Stonewall Cymru | Privacy Policy
Mewngofnodi
Chwaraewch Ran

Mewnosoder pennyn polisi preifatrwydd

Mae ein perthynas â chi yn bwysig iawn i ni.

Heb eich cefnogaeth chi, fyddai dim modd i ni gyflawni ein cenhadaeth o greu byd lle mae pawb yn cael ei dderbyn yn ddieithriad. Oherwydd hynny, rydyn ni am wneud yn siŵr y gallwch chi ymddiried ynddon ni, a bod gennych chi ffydd yn y ffordd rydyn ni'n defnyddio'r wybodaeth bersonol rydych chi'n ei rhannu â ni. Mae'r polisi yma'n esbonio mewn modd clir a thryloyw sut rydyn ni'n casglu eich gwybodaeth, sut rydyn ni'n ei defnyddio, a sut rydyn ni'n ei chadw'n ddiogel.

Yn y polisi, byddwn yn trafod:

Pwy ydyn ni

Ni yw Stonewall Equality Limited, elusen gofrestredig yng Nghymru a Lloegr (rhif elusen 1101255) a'r Alban (rhif elusen SC039681). Mae ein helusen wedi'i chofrestru â Swyddfa'r Comisiynydd Gwybodaeth fel rheolwyr data. Ein rhif cofrestredig yw Z8271579.

At ddibenion y polisi yma, mae unrhyw gyfeiriad at 'ni', 'Stonewall' a 'Stonewall Cymru' yn golygu Stonewall Equality Ltd.

Ein rhesymau dros gasglu'r wybodaeth

fod yn blaen, mae gwybodaeth (neu ddata) wrth wraidd popeth rydyn ni'n ei wneud fel sefydliad. Mae'n golygu y gallwn ni weithredu fel elusen a gwneud pethau fel casglu rhoddion, hawlio Rhodd Cymorth, