important to us.
This policy applies if you’re a supporter of Brantwood Trust (member, donor, volunteer, tenant, artist, tutor, visitor, employee) or use any of our services, visit our website, email, call or write to us.
When you entrust your details to us, we will ensure to keep that information secure. We will never sell your personal data to a third party and will only share it with organisations we work with when it is necessary to continue to provide a service, and the privacy and security of your data is assured.
About Us – Brantwood Trust
Brantwood Trust is a registered charity (Registered charity No 504743). The aims of Brantwood Trust are to administer Brantwood as a permanent memorial to John Ruskin and as a museum, to which members of the public shall have access, containing collections of drawings, books and objects of interest connected with John Ruskin; and as a place of study and recreation for students, teachers and professors and such other members of the public as may from time to time be approved by the Management Trustees.
The Brantwood Trust provides a number of services and activities to generate income, including the sale of gifts, books and artworks through our shop, provision of accommodation and venue hire, catering through our coffee house and restaurant, talks, weddings, theatre.
What personal data do we collect/hold?
For the purposes of providing you with our services, we may collect the following information which relates to you personally, for example, name, address, phone number, email address). We’ll only collect the personal data that we need.
We collect personal data in connection with specific activities such as registration or membership requests, placing an order, booking holidays, donations, volunteering, employment etc.
You can give us your personal data by filling in forms on our website, or completion of booking forms relevant to the activity in which you engaged with Brantwood Trust, or by corresponding with us (by phone, email or by joining as a member/supporter/customer).
This personal data you give us may include name, title, address, date of birth, age, employment status, demographic information, email address, telephone numbers, personal description, photographs, CCTV images, attitudes, opinions, usernames and passwords.
When processing an order, we may require financial information from you (payment information such as credit or debit card or direct debit details, and whether donations are gift-aided)
Your preferences and information we need to tailor our services to you.
Sensitive personal data
At times we’ll collect sensitive personal data for Equal Opportunities monitoring, as well as researching whether we deliver great experiences for everyone, but this is only ever analysed at an aggregate level.
Information we may collect when you visit our website
We may automatically collect the following information: Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and if you access our website via your mobile device we will collect your unique phone identifier.
Information about your visit, including, but not limited to the full Uniform Resource Locators (URL) and query string, clickstream to, through and from our website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as but not limited to, scrolling, clicks, and mouse-overs), methods used to browse away from the page.
The terms that you use to search our website
Your activities and involvement with us will result in personal data being created. This could include details of how you’ve helped us by volunteering or being involved with our campaigns and activities.
We conduct research and analysis on the information we hold, which can in turn generate personal data. For example, by analysing your previous involvement with Brantwood Trust, we may be able to tailor our communications and provide you with information, news and events most likely to interest you.
How we might use your personal data
We’ll only use your personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulation (from 25 May 2018)/UK Data Protection Act and Privacy of Electronic Communication Regulation.
Personal data provided to us will be used for the purpose or purposes of processing your transaction, whether it be an accommodation booking, group booking, membership to our Friend’s society, wedding bookings, etc. If asked by the police, or any other regulatory or government authority investigating suspected illegal activities, we may need to provide your personal data.
Your personal data may be collected and used to help us deliver our charitable activities, help us raise funds, or complete your order or request. Below are the main uses of your data which depend on the nature of our relationship with you and how you interact with our various services, websites and activities.
Your privacy is important to us, so we’ll always keep your details secure. We’d like to use your details to keep in touch about things that may matter to you.
If you choose to hear from us we may send you information based on what is most relevant to you or things you’ve told us you are interested in, all of which will be directly related to Brantwood activities / John Ruskin.
We’ll only send these to you if you agree to receive them and we will never share your information with companies outside Brantwood Trust for inclusion in their marketing. If you agree to receive marketing information from us you can change your mind at a later date.
However, if you tell us you don’t want to receive marketing communications, then you may not hear about events or other work we do that may be of interest to you.
