Dominican Sisters of Saint Catherine of Siena, Newcastle, Natal | Dominican Sisters (Third Order) Congregation of Newcastle, Natal (Registered Charity 233236)| Rosary Priory, 93 Elstree Road, Bushey Heath, Bushey, Herts. WD23 4EE
Phone: 020 8950 6065 | Email: firstname.lastname@example.org
The Dominican Congregation of Saint Catherine of Siena, of Newcastle, Natal (“the Congregation”) is committed to protecting the privacy of your personal information. This notice explains why we collect personal information, how we use it, and your rights. We keep your data secure at all times and use it only for the purpose for which you share it.
Who is responsible for your data?
The Data Controller is the UK Registered Charity, Dominican Sisters (Third Order) Congregation of Newcastle, Natal, the civil legal entity through which the Congregation operates. The Registered Charity works with and on behalf of the RSA Region Public Benefit Organisation (PBO) 18/11/13/2062. The collection, processing and retention of all data is carried out in accordance with relevant legislation, namely GDPR in the UK and POPIA in SA .
Although our website may be used without providing personal information, different conditions may apply to particular services on our site (see Cookies and website analytics below).
Please be aware that any data transferred via the internet may be subject to security risks. Complete protection against third-party access to transferred data cannot be ensured.
How we collect personal information
We may collect information when you contact us or have any involvement with us, for example when you:
- enquire about our facilities and services;
- enquire about, register for and/or attend an activity or event we organise or host;
- attend a meeting, retreat, reflection or event and provide us with information;
- attend a Come and See workshop or other vocation promotion event;
- make a booking for the hire and use of the Niland Conference Centre;
- provide us with information for a meeting/event you are organising in one of our Communities/premises;
- make a donation to us;
- sign up to receive news about our activities;
- visit our website (see Cookies policy;
- create or update a profile
- post content to our social media sites;
- join us as a volunteer; or
- contact us in any way including online, email, phone, SMS, social media or post.
Where we collect information from
We collect personal information
- Directly: You may provide details when you contact us or make an enquiry; or when you ask for information or make a donation, organise, host and/or attend events in the Centre, or contact us for any other reason.
- Shared: Your information may be provided to us by other organisations, for example an organisation or charity working with us, if you have given them your permission. The information we receive from other organisations depends on your settings or the option responses you have given them.
What personal information we collect
We may collect personal information (data) such as:
- personal identifiers including your name; address; phone number(s); email address; and/or social media tags;
- occupation; and/or
- religious affiliation (including Parish/Church community)
What information we process, and how, will depend on the nature of the contact you have with us.
How we use your information
The Congregation, through the UK Registered Charity, complies with GDPR and POPIA respectively by: keeping personal data up to date; storing and destroying it securely; limiting the extent of data collected and retained; protecting personal data from loss, misuse, unauthorised access, and disclosure; and implementing adequate technical measures to protect personal data.
The personal information we hold may be used in a number of ways. These may include:
- promoting the interests of the UK Registered Charity/RSA PBO and/or the Congregation;
- managing our staff and volunteers;
- administering the Niland Conference Centre and other such Community premises;
- maintaining financial records and processing donations (including Gift Aid applications where applicable);
- maintaining our organisational records and ensuring we know your preferred means of communication and contact;
- contacting you to obtain or provide additional information (e.g. changes of date or cancellation of an event); andseeking your views on our services or activities so that we can make improvements; and
- analysing the operation of our website and your website activity so as to improve the website
The legal basis for us to process your information
- To carrying out a contract;
- Legitimate interest as laid out below
- Explicit consent to retain personal information for purposes of communication, and to process Gift Aid
- Processing is carried out by a not-for-profit body with a religious aim provided such processing relates only to individuals who have provided personal data for such purposes; and there is no disclosure to a third party without explicit consent.
For queries about your communication preferences, please contact the Data Protection Lead.
How we keep your information safe
We keep all personal data on computer systems with access controls and which are protected against malicious attacks. We review our GDPR Data Protection/POPIA Data Protection and Information Security policies annually.
Who has access to your information?
Your information may be accessed by one or more of the following according to the nature of your contact with us:
- The Trustee of the UK Charity, namely the Congregation Prioress and her Council;
- The Head of the RSA PBO, namely the Region Prioress and her Council;
- The Finance Manager, General Bursar and Region Bursar;
- The Niland Conference Centre Coordinator and Team;
- A processor/operator named by the Data Controller;
- Analytics and search engine providers that help us to improve our website and its use.
