Privacy

Strides Privacy Notice

At Strides we respect your privacy and take great care with the personal information we hold about you. This privacy notice sets out how we collect and handle information about you. The terms of this policy may change, so please check it from time to time.

Please read this notice carefully as it contains important information on who we are and how and why we collect, store, use and share your Personal Data. It also explains your rights and how to contact us or our supervisory authority, the Information Commissioner’s Office, in the event you have any concerns we are unable to address.

Strides gathers and processes your personal information in accordance with this privacy notice and in compliance with the relevant data protection Regulation and laws. Our use of personal information is governed by law. We are committed to complying with the principles set out in the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR).

Who we are

Strides’ is a community housing association that believes in the social value of buildings for people and communities. We previously operated as West London Mission and then WLM under the West London Mission Methodist Circuit Trust. In December 2023 in agreement with the Circuit Trustees, we removed ourselves from the Circuit governance and reconstituted the WLM Housing Association and appointed a new Board of Directors.

Our registered office is at The Foundry, 17 Oval Way, London, SE11 5RR and we are a charity registered in England and Wales under charity number 281929. We are a Housing Association, number LH3373. We are registered on the Information Commissioner’s Office Register, registration number ZB520903 and act as the data processor when processing your data. Our designated Data Protection Officer is our Data and Quality Manager, who can be contacted at the registered office above (telephone 07955 158 144) or by email via Richard.Wealleans@strides.org.uk

Strides is the trading name for the Strides Housing Association and we process your data on behalf of Strides Housing Association Board of Directors who are the data controllers.

How do we collect your personal information?

a) When you give it to us directly:

For example, personal information that you submit through our website by making a donation, signing up for newsletters, making an enquiry about any of our services, or personal information that you give to us when you communicate with us by email, phone, letter or complete an application form.

b) When we obtain it indirectly:

For example, your personal information may be shared with us by third parties including referral partners, organisations we partner with for delivering services, other websites with whom you share personal data in order to fundraise for us e.g. Justgiving; our HR partner Albion Legal, when you apply for a job on their site via vacancies on our website, an employee of ours that has given your details as an emergency contact or referee; sub-contractors; or employment agencies.

c) When it is available publicly:

Your personal information may be published on publicly available sources including where you have made your contact information available on your own organisation’s website and we use this to contact you. Our use of publicly available personal data complies with the principles set out in the UK GDPR.

d) When you visit our website:

When you visit our website we use essential cookies so that the website functions correctly. With your consent we place functional, performance and targeting cookies. Please see our Cookie Policy for more details and further guidance on how you can manage cookies.

Information That We Collect

Strides processes your personal information to meet our legal, statutory and contractual obligations and to provide you with our services. We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this notice.

The personal data that we may collect from you is:

Your title, name, date of birth, gender
Your contact information, postal address, email address, phone number
Your financial information, such as bank details and/ or credit/ debit card details
National identifiers such as National Insurance number
Social relationship data relating to family or social relationships
Health data and other special category data
Details of work history and qualifications
And in some, but fewer cases, information about:
1. Life history – brief or detailed descriptions of significant life events that could identify you
2. Socio-demographic data – for example, information about your role in society
3. Preference data – for example, your likes and dislikes
4. Photographic and CCTV data

To be within the scope of UK GDPR, this personal data must be recorded in Strides filing system, or we have an intention of recording it in a filing system. Any personal information you tell us that we do not file, or do not intend to file, for example personal information you may tell us during a telephone conversation that we do not record in any way, is outside the material scope of UK GDPR.

How Strides Use Your Personal Data

Strides takes your privacy very seriously. Your personal data is required to enable the Strides to achieve its aims and objectives as a Housing Association and a charity. Your personal information, however provided to us, will be used for specific, explicit and legitimate purposes which include:

The purposes and reasons for processing your personal data are detailed below:

to provide you with support or information you have requested;
to provide services to the people who use our services;
to provide further information about our work, services, activities or products (where you have provided your consent to receive such information; or you would have a reasonable expectation to receive such information)
to process your donations;
to answer your questions/requests and communicate with you in general;
to manage relationships with our supporters and beneficiaries;
to enable eligible guests to stay in our accommodation
to satisfy the requirements of a contract,
to ensure your safety when you visit any of our buildings and spaces
to further our charitable aims in general, including for fundraising activities;
to analyse and improve our work, services, activities, products or information (including our website), or for our internal records;
to report on the impact and effectiveness of our work;
to run/ administer our website, keep it safe and secure and ensure that content is presented in the most effective manner for you and for your device;
to administer your participation in fundraising events and challenges;
to process your application for a job or volunteer role with us;
to satisfy legal obligations which are binding on us, for example in relation to regulatory, government and/ or law enforcement bodies with whom we may work (for example requirements relating to the payment of tax or anti-money laundering);
for the prevention of fraud or misuse of services; and/or
for the establishment, defense and/ or enforcement of legal claims.