There are some communications that we need to send. These are essential to fulfil our promises to you as a member, volunteer, donor or buyer of goods or services from Brantwood Trust. These essential communications include transaction messaging, such as Direct Debit schedules, shop purchase confirmations and holiday booking confirmations. For our Friends of Brantwood members, this these communications include membership -related mailings such as renewal reminders, biannual newsletters, and notice of our Annual General Meeting.
Retail sales, holiday accommodation and events management
We process customer data in order to fulfil holiday bookings and retail activities. Your data will be used to communicate with you throughout the process, including to confirm we’ve received your order and payment, to confirm dispatch, to clarify where we might need more detail to fulfil an order or booking, or to resolve issues that might arise with your order or booking. We may also hold dietary requirements for weddings and events.
We monitor visitor numbers on a daily basis through our admissions till and use this information to guide management decisions, including staffing and marketing. This information is used at an aggregate level and cannot be identified to a specific individual.
We carry out research with our customers, staff and volunteers to get feedback on their experience with us. We use this feedback to improve the experiences that we offer.
If you choose to take part in research, we’ll tell you when you start what data we will collect, why and how we’ll use it. All the research we conduct is optional and you can choose not to take part. For some of our research we may ask you to provide sensitive personal data (e.g. age). You don’t have to provide this data and we also provide a ‘prefer not to say’ option. We only use it at an aggregate level for reporting.
Information for our Volunteers
If you’re a volunteer then we may collect extra information about you (e.g. references, criminal records checks, details of emergency contacts, medical conditions etc.). This information will be retained for legal or contractual reasons, to protect us (including in the event of an insurance or legal claim) and for safeguarding purposes.
We need to use your personal data to manage your volunteering, from the moment you enquire to the time you decide to stop volunteering with us. This can include contacting you about events happening at Brantwood we think will be of interest, whether they are specific to a volunteering shift/date or a social event for our volunteers.
It could also include information we have gathered from you about your volunteering experience.
Information for our Donors
If you decide to donate to us then we’ll keep records of when and how much you give to a particular cause, as well as your personal contact details.
If you make a donation to Brantwood Trust, we’ll use any personal information you give us to record the nature and amount of your gift, claim gift aid where you’ve told us you’re eligible and thank you for your gift. If you interact or have a conversation with us, we’ll note anything relevant and store this securely on our systems.
We’ll may also send you updates on the impact that you make by supporting us in this way, unless you have told us not to.
If you’ve told us that you’re planning to, or thinking about, leaving us a gift in your will, we may use the information you give us to keep a record of this – including the purpose of your gift, if you let us know this.
If we have a conversation or interaction with you (or with someone who contacts us in relation to your will, for example your solicitor), we’ll note these interactions throughout your relationship with us, as this helps to ensure your gift is directed as you wanted.
Information for our Employees
In order to comply with our contractual, statutory, and management obligations and responsibilities, we process personal data, including ‘sensitive’ personal data, from job applicants and employees.
Such data can include, but isn’t limited to, information relating to health, racial or ethnic origin, and criminal convictions. In certain circumstances, we may process personal data or sensitive personal data, without explicit consent. Further information on what data is collected and why it’s processed is given below.
Contractual responsibilities: Our contractual responsibilities include those arising from the contract of employment. The data processed to meet contractual responsibilities includes, but is not limited to, data relating to: payroll, bank account, postal address, sick pay; leave, maternity pay, pension and emergency contacts.
Statutory responsibilities: Our statutory responsibilities are those imposed through law on the organisation as an employer. The data processed to meet statutory responsibilities includes, but is not limited to, data relating to: tax, national insurance, statutory sick pay, statutory maternity pay, family leave, work permits, equal opportunities monitoring.
Management responsibilities: Our management responsibilities are those necessary for the organisational functioning of the organisation. The data processed to meet management responsibilities includes, but is not limited to, data relating to: recruitment and employment, training and development, absence, disciplinary matters, e-mail address and telephone numbers.
Sensitive personal data
The Act defines ‘sensitive personal data’ as information about racial or ethnic origin, political opinions, religious beliefs or other similar beliefs, trade union membership, physical or mental health, sexual life, and criminal allegations, proceedings or convictions.
In certain limited circumstances, we may legally collect and process sensitive personal data without requiring the explicit consent of an employee.