How long we keep your personal data
We hold your personal data until you withdraw consent. We retain financial records and associated paperwork for 6 years after the tax year to which they relate.
Your rights and access to your data
You have the right to request details of the processing activities we carry out with your personal information through making a Subject Access Request (SAR; also known as a Data Subject Access Request). Such requests shall be directed to the Data Protection Lead.
You also have the following rights:
- the right to request a copy of your data held by the Congregation (to be ‘informed’);
- the right to request correction of inaccurate or out of date information (‘rectification’);
- the right to erasure of your information (the ‘right to be forgotten’);
- the right to withdraw your consent to processing at any time;
- the right to request that your information be provided to you in a format that is secure and suitable for your re-use (‘portability’);
- the right to request a restriction on further processing where there is a dispute in relation to the accuracy or processing of your information;
- the right to object to processing of your personal data; and
- rights in relation to automated decision-making and profiling, including profiling for marketing
If we wish to use your information for a new purpose, not covered by this Privacy Notice, we will provide a notice explaining this new use before the processing begins and setting out the relevant purposes and processing conditions. Where and when necessary, we will seek your prior consent to the new processing.
You may contact us with any questions relating to the collection, processing, use or retention of your personal information.
Questions or Complaints
In the first instance we hope you will contact us directly with any questions or complaints (contact details are displayed prominently on this website). However, legal rights regarding privacy are the remit of independent bodies each of which has its own process:
- UK Information Commissioners Office (ICO)
- https:// ico.org.uk/concerns/
- SA Information Regulator http://www.justice.gov.za/inforeg/contact.html
Transfer of Personal Data
From time to time we may pass personal data such as your name and email address to other services that we use to send out newsletters and other communications (both electronic and print). However, your personal data will remain in the EU or countries considered by the EU to have equivalent policies such as Jersey, Guersey, Switzerland, New Zealand and Cananda. Companies based in the USA that have certified with the EU-US Privacy Shield programme are also considered to be permitted destinations by the EU (this includes popular US products like Gmail, DropBox and MailChimp).
Cookies and website analytics
You may prevent cookies from being installed by adjusting your browser settings. However, this may impact your experience of our website and its functions.
For technical reasons certain data is collected and transmitted by your internet browser to our web space provider—so called ‘server log files’. This data includes:
- type and version of browser you use
- operating system
- websites that linked/directed you to our site (referrer URL)
- websites you visit
- date and time of your visit
- your Internet Protocol (IP) address
This data is anonymous; is stored separately from any personal information you may have provided; cannot be connected to any particular person; and is used only for statistical purposes to improve our website and services.
Registering an account
We may invite you, through the website, to register/subscribe to receive communication updates and information about the Congregation and the services we offer. The personal information you provide on our registration form (name, email, phone number, etc.) is collected and stored solely for use by our website. When you subscribe, we also store your IP address and the date and time you registered. This serves to protect us in the event a third party improperly and without your knowledge makes use of your data to sign up for our site. No information is transferred to third parties, nor can it be matched to any information that may be collected by other components of our website.
We may offer the opportunity to post comments about individual posts/articles. For this purpose, the IP address of the user/internet connection subscriber is acquired and stored to safeguard and protect the reputation and well-being of the Charity and Congregation in the event that an author through his/her comments infringes against third party rights and/or uploads unlawful content. The Charity has a direct interest in the author’s stored data, particularly since it may be liable for such violations. No data is transferred to third parties, nor can any of this information be matched to information that may be collected by other components of our website.
Subscribing to Comments
We may offer the opportunity to subscribe to subsequent comments about an article on which you have commented. If you enable this option, you will receive a confirmation email to verify you are the owner of the email address entered. You may revoke at any time your decision to subscribe to follow-on comments. Additional details are contained in the confirmation email. No data obtained by this feature is transferred to third parties, nor can it be matched to any information that may be collected by other components of our website.
- Use of ‘Google Analytics with anonymisation’
Google Analytics employs ‘cookies’, text files which are stored on your computer to facilitate analysis of your use of the site.
The information generated by these cookies (including time, place and frequency of your visits to our site as well as your IP address) is transmitted to, and stored at, Google’s site in the USA.
We use Google Analytics with an IP anonymisation feature, which abbreviates and preserves the anonymity of your IP address before transferring it from member states of the European Union or signatory states to the Agreement on the European Economic Area.
Google will use this information to evaluate your usage of our site; to compile reports on website activity for us; and to provide other services related to the website and internet usage. Google may transfer this information to third parties if required by law or to the extent this data is processed by third parties on Google’s behalf.