The UK GDPR requires us to rely on a lawful basis for each data processing activity undertaken with your personal data including those set out in the previous section. These legal bases are:

Consent – Where you have provided your consent for our use of your personal information in a certain way (for example, where you have provided your consent for us to use your personal information to send you fundraising material by email, or to send you our newsletter).
Contractual obligation – Where it is necessary for us to process your personal information in order to perform a contract to which you are a party, or to take steps prior to you entering a contract, for example where you apply for a role at Strides.
Legal obligation – Where the processing of your personal information is necessary for us to comply with a legal obligation to which we are subject. For example, this might be where we have a legal obligation to share personal information with HMRC for Gift Aid claims or tax calculations; or process your data when you have exercised your data protection rights.
Vital interests – Where it is in your, or someone else’s vital interests. For example, in the case of a medical emergency suffered by an individual that needs to be reported by us to the emergency services.
Public Interest – Where it is necessary to perform a task carried out in the public interest
Legitimate interests – Where applicable law allows us to collect and use personal information on the condition that to do so is necessary for our legitimate interests and the use of your personal information is fair, balanced, and does not unduly impact your rights. In broad terms, our “legitimate interests” means the interests of running the Charity as a charitable entity, and pursuing our aims and ideals; for example:
- the administrative activities of providing support to our beneficiaries
- taking donations
- acknowledging your kind donations and sending you pin badges
- administering events
- receiving applications forms
- passing data between our wholly owned subsidiaries,
- producing anonymous statistical reporting
- administrative activities related booking accommodation or services for clients
- ensuring the contact details we have for you remain accurate
Where data processing relates to Special Categories of Data (e.g. health information), in accordance with Article 9(2) of the GDPR. Where we rely on your Explicit Consent for processing special category data, we will obtain your explicit consent through a consent form signature or opt-in mechanism. You can modify or withdraw consent at any time, which we will act on immediately, unless there is a legitimate or legal reason for not doing so.

Communications for marketing/fundraising

We may use your contact details to provide you with information about our work, events, or services which we consider may be of interest to you (for example, about services you have used, or are available to you; or updates about fundraising appeals and/or volunteering opportunities via our newsletter). Where we do this via email, we will not do so without your prior consent. You can opt out of receiving emails from Strides at any time by clicking the “unsubscribe” link at the bottom of our emails or you can tell us by contacting us at fundraising@strides.org.uk. In some circumstances, we may send you information in the post or contact you on the phone under the legal basis of legitimate interests. If you wish to opt out of receiving postal mail or phone calls from us you can tell us by contacting us at fundraising@strides.org.uk.

Will we share your personal data?

We do sometimes need to share your personal information with third parties in order to effectively provide our services, however we will never sell your personal information for marketing purposes. Non-exhaustively, parties we share data with include:

Organisations with whom we may refer you to where they are able to provide you with additional services beyond our own e.g. professional coaching

Professional services including solicitors
Fundraising event organisations
IT providers and cloud storage providers
Regulatory authorities, such as tax authorities.
Order and postal donation fulfilment organisations
Mailing house providers
Payroll Giving providers
Content management system providers
Organisations specialising in processing financial transactions and direct debits
Organisations specialising in advertisements to appear in social media newsfeeds

In rare circumstances, where we identify an individual as being at risk of harm to either themselves or others, or has other safeguarding needs, we may need to pass personal data to local authorities, medical professionals or emergency services.

Social media

Strides has an online presence through the following third-party social media platforms:

Facebook
Instagram
LinkedIn
YouTube
Twitter

We may provide Facebook with email addresses of those who have signed up to receive newsletters or other fundraising information in order to allow our fundraising advertisements to appear in your newsfeed and the newsfeed of others. Facebook only uses your email address for this purpose. This should not disrupt your experience of using Facebook, but if you would like to opt out of this activity you can do so by emailing fundraising@strides.org.uk.

You can find Facebook’s privacy policy here www.facebook.com/privacy/explanation which also includes privacy details for Instagram. Please be aware that we cannot remove Facebook ‘likes’ and any comments you post on third party social media platforms will be seen by other users.

We want our blogs and social media presence to be a healthy environment for discussion. Our communications team moderate comments on the blog and social media accounts to protect those who view them. We will challenge, rather than delete, inaccurate comments or data, and remove anything that is discriminatory or unlawful.

