At Age UK Norfolk, we’re committed to protecting and respecting your privacy.
This policy explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others, how we keep it safe and secure and your rights and choices in relation to your information.
Who are we?
Age UK Norfolk is the operating name of Age Concern Norfolk, a company limited by guarantee company number 03783205, registered charity number 1077097, and referred to hereafter as "Age UK Norfolk".
We are a local independent Norfolk charity.
We have 70 years’ experience of providing essential services to older people across the county of Norfolk. Our services include:-
- Information, Advice and Advocacy
- Telephone Befriending
- Supporting people with Dementia and their Carers
- Working with Communities
- Day Services
- Residential Short Stay Respite
- Domiciliary Care
We are a member of the Age UK Network – a strong partnership of 155 independent Age UK charities across the country.
How do we collect information about you?
We obtain information about you in the following ways:
Information you give us
For example, we may obtain information about you when you take part in one of our events, make a donation, request a service from us, ask us to collect or deliver an item of furniture, apply to volunteer for us, or when you register to receive one of our newsletters.
Information you give us indirectly by visiting our website: like many companies, we automatically collect the following information:
- technical information, including the type of device you’re using, the IP address, browser and operating system being used to connect your computer to the internet. This information may be used to improve the services we offer.
- information about your visit to this website, for example we collect information about pages you visit and how you navigate the website, i.e. length of visits to certain pages, products and services you viewed and searched for, referral sources (e.g. how you arrived at our website).
by using social media: when you interact with us on social media platforms such as Facebook and Twitter we may obtain information about you (for example, when you publicly tag us in an event photo). The information we receive will depend on the privacy preferences you have set on those types of platforms.
Information from known third parties
We may also receive information about you from our third party partners with whom you choose to interact, for example websites such as JustGiving or Virgin Money Giving when making a donation.
This can include information such as your name, postal or email address, phone number, your geographic location, credit/debit card details and whether you are a tax payer so that we can claim Gift Aid. To the extent that we have not done so already, we (or they) will notify you when we receive information about you from them and tell you how and why we intend to use that information.
What type of informatiom is collected from you?
The personal information we collect, store and use may include:
- your name and contact details (including postal address, email address and telephone number);
- your date of birth;
- information about your activities on our website and about the device used to access it, for instance your IP address and geographical location;
- your bank or credit card details. If you make a donation online, your card information is not held by us, it is collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions;
- information as to whether you are a UK taxpayer so we can claim Gift Aid; and
- any other personal information shared with us.
Data protection laws recognise certain categories of personal information as sensitive and therefore requiring greater protection, for example information about your health, ethnicity and religion.
We only collect sensitive data about you if there is a clear and valid reason for doing so and data protection laws allow us to, for example, if you are receiving one of our services, and depending upon what that service is, we may ask you for information about your health or about your financial information.
Where appropriate, we will make clear why we are collecting this type of information and what it will be used for.
How and why is your information used?
We may use your information for a number of different purposes, which may include:
- providing you with the services or information you have asked for;
- providing you with safe, appropriate and personalised care and accommodation and ensuring that we meet your individual requirements;
- meeting legal and regulatory obligations including safeguarding and regulation of care;
- carrying out our obligations under any contracts entered into with you;
- keeping a record of your relationship with us;
- seeking your views or comments on the services we provide;
- notifying you of changes to our services;
- processing a donation that you have made;
- sending you communications which you have requested and that may be of interest to you. These may include information about our campaigns, activities and services; or
- processing a volunteer or job application.
How long is your information kept for?
We keep your information for no longer than is necessary for the purposes it was collected for. The length of time we retain your personal information for is determined by operational and legal considerations. For example, we are legally required to hold some types of information to fulfil our statutory and regulatory obligations (e.g. for Care Quality Commission, health/safety and tax/accounting purposes).
We review our retention periods on a regular basis.
Who has access to your information?
We do not sell or rent your information to third parties.
We do not share your information with third parties for marketing purposes.
We may disclose your information with relevant third parties where we have a lawful basis for doing so. These third parties may include:
- Healthcare providers and multi-disciplinary teams: Where it is lawful and necessary to do so, we will share information about you with other healthcare providers such as your GP, hospital staff, etc.
- Regulators / Safeguarding authorities / Commissioners: We will also share your personal data with these public bodies where we are required to do so by law.
- The Police and other law enforcement agencies: In limited circumstances we may be required to share your personal data with the police if required for the purposes of criminal investigations and law enforcement.
- IT service providers: We may use external IT providers who may have access to your personal data from time to time as is necessary to perform their services.
- Attorneys: Where it is lawful to do so, we may share your personal information with any individual who has authority to act on your behalf such as those granted power of attorney.
It may also be necessary to pass your information to a third party in order to process a service (e.g. when you make a donation or make a payment for one of our services), but we will only share the personal information necessary to deliver the service.
Data protection law requires us to rely on one or more lawful grounds to process your personal information. We consider the following grounds to be relevant:
Where you have provided specific consent to us to use your personal information in a certain way, for example recording details about your health and personal care requirements.
Performance of a contract
Where we are entering into a contract with you or performing our obligations to you when you receive a service from us, for example holding your financial information to advise you on means-tested welfare benefits.
Where necessary so that we can comply with a legal or regulatory obligation to which we are subject, for example where we are we are required by law to process your information to verify your identity or for safeguarding.
Where it is necessary to protect life or health for example in the case of medical emergency or a safeguarding issue which requires us to share your information with the emergency services.
