Who we are
The Harold Hyam Wingate Foundation (The Wingate Foundation) Is committed to protecting your data and privacy in accordance with the provisions of the Data Protection Act 1998 and the General Data Protection Regulation (GDPR) 2018.
This privacy notice tells you what to expect when we collect your personal information. It tells you how we will use the information and the rights you have in relation to this.
Who looks after your personal information
Your personal information will be held by The Wingate Foundation.
What we need
Under the terms of the Data Protection Act 1998 and GDPR 2018, The Wingate Foundation is what is known as the ‘Controller’ of the personal data you provide to us. We only collect basic personal data about you which includes name, address, telephone number and email address and we shall ensure we comply with all the protection these laws afford to you.
Why we need it
We need to collect your basic personal data (name, address, telephone number and email address) in order to assess your grant applications, award grants effectively, pay grants promptly and monitor the impact of The Wingate Foundation’s grants. We ask for your contact details so that we can be sure the application is genuine and to provide us with a point of contact. We are not able to process an application without this personal information.
Under the GDPR, The Wingate Foundation processes personal data on the basis of:
- legitimate interest in relation to our grants;
- a contract or agreement which the person has entered into or because the person has asked for something to be done so they can enter into a contract or agreement.
Why we process your information
We process your information for the purpose of:
- Dealing with your enquiries and requests;
- Administering application records;
- Maintaining information as a reference tool to develop grant making policy;
- Meeting statutory requirements in providing information to auditors for example, plus contractors or consultants or other professionals assisting with or advising on any of our business needs.
What we do with it
When you apply for a grant we will collect, process and store some personal data that relates to, and identifies you.
This information includes, but is not limited to, your name, address, telephone number and email address, and any other information collected on making an application to the extent necessary to process your application and manage any grant that we award.
All the personal data we collect is processed by our staff and trustees in the UK. However, for the purposes of IT hosting and maintenance this information is located on servers within the European Union.
We will not transfer your data to another country or international organisation.
Where the processing takes place
We process your data at The Wingate Foundation’s offices and online.
Who will see your data
Your information may, for the purposes set out in this Privacy Policy, be disclosed for processing to:
- Our employees;
- Our Trustees;
- Referees provided by you;
- Third party consultants, contractors or other service providers who may access your personal information when providing services (such as IT support services and external advisers) to us;
- Government bodies and law enforcement agencies and in response to other legal and regulatory requests;
- Meeting statutory requirements in providing information to auditors for example, plus contractors or consultants or other professionals assisting with or advising on any of our business needs.
We may also publish the names of organisations that have received grants from us in our annual report and accounts and/or on our website.
How long we keep it
We will retain your data for the time needed to assess your application, the duration of any grant award that may be made to your organisation, the duration of any grant management function that may arise from your application and for as long as we may need to analyse data to inform future grant making policy/processes.
Information security
We believe that we have appropriate policies, rules and technical measures to protect the personal data which we have under our control (having regard to the type and amount of that data), from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss.
All of our employees and data processors who have access to, and are associated with, the processing of your personal information are obliged to respect the confidentiality of your information.
We ensure that your information will not be disclosed to government institutions or authorities except if required by law or when requested to by regulatory bodies or law enforcement organisations.
Please be aware that communications over the Internet, such as emails/webmails are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered – this is the nature of the World Wide Web/Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
What are your rights
If at any point you believe the information we process about you is incorrect you may request to see this information and have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact our office and we will investigate to resolve the matter.
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complain to the Information Commissioner’s Office (ICO). Under the General Data Protection Regulation (GDPR) 2018, you have a number of rights in relation to your personal information including:
- The right to access the personal information we have about you. Individuals can find out if we hold any personal information by making a ‘subject access request’ (SAR) under the GDPR;
- The right to ask us to correct personal information that is wrong or incomplete;
- The right to ask us to stop using or delete your personal information;
- The right to receive any personal information we have on you including: our purpose for processing your personal data, our retention period for that personal data, and who it will be shared with. This is called ‘privacy information’.
How we collect data
Organisations applying for a grant to The Wingate Foundation
We collect personal information about individuals when they make enquiries or apply for a grant or donation from The Wingate Foundation. Information is given to us over the phone or on application forms which are sent by email or by post.
As part of our assessment of Medical Research Travel grants, we request applicants to provide CVs and personal information from referees to support their application.
Any personal information including that of referees provided in the application are used only for assessing the grant application and the ongoing administration and management of any grants that are awarded. We publish information about successful projects in our annual accounts and some examples on our own website, including the amount of grant awarded and the organisation that received the grant.
Information on unsuccessful applicants is held strictly for historical purposes.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We will keep our privacy notice under regular review. This privacy notice is effective from 23 May 2018.
How to contact us
If you want to request information about our privacy policy you can write to:
The Harold Hyam Wingate Foundation, Somerset House New Wing, Strand, London WC2R 1LA.