Privacy Policy

Home Privacy Statement

Our promise to keep your information safe

At Run2Events, we’re committed to protecting your privacy. We promise to respect any personal information you share with us (or that we receive from other organisations) at all times, and we promise to keep it safe.

How we use your data

This policy sets out how we process your data. It also explains your rights and options around how we use your personal information.

We collect information about you:
…when you give it to us directly

This might be when you:

  • interact with us online
  • register with us
  • communicate with us
  • make a donation
  • take part in an event
  • buy something from our shops
  • apply to work or volunteer for us
  • give us your personal information in any other way.

…when you give it to us indirectly

This is when your personal information is given to us by third parties.

These might be:

  • websites such as JustGiving or Ebay
  • business partners
  • sub-contractors in technical, payment and delivery services
  • sponsors
  • advertising networks
  • analytics providers and search information providers.

You’ll always hear from them when this happens, and you’ll be told

how and why we intend to use that information.

…when you visit this website

When you visit this website, we automatically collect the following personal information:

  • technical information, including:
  • the internet protocol (IP) address used to connect your computer to the internet
  • your browser type and version
  • your time zone setting
  • browser plug-in types and versions
  • your operating systems and platforms
  • information about your visit to our website, including:
  • the uniform resource locator (URL) clickstream to, through and from this site (including date and time)
  • products/services you viewed and searched for
    page response times
  • download errors
  • length of visits to certain pages
  • referral sources (how you arrived at the website)
    page interaction information (such as scrolling and clicks)
  • methods used to browse away from the page.

What is personal information?
We collect, store and use the following kinds of personal information:

  • Your name and contact details, including postal address, telephone number, email address and, where applicable, social media profile URL
  • Your date of birth
  • Financial information, such as bank details or credit/debit card details, where you provide them to make a payment. We don’t store credit or debit card details, but we’re required to store bank details in some circumstances, including when they’re used for direct debit payments.
  • Information about your computer/mobile device and your visits to and use of this website, including for example your IP address and geographical location
  • Information about our services which you use/which we consider of interest to you
  • Information as to whether you are a tax payer so that we can claim Gift Aid.

What is sensitive personal information (special category data)?

The General Data Protection Regulation (“GDPR”)   recognises certain categories of personal information as sensitive and therefore requiring more protection.

For example, this includes information about your health, religious beliefs, ethnicity and political opinions.

In each case, we will only do so if we have a valid reason and the GDPR permits it, as described in how and why we will we use your personal information.

How do we use your personal information?
We use your personal information to:

  • provide further information about our activities
  • process your donations
  • further our charitable aims, including for fundraising activities
  • research the impact and effectiveness of our events
  • register, administer and personalise online accounts
  • register and administer your participation in events you’ve registered for
  • administer and keep our website safe and secure and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes
  • improve your interactions with our website, for example by making sure that content is presented in the most relevant and effective manner for you and for your computer/mobile device
  • analyse and improve our work, services, activities, products or information (including our website) or for our internal records
  • use IP addresses and monitor website use to identify locations, block disruptive use, record website traffic or personalise the way information is presented to you
  • to process your application for a job or volunteer role with us
  • audit and/or administer our accounts
  • prevent fraud, misuse of services or money laundering and to perform due diligence in respect of larger donations;
  • reduce credit risk
    communicate with you in any other way
  • for the establishment, defence and/or enforcement of legal claims; and/or

How creating a record for you helps us to be more relevant

We may use your personal information to create a record of your interests and preferences.

This means we can make our contact with you more relevant, timely and appropriate.

It also helps us understand the background of our supporters to help us make sure that what we’re asking is appropriate.

Marketing to you and talking about fundraising

We use your details to give you information about our work, events, services and/or products which we think might interest you.

Where we do this via email, SMS or phone (if you are registered with the telephone preference service), we’ll only do this with your prior consent.

Donations and other payments

When you use our secure online donation or payment pages, you’ll be directed to a specialist supplier company, who will receive your credit card number and contact information to process the transaction. We don’t retain your credit or debit card details.

How long do we keep your personal information?

In general, if we no longer need your information for the reasons you gave it to us, we remove your personal information from our records six years after the date it was collected.

But we’ll remove it sooner if:

  • your personal information is no longer required for the purpose you shared it with us
  • we’re no longer lawfully entitled to process it
  • you ask us to remove it.

What happens if you ask for your data to be removed?
If you ask to receive no further contact from us, we’ll keep some basic information about you to make sure we don’t send you unwanted materials in the future.

Our lawful grounds for processing your information

The GDPR requires us to rely on one or more lawful grounds to process your personal information. These are the grounds we think are relevant.

  • Where you’ve given your consent for us to use your personal information in a certain way.
  • For example, we’ll ask for your consent to use your personal information to send you electronic direct marketing/fundraising, and we may ask for your explicit consent to share sensitive personal information with us.
  • Where necessary so that we can comply with a legal obligation (for example, where we need to share your personal information with regulatory bodies which govern our work and services).
  • Where there is a legitimate interest in us doing so (for example, writing to supporters to let them know about our work and ways of supporting us).

Will we share your personal information?
We never share, sell or rent your information to third parties for marketing purposes unless you indicate that you would like your details to be shared with partner charities.

However, in general we may disclose your personal information to selected third parties in order to achieve the other purposes set out in this policy.

These may include (among others):

  • healthcare professionals, medical researchers and organisations involved in the provision of care and/or medical research
  • the Health and Social Care Network (HSCN), a data network for health and care organisations to access and share information. The HSCN is provided by the Health and Social Care Information Centre (also known as NHS Digital). For further details on how NHS Digital may use your personal information, please see their privacy policy.
  • business partners, suppliers and sub-contractors
  • advertisers and advertising networks
  • analytics and search engine providers
  • IT service providers
  • other beneficiaries, executors and legal advisers, when administering a legacy.
  • In particular, we reserve the right to disclose your personal information to third parties:
  • in the event that we sell or buy any business or assets, in which case we will disclose your personal information to the prospective seller or buyer of such business or assets;
  • if substantially all of our assets are acquired by a third party, personal information held by us may be one of the transferred assets;
  • if we are under any legal or regulatory duty to do so; and/or
    to protect the rights, property or safety of Run2Events, its personnel or others.
  • Security, storage and access to your personal information

We promise to keep your personal information safe and secure.

We have appropriate and proportionate security policies and organisational and technical measures in place to help us do this. For example, we require specialist suppliers who process secure payments to comply with the Payment Card Industry Data Security Standard (PCI DSS) standards.

Who can see my personal information?
Only appropriately trained staff, volunteers and contractors can access your information. It is stored on secure servers with features to prevent unauthorised access.

Where is my personal information stored?
In general, the personal information that we collect from you will be stored at a destination within the UK or European Economic Area (“EEA”).

However, we use agencies and suppliers to process personal information on our behalf.

Your personal information may therefore be transferred or stored outside, and/or otherwise processed by contractors operating outside, the UK or EEA who work for us or for one of our suppliers.

Please note that some countries outside of the EEA have a lower standard of protection for personal information, including lower security requirements and fewer rights for individuals.

Where your personal information is transferred, stored and/or otherwise processed outside the EEA, we’ll take all reasonable steps necessary to make sure the recipient implements appropriate safeguards (such as by entering into standard contractual clauses) designed to protect your personal information and to ensure that your personal information is treated securely and in accordance with this Policy.

Unfortunately, no transmission of your personal information over the internet can be guaranteed to be 100% secure.

Your rights
These are your rights in relation to how we process your personal information:

Right to be informed
You have the right to be told how your personal information will be used. This policy and other policies and statements used on this website and in our communications provide you with a clear and transparent description of how your personal information may be used.

Right of access
You can write to us to ask for confirmation of what information we hold on you and to request a copy of that information.

Provided we are satisfied that you are entitled to see the information requested and we’ve successfully confirmed your identity, we’ll give you your personal information (subject to any exceptions that apply).

Right of erasure
You have the right to ask us to delete your personal information, and we’ll do this when you ask us to. In many cases, we’ll check to see if you’re happy for us to make it anonymous first, rather than delete it completely.

Right of rectification
If you believe our records of your personal information are inaccurate, you have the right to ask us to update those records.

You can also ask us to check the personal information that we hold about you if you are unsure whether it is up to date.

Right to restrict processing
You have the right to ask us to restrict the processing of your personal information if there is disagreement about its accuracy or legitimate usage.

Right to object

  • You have the right to object to processing where we are:
    processing your personal information on the grounds of legitimate interest
  • using your personal information for direct marketing or
  • using your personal information statistical purposes.

Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time.

This includes the right to ask us to stop using your personal information for marketing or fundraising by electronic means (for example to be unsubscribed from our email newsletter list).

Right to data portability

Where we are processing your personal information:

  • because you gave us your consent
  • because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contract, and the processing is carried out by automated means

you may ask us to provide it to you – or another service provider – in a machine-readable format.

Rights related to automated decision-making

Where we take automated decisions (ie with no human involvement) in relation to your personal information, you have the right to ask us for human intervention or to challenge any such decision.

How to exercise your rights

To exercise any of these rights, please send a description of the personal information in question using the contact details below. We reserve the right to ask for:

  • personal identification
  • further information.

Please note that you may only use/benefit from some of these rights in limited circumstances. For more information, we suggest that you consult guidance from the Information Commissioner’s Office (ICO)   or please contact us.

You have the right to make a complaint to the ICO about us or the way we have processed your personal information. Find further information on how to exercise this right, or contact them.

Changes to this Notice

We may update this Policy from time to time so please check back periodically. We will notify you of significant changes by placing a notice on our website. This Policy was last updated in September 2019.

Links and third parties

We link our website directly to other sites. This Policy does not cover external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external websites you visit via links on our website.

How to contact us

Please let us know if you have any questions or concerns about this policy or about the way in which your personal information is being processed by contacting us at the following channels:

By email