We will process data about an employee’s health where it is necessary, for example, to record absence from work due to sickness, to pay statutory sick pay, to make appropriate referrals to the Occupational Health Service, and to make any necessary arrangements or adjustments to the workplace in the case of disability. This processing will not normally happen without the employee’s knowledge and, where necessary, consent.
Data about an employee’s criminal convictions will be held as necessary.
Disclosure of personal data to other bodies
In order to carry out our contractual and management responsibilities, we may, from time to time, need to share an employee’s personal data with one or more third party supplier.
To meet the employment contract, we are required to transfer an employee’s personal data to third parties, for example, to pension providers and HM Revenue & Customs.
In order to fulfil our statutory responsibilities, we’re required to give some of an employee’s personal data to government departments or agencies e.g. provision of salary and tax data to HM Revenue & Customs.
Work experience students
Children aged under 18 years that carry out work experience at Brantwood will provide information required to process their application. This information will include name, address, phone number, email, date of birth, medical conditions and parent’s contact details.
Information for our Friends
We use the personal data you provide as a Friend to service your membership. This includes sending renewal information to annual members by mail and email, sending the Friends newsletter, and information about our Annual General Meeting, as well as taking the opportunity to inform you of new events, exhibitions and promotions at Brantwood, unless you have asked us not to.
Updating your data and marketing preferences
We want you to remain in control of your personal data. If, at any time, you want to update or amend your personal data or marketing preferences please contact us in one of the following ways:
Phone: 015394 41396
Write to: Brantwood Trust, East of Lake, Coniston, Cumbria. LA21 8AD
Open: 10.30 – 5.00pm daily mid March – mid Nov. 10.30 – 4.00pm mid Nov – mid March Wed – Sun
Verification, updating or amendment of personal data will take place within 30 days of receipt of your request.
Your data protection rights
If you give us your consent to use your data, you have the right to withdraw that consent at any time. You also have the right to ask Brantwood Trust to stop using your personal data for direct marketing purposes.
Accessing the data we hold
If you would like further information on your rights or wish to exercise them, please write to us at Brantwood Trust, East of Lake, Coniston, LA21 8AD, or email: firstname.lastname@example.org
You will be asked to provide the following details:
The personal information you want to access;
The date range of the information you wish to access
We will also need you to provide information that will help us confirm your identity. If we hold personal information about you, we will give you a copy of the information in an understandable format together with an explanation of why we hold and use it.
Once we have all the information necessary to respond to your request we’ll provide your information to you within one month.
What to do if you’re not happy
We are committed to resolving any problem or query you have. Please contact us as per the details given above. You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection. You can contact them using their help line 0303 123 113.
Cookies and links to third party websites
Links to other websites
Keeping your information
We will only use and store your information for as long as it is required for the purposes it was collected for. How long it will be stored for depends on the information in question, what it is being used for and, sometimes, statutory legal requirements.
How we secure your data
Our data processing and information systems are password protected and have controlled user access. Hard copies of sensitive data are kept strictly confidential. When you trust us with your data, we will always keep your information secure to maintain your confidentiality.
Disclosing and sharing information
We do not sell or share your personal information for other organisations to use.
Personal data collected and processed by us may be shared with the following groups where necessary:
Third party cloud hosting and IT infrastructure providers who host the website and provide IT support in respect of the website and our company server;
Also, under strictly controlled conditions:
Service Providers providing services to us
Storage of information
Brantwood Trust operations are based in the UK and all of our data is stored within the European Union (EU). Third party spam filter software is certified under the EU-US Privacy shield.
Payment card Security
The Brantwood Trust has an active PCI-DSS compliance programme in place. This is the international standard for safe card payment processes. As part of our compliance to this very stringent standard, we ensure that our IT systems do not directly collect or store payment card information; for example the full 16 digit number on the front of the card or the security code on the back.
We operate Closed Circuit Television (CCTV) on our premises, and you may be recorded when you visit us.
CCTV is used to provide security and protect both our members, visitors and staff. CCTV will be only be viewed when necessary (e.g. to detect or prevent crime) and footage is stored for set period of time after which it is recorded over.