Orchard One values your trust when sharing your personal data with us and appreciate that you may be concerned about the information provided to us and about how we handle that information which we otherwise collect in the course of our business, including via our website, email communications, digital platforms and application or any other place within any Social Media (altogether referred to as “Website”).
This Policy sets out (in full transparency and in accordance with reasonable data protection standards (hereinafter referred to as “Standards”), the basis on which we process your Personal Data (“Personal Data”) when you access our Websites or contact us.
We ask that you read this Policy carefully as it contains important information on who we are, how and why we collect, store, use and share Personal Data, your rights in relation to your Personal Data and on how to contact us and supervisory authorities in the event you have a complaint.
This Policy is divided into the following sections:
Who we are
Our collection and use of your Personal Data
Cookies and similar technologies
Keeping your Personal Data secure
How to complain
Changes to this Policy
How to contact us
Who we are
This website is operated by Orchard One. We collect, use and are responsible for certain Personal Data about you. When we do so, we will do it according to the Standards and we are responsible as ‘data controller’ of that Personal Data.
This Policy relates to your use of our Website (www.orchardone.com) only.
Our Website may contain links to other websites. However, once you have used these links to leave our Website, we do not have any control over the other website. Such sites are not governed by this Policy and we are not responsible for the protection and privacy of any information you provide to these other websites when you visit them.
In the event you visit such websites consult their privacy policies as appropriate for privacy information relating to them.
We collect Personal Data about you when you contact us or send us feedback via our Website. We collect this Personal Data from you either directly, such as when you contact us or send us feedback via our Website.
We ensure to use and protect any information you give us by applying the following principles: accountability, lawfulness of processing, specification of purpose, compatibility of further processing with purpose of collection, quality of information, openness, data security safeguards and data subject participation.
The Personal Data we collect about you depends on the particular activities carried out through our Website. This information includes:
We use this Personal Data to:
This Website is not intended for use by children and we do not knowingly collect or use Personal Data relating to children.
When we use your Personal Data, we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what Personal Data we process and why. The legal bases we may rely on include:
Registrar General – your Personal Data could be shared between us and the Registrar General in relation to any audit or statutory requirements for maintaining our Charity registration in accordance with this Policy.
Service Providers and Processors – We may engage third party vendors, agents, service providers, and affiliated entities to provide services on our behalf, such as support for the internal operations of our Website, Mobile Apps, social media services providers, payment processors, brand activation agencies, data analytics providers and third parties we use for postal courier service providers) or for the technical processing (for example, hosting services or data storage) or for customer relationship management services, as well as related offline product or promotional support services and other related services.
In providing their services, they may access, receive, maintain or otherwise process Personal Data on our behalf. Our contracts with these service providers do not permit use of your information for their own purposes, including their marketing purposes. Consistent with applicable legal requirements, we take commercially reasonable steps to require third parties to adequately safeguard your Personal Data and only process it in accordance with our instructions.
Partners – We may sometimes offer you a service or application in cooperation with partners. We may therefore need to disclose your Personal Data to those partners. Consistent with applicable legal requirements, we take reasonable steps to require third parties to adequately safeguard your Personal Data and only process it in accordance with our instructions or as co-controllers. In those cases in which the disclosure of your Personal Data with third partners takes place based on your consent or your request to do so, where relevant, we will clearly notify you of the sharing, and you will have the choice not to participate or to otherwise object to such sharing.
Third parties in case of legal requirement – We may also disclose your Personal Data if we are required to do so by law, or that doing so is reasonably necessary to comply with legal processes; when necessary or appropriate to disclose Personal Data to law enforcement authorities, such as to investigate actual or suspected fraud or violations of law, breaches of security, or breaches of this Policy; to respond to any claims against us; and, to protect the rights, property, or personal safety of the Charity, our members, customers, or the public.
Law Enforcement or other Authorities – We will share Personal Data with law enforcement or other authorities if required by applicable law.
No Other Third Party – We will not share your Personal Data with any other third party.
We require you to provide Personal Data such as your (full name, address, telephone number or email address etc)] to enable us to assist you effectively in the use of our Website for the provision of any information or action required from us. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.
We are committed to ensuring that the integrity of your information is secure through the adoption of appropriate reasonable technical and organizational measures to prevent loss of damage to, or unauthorized destruction and unlawful access to unauthorized processing of the information provided. In order to give effect to the aforementioned, we shall take reasonable measures to:
i. identify reasonably foreseeable internal and external risks to the information provided under our possession or control;
ii. establish and maintain appropriate safeguards against identified risks;
iii. regularly verify that the safeguards are effectively implemented;
iv. ensure that the safeguards are continually updated in response to new risks or deficiencies;
We shall observe generally accepted information security practices and procedure, and specific industry or professional rules and regulations.
In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Where there are reasonable grounds to believe that your data has been accessed or acquired by an unauthorized person, we shall notify you of the unauthorized access or acquisition.
We would like to send you information about products and services and special offers, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call.
We will only ask whether you would like us to send you marketing messages when you tick the relevant boxes when you complete our online form for the first time.
If you have previously agreed to being contacted in this way, you can unsubscribe at any time by contacting us at email@example.com It may take up to 30 days for this to take place. For more information on your rights in relation to marketing, see ‘Your rights’ below.
Your rights for the use of your Personal Data by us include to;
If you would like to exercise any of those rights, please:
We have appropriate security measures in place to prevent Personal Data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your Personal Data to those who have a genuine need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We hope that we can resolve any query or concern you raise about our use of your information.
This Policy was last updated on the 4th of December 2020.
We may change this Policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
Please contact us at firstname.lastname@example.org if you have any questions about this Policy or the information, we hold about you.