Google states that it will never associate your IP address with other data held by Google. You can prevent cookies from being installed by adjusting your browser software settings. You should be aware, however, that by doing so you may inhibit the full use of all the functions of our website.
Google offers a disabling option for the most common browsers, thus giving you greater control over the data which Google collects and processes. If you enable this option, no information regarding your website visit is transmitted to Google Analytics. However, this activation does not prevent the transmission of information to us or to any other web analytics services we may use. For information about the Google disabling option, and how to enable it, visit https://tools.google.com/dlpage/gaoptout? hl=en
Use of ‘Google+ recommendation’ components
Our website may employ the “+1” button from Google+ belonging to Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (henceforth “Google”). Each time our website receives an access request equipped with a “+1” component, the component prompts your browser to download from Google an image of this component. This process informs Google precisely which page of our website is being visited.
As specified by Google, your visit is subject to additional analysis in the event you are not logged into your Google account.
If you access our site while logged into Google and press the “+1” button, Google can collect information about your Google account, websites you recommend, IP address, and other browser-related information. This allows your “+1” recommendation to be stored and publicised. Your Google “+1” recommendation may then appear as a reference in other Google services, including search results, your Google account, or other places such as on websites or ads on the internet, together with your account name and (where applicable) a picture you shared with Google. Furthermore, Google can link your visit to our site with data stored by Google. Google also records this information for the purpose of improving Google services.
To minimise the collection of information by Google as described above, you must log out of your Google account before visiting our website.
You can access Google’s data protection policy relating to the “+1” button, together with information on the collection, transfer, and use of data by Google, your rights, and your profile settings options at https://developers.google.com/+/web/buttons-policy
Use of ‘Google Maps with recommendation’ components
We may use the “Google Maps” component on our website in combination with the so-called “Share function”. “Google Maps” is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA .
Each time this component is used, Google sets a cookie to process the user configuration and data when displaying the page containing the integrated Google Maps component. As a rule, this cookie is not deleted by closing the browser, but expires after a certain time unless you choose to delete it manually before this time expires.
The Google Maps function includes the following recommendation buttons:
- “Google+” button from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA;
- “Facebook” button from Facebook Inc., 1601 S. California Ave, Palo Alto, CA
- 94304, USA;
- “Twitter” button from Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.
By calling up the Google Maps page, these “Recommendation components” cause the browser you are using to download a corresponding display of the component from the respective provider, thus informing the said provider about the specific page of our web site you are currently visiting.
If you are logged in to your personal account of the provider mentioned at the time of calling up the Google Maps page, this will be able to collect the information obtained from the websites recommended by you as well as your IP address and other browser relevant information and link it to your respective account.
To prevent the transmission and storage of data about you and your behaviour on our website by any, you must log out of your accounts with the said provider(s) before you visit our site.
- Twitter: https://twitter.com/privacy?lang=en
- Facebook: https://facebook.com/about/privacy
- Google+: https://developers.googcom/+/web/buttons-policy
Use of “Google Maps”
Google sets a cookie to process user configuration and data when the page containing the integrated Google Maps component is displayed. This cookie is not usually deleted by closing the browser, but rather expires after a fixed period of time. You may choose to remove it manually before the time expires.
Use of “reCAPTCHA”
To protect the data submitted on input forms, this website uses the “reCAPTCHA” service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (henceforth “Google.”) This service permits a differentiation between input by means of human origin and input generated improperly by automated machine processing. To our knowledge, the information conveyed to Google includes: the referrer URL; the user’s IP address; the behaviour of website visitors; information about the operating system, browser and length of stay; cookies; display instructions and scripts; user input behaviour; and mouse movements in the reCAPTCHA checkbox. Google uses the information obtained, among other things, to digitise books and other printed matter as well as to optimise services such as Google Street View and Google Maps (e.g. house number and street name recognition).
Use of “Facebook” components
Each time our website receives an access request equipped with a Facebook component, the component prompts your browser to download an image of this Facebook component. This process informs Facebook about which page of our website is visited.
When you access our site while logged into Facebook, Facebook uses information gathered by this component to identify the precise page you are viewing and associates this information to your personal account on Facebook. If you click the “Like“ button, for example, or enter a comment this information is transmitted to, and stored in, your personal Facebook account. Facebook is also informed of your visit to our website. This occurs whether or not you click on a component.