If you have a complaint or comment about how we moderate social media, please contact fundraising@strides.org.uk.

Online donations

When you use our secure online donation function you will be directed to a specialist payment services provider who will receive your financial information to process the transaction. We will provide your personal information to the payment services provider only to the extent necessary for the purpose of processing your donation.

Children’s personal information

We do not provide any services for young people or children, and so do not expect to process children’s data. In the very rare occasion where we may process children’s personal information, we will not do so without their consent and use our best endeavours to determine their competency to give consent by assessing the age range and the context and nature of the data to be processed, and their understanding of the process and their rights. Where required, the consent of a parent/ guardian will be sought. We will always have in place appropriate safeguards to ensure that children’s personal information is handled with due care.

How long do we keep your personal information?

In general, unless still required in connection with the purpose(s) for which it was collected and/or processed, we remove your personal information from our records as shown below:

There are circumstances whereby data may be deleted before the maximum retention period. These are:

your personal information is no longer required in connection with the purpose for which it was collected for.
we are no longer lawfully entitled to process it, or
you validly exercise your right of erasure (see section entitled “Exercising your rights”) and we delete / fully anonymise the data.

We may need to keep your data for statutory purposes, for example, gift aid declarations.

If you request to receive no further contact from us we have a legal obligation to maintain a small amount of data on our suppression list. This will comprise of your name and contact details in order to comply with your request and ensure we avoid sending you unwanted materials in the future.

For further details please request our Data Retention Policy.

Security and access to your personal information

Strides is committed to keeping your personal information safe and secure and we have appropriate and proportionate security policies and organisational and technical measures in place to help protect your information. Your personal information is only accessible by appropriately trained staff, volunteers and contractors, and stored on secure servers with features enacted to prevent unauthorised access.

We conduct supplier audits with our main data processors to ensure their information security system is robust and UK GDPR compliance is in place to ensure the safety and security of personal data we share with them.

International Data Transfers

From time to time, Strides may need to transfer personal data outside of the United Kingdom to effectively provide our services and further our aims and objectives. This may be suppliers or agencies; or users who access our website in non-UK countries. Some non-UK countries have been approved by the UK Government as having adequate data protection law so that the transfer of personal data to these countries does not need additional protection. For any non-UK countries that have not been approved by the UK Government, Strides takes necessary steps to safeguard personal data that is being internationally transferred. This includes entering into agreements with the international party by way of ‘standard contractual clauses’ which have been approved by the UK Government or by gaining explicit consent from individuals whose personal data appears on our website. Please note that some countries outside of the UK have a lower standard of protection for personal information, including lower security requirements and fewer rights for individuals.

Exercising your Rights

Where we rely on your consent to use your personal information, you have the right to withdraw your consent. This includes the right to ask us to stop using your personal information for marketing or fundraising purposes or to unsubscribe from our email list at any time.

When we use your personal information, you have the right to:

Ask us for confirmation of what personal information we hold about you, and to request access to a copy of that information. If we are satisfied that you have a right to see this personal information, and we can confirm your identity, we will provide you with this personal information.
Request that we delete the personal information we hold about you, as far as we are legally required to do so.
Ask that we correct any personal information that we hold about you which you believe to be inaccurate.
Object to the processing of your personal information where we:
- process on the basis of legitimate interests;
- use the personal information for direct marketing; or
- use the personal information for statistical purposes.
Ask for the provision of your personal information in a machine-readable format to either yourself or a third party, provided that the personal information in question has been provided to us by you, and is being processed by us:
- in reliance on your consent; or
- because it is necessary for the performance of a contract to which you are party; and in either instance, we are processing it using automated means
Ask for processing of your personal information to be restricted if there is disagreement about its accuracy or legitimate usage. If you decide you do not want to receive any further emails from us, please tell us and we will remove you from the mailing list. At any point you can request to unsubscribe from our mailing by contacting us using the details listed in the section entitled “Contact us”.

You also have the right to lodge a complaint with the Information Commissioner’s Office at www.ico.org.uk/concerns. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes to this Policy

We may update this Policy from time to time. We will notify you of significant changes by contacting you directly where reasonably possible for us to do so and by placing an updated Policy on our website. This Policy was last updated on 4th September 2023.

Website links to third parties

This website contains links to third party websites that may collect your personal data. This policy does not cover external websites and we encourage you to read the privacy policies of any external websites you visit via links from this website, or links embedded in any email originating from us. We are not responsible for their privacy practices or website content.

Data Protection Officer

Our Data Protection Officer can be contacted directly at Richard.Wealleans@strides.org.uk.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.