Where it is reasonably necessary to achieve our or others’ legitimate interests (as long as what the information is used for is fair and does not duly impact your on rights).
We consider our legitimate interests to be running Age UK Norfolk as a charitable organisation in pursuit of our aims and objectives. For example to:
- send postal communications which we think will be of interest to you;
- process donations;
- monitor who we deal with to protect the charity against fraud, money laundering and other risks;
- undertake staff and volunteer recruitment;
- enhance, modify, personalise or otherwise improve our services /communications for the benefit of people who use them; and
- understand better how people interact with our website.
When we legitimately process your personal information in this way, we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. We will not use your personal information where our interests are overridden by the impact on you, for example, where use would be excessively intrusive (unless, for instance, we are otherwise required or permitted to by law).
When we use sensitive personal information, we require an additional legal basis to do so under data protection laws, so will either do so on the basis of your explicit consent or another route available to us at law (for example, if we need to process it for employment, social security or social protection purposes, your vital interests, or, in some cases, if it is in the public interest for us to do so).
Fundraising and Marketing Communications
We may use your contact details to provide you with information about the vital work we do for older people, our fundraising appeals and opportunities to support us if we think it may be of interest to you.
We will only send you marketing and fundraising communications by email, text and telephone if you have explicitly provided your prior consent. You may opt out of our marketing communications at any time by clicking the unsubscribe link at the end of our marketing emails.
We may send you marketing and fundraising communications by post unless you have told us that you would prefer not to hear from us.
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about the vital work we do for older people and the exciting products and services you can buy, then you can select your choices by ticking the relevant boxes situated on the form used to collect your information.
We’re committed to putting you in control of your data so you’re free to change your marketing preferences (including to tell us that you don’t want to be contacted for marketing purposes) at any time by contacting us by email: email@example.com
We will not use your personal information for marketing purposes if you have indicated that you do not wish to be contacted and will retain your details on a suppression list to help ensure that we do not continue to contact you.
Under UK data protection law, you have certain rights over the personal information that we hold about you. Here is a summary of the rights that we think apply:
Right of access
You have a right to request access to the personal data that we hold about you. You also have the right to request a copy of the information we hold about you, and we will provide you with this unless legal exceptions apply.
If you want to access your information, please send a description of the information you want to see and proof of your identity by post to the address provided below.
Right to have your inaccurate personal information corrected
You have the right to have inaccurate or incomplete information we hold about you corrected. The accuracy of your information is important to us so we’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or if you believe any of the other information we hold is inaccurate or out of date, please contact us via email or post, alternatively, you can telephone us using our contact details below:
Age UK Norfolk Head Office
Henderson Business Centre
51 Ivy Road
Telephone: 01603 787 111
Right to restrict use
You have a right to ask us to restrict the processing of some or all of your personal information if there is a disagreement about its accuracy or we’re not lawfully allowed to use it.
Right of erasure
You may ask us to delete some or all of your personal information and in certain cases, and subject to certain exceptions; we will do so as far as we are required to. In many cases, we will anonymise that information, rather than delete it.
Right for your personal information to be portable
If we are processing your personal information (1) based on your consent, or in order to enter into or carry out a contract with you, and (2) the processing is being done by automated means, you may ask us to provide it to you or another service provider in a machine-readable format.
Right to object
You have the right to object to processing where we use your personal information (1) based on legitimate interests, (2) for direct marketing or (3) for statistical/research purposes.
If you want to exercise any of the above rights, please email us at firstname.lastname@example.org
or write to us addressing your request to
The Chief Executive
Age UK Norfolk Head Office
300 St Faith's Road
We maybe required to ask for further information and/or evidence of identity. We will endeavour to respond fully to all requests within one month of receipt of your request, however if we are unable to do so we will contact you with reasons for the delay.
Please note that exceptions apply to a number of these rights, and not all rights will be applicable in all circumstances. For more details we recommend you consult the guidance published by the UK’s Information Commissioner’s Office, https://ico.org.uk/
Keeping your information safe
When you give us personal information, we take steps to ensure that appropriate technical and organisational controls are in place to protect it. We ensure that your information is only accessible by appropriately trained staff, volunteers and contractors and that all our computers and laptops are password protected and that passwords are regularly changed.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
Use of 'cookies'
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit http://www.aboutcookies.org.uk/
Turning cookies off may result in a loss of functionality when using our website.
Links to other websites
Our website may contain links to other websites run by other organisations. This policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links from our website.
16 or Under
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
We are committed to protecting vulnerable supporters, service users and volunteers and appreciate that additional care may be needed when we use their personal information. In recognition of this, we observe good practice guidelines in our interactions with vulnerable people.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EEA. You should be aware that these countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services. We undertake regular reviews of who has access to information that we hold to ensure that your info is only accessible by appropriately trained staff, volunteers and contractors.
Making a complaint
In the first instance, please contact us so that we can understand your issue and try and resolve it.
Write to us addressing your concerns to:
The Chief Executive
Age UK Norfolk Head Office
300 St Faith's Road
If we can’t resolve the issue you have the right to complain to the Information Commissioners Office (ICO). The ICO is the UK’s independent body set up to uphold information rights. For further information visit www.ico.org.uk quoting Age UK Norfolk’s ICO registration number - Z8398685.
Changes to this policy
Any changes we may make to this policy in the future will be posted on this website so please check this page occasionally to ensure that you’re happy with any changes. If we make any significant changes we’ll make this clear on this website.
Review of this Policy
We keep this policy under regular review. This policy was last updated in May 2018.