To prevent the transfer to, and storage of data, by Facebook about you and your interaction with our website, you must log out of Facebook before visiting our website. The data protection policies of Facebook provide additional information, in particular about the collection and use of data by Facebook, your rights in this regard as well as options available for protecting your privacy: https://facebook.com/about/ privacy/
In addition, free tools are available online that will block Facebook social plug-ins with add-ons from being added to commonly used browsers
Use of “Twitter recommendation” components
Our website employs components provided by Twitter. Twitter is a service of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.
Each time our website receives an access request equipped with a Twitter component, the component prompts your browser to download an image of this component from Twitter. This process informs Twitter of which precise page of our website is being visited.
Use of “LinkedIn recommendation” components
Our website employs components provided by the network LinkedIn. LinkedIn is a service of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time our website receives an access request equipped with a LinkedIn component, the component prompts your browser to download an image of this component from LinkedIn.
This process informs LinkedIn exactly which page of our website is being accessed. By clicking the LinkedIn “recommend button“ while logged into your LinkedIn account, you can link content from our website to your LinkedIn profile. This allows LinkedIn to associate your visit to our site with your LinkedIn account.
Use of “YouTube” components with enhanced data protection mode
Specifically, we use the “ – enhanced data protection mode – ” option provided by YouTube.
When you display a page containing an embedded video, a connection is made to the YouTube server, and the content will appear on the website via a communication to your browser.
According to the information provided by YouTube, in “ – enhanced data protection mode – ”, data is only transferred to the YouTube server, in particular which of our websites you have visited, if you watch the video. If you are logged onto YouTube at the same time, this information will be matched to your YouTube member account. To prevent this, log out of your member account before visiting our website.
Further information about data protection by YouTube is provided by Google under the following link:
Use of “Vimeo” components
We use Vimeo components on our site. Vimeo is a service of Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA. Whenever you visit our website, which is equipped with such a component, this component causes the browser you are using to download a corresponding display of the Vimeo component. When you visit our site and are at the same time logged into Vimeo, Vimeo recognises using the information collected by the component, which specific page you are visiting and assigns this information to your personal account at Vimeo. If, for example, you click the “Play” button or make comments, this information will be conveyed to your personal user account at Vimeo and stored there. Also, the information that you have visited our site will be passed on to Vimeo, whether or not you click on the component/comment.
Use of ‘MailChimp’
Communication by MailChimp
We use MailChimp to communicate regular updates about the Congregation, our Sisters, and/or the UK Registered Charity and RSA Region PBO. You need a valid email address to receive communications from us. We will check the email address entered to determine that you are its owner or that its owner has agreed to receive our communications. By registering for our communications, your IP address, and the date and time of registration are retained to guard against third-party misuse of your email address to subscribe to our communications without your knowledge.
We do not compare data collected during communication registration with any other data that might be collected by other components of our site.
The data stored when you subscribe to our communications (email address, name, IP address, and time and date of registration) is sent to, and stored by, a server operated by The Rocket Science Group in the United States following its Safe Harbour Agreement.
Further information about MailChimp’s data protection is found at http://mailchimp.com/legal/privacy/
You may cancel/unsubscribe from our communications and withdraw your consent to the storage of this data at any time with future effect. For instructions to take this step, please refer to the confirmation email and each communication.
Our communications include so-called ‘web bugs’ that allow us to recognise if/when an email has been opened and which links contained in it have been clicked by the recipient. We store and use this to improve our communications and services according to our subscribers’ interests and wishes. Accordingly, this data collected may be used to send personalised newsletters to each recipient. A withdrawal of consent to receive our communications automatically revokes any consent to tracking.
You will be asked to consent to the use of your personal data as follows:
“I agree that my data and user responses will be stored electronically by newsletter tracking so that I can receive personalised communications. The revocation of my consent to receive communications constitutes a revocation of consent for the tracking described above.”
We offer a facility to contact us by email and/or an electronic contact form. Any information provided by either of these means may be retained and stored for the purpose of facilitating communication with the user. No data is transferred to third parties, nor can it be matched to information that may be collected by other components of our website.
This Policy may change from time to time. If we make significant changes we will advertise this on our website or contact you directly with the information. Please check this Notice each time you consider giving your personal information to us.
To exercise all relevant rights, queries, or complaints, in the first instance please contact:
UK Data Protection Lead
Rosary Priory, 93 Elstree Road
Bushey Heath, Bushey, Herts. WD23 4EE
+44 (0)7955 510235
SA Data Protection Lead
c/o 23 Rattray Place
Sherwood, Durban 4091, Kwa-Zulu Natal
+27 (0)71 632 1626