Data Protection Officer
42 Curtain Rd
Who are the NSPCC?
We are the National Society for the Prevention of Cruelty to Children (NSPCC). We are the UK's leading charity specialising in child protection and the prevention of cruelty to children. We have been protecting children from abuse for over 130 years.
We are the only children's charity in the UK with statutory powers enabling it to act to safeguard children at risk.
The types of information we collect
When you engage with us, for example, if you donate money, access our information or request services/products, or become involved in our campaigns, we may collect and process personal information about you. Depending on your activity, this personal information may include your financial details, name, email address, postal address, telephone or mobile number or date of birth.
We may also ask you for information when you report a problem with our website.
If you contact us, we may keep a record of that correspondence. We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
We may also collect details of your visits to our website, including but not limited to traffic data, location data, weblogs, and other communication data and the resources that you access.
By submitting this personal information you enable us to provide you with the information, services or products you select.
On occasion we may improve the quality and accuracy of your telephone contact details by checking against external data lists. We may also use other external sources for customer analysis and data quality purposes so that our communication with you is as relevant as possible. We will only use data collected in this manner for purposes to which you have consented.
How we may use your personal information
1. To provide you with information (including fundraising or campaigning activities), services or products you have requested or which we feel may interest you where you have consented to being contacted.
2. To allow you to participate in interactive features on our website, when you choose to do so, for example, we may help you complete forms by inserting your contact details for you to edit.
3. To analyse and improve the services offered on our websites by providing you with the most user-friendly navigation experience we can for your computer or other internet device.
4. With IP addresses, to identify your approximate location, block disruptive use or to establish the number of visits to the website from different countries.
5. To process personal information for the purposes of customer analysis and direct marketing to help us with our activities and to provide you with the most relevant information.
If you do not want us to use your data for direct marketing purposes please tick the relevant box situated on the form on which we collect your data or contact our Supporter Care team (see How we will contact you below).
We review our retention periods for personal information on a regular basis.
We are legally required to hold some personal information to fulfil statutory obligations, for example the collection of Gift Aid or to support certain financial transactions. We will hold information about your details so that we can respect your preferences for being contacted by us.
How we will contact you
If we contact you by phone or letter, we will not contact you again if you ask us not to. You can contact us to change your contact preferences by emailing our Supporter Care team on email@example.com or calling 020 7825 2505.
We will never contact you to send you information about how you can support the NSPCC by email or text unless you have given us your prior permission.
How we handle your information and other organisations
The NSPCC will not rent or sell your personal information to other organisations for use by them in their own direct marketing activities.
However, where you have given us permission to contact you, we may use external service providers to do this on our behalf. An external service provider may, for example, include a fundraising agency calling on our behalf. We may ask external service providers to carry out tracking and analysis on our behalf as described in the cookies policy.
Where we use an external service provider to act on our behalf, we will disclose only the personal information necessary to deliver the service and will have a contract in place that requires the provider to comply with NSPCC data protection and information security requirements.
How we handle direct debit or credit card information
The NSPCC will ensure that when collecting sensitive information over the Internet such as debit cards, credit cards or personal information that this done so securely. We and our partners use TLS (Transport Level Security) to encrypt data sent between the customer and us or our partners.
The NSPCC is PCI compliant and uses external Payment Card Industry (PCI) compliant providers to collect this data on our behalf. We do not store PCI data on our own systems.
To protect yourself when sending us sensitive information, please ensure that you use devices running supported operating systems that are regularly patched, and incorporate some form of malware protection. Only connect your devices to networks that you trust.
Securing your passwords
Where we have given you (or where you have chosen) a password which enables you to access certain parts our website, you are responsible for keeping the password confidential. You agree not to share that password with anyone else.
Following links to third-party websites
Posting or sending inappropriate content
If you post or send any content that we believe to be inappropriate or content in breach of any laws, such as defamatory content, we may use your personal information to inform relevant third parties such as your internet provider or law enforcement agencies.
Posting or sending content that you do not own
We have the right to disclose your identity to any third party claiming to own any content that you posted.
Where we store your information
The NSPCC may for financial or technical reasons from time to time need to use the services of an Internet Services Provider located outside of the European Economic Area.
In cases when we use external websites provided by other organisations such as Twitter or Facebook, then we would ask you to consult their privacy policies.
How to access your personal information
You have a right to know whether or not the NSPCC holds any information about you (personal data) and a right to be provided with your information within 40 days in accordance with the Data Protection Act.
You can request your personal information by email to firstname.lastname@example.org or by writing to:
Data Protection Officer
42 Curtain Rd
We do not make a charge for this. It'll help us to find your information if you can tell us something about the nature of your contact with us.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
You can also find out more about what to expect if someone has made a report about you and how you can access your information on our report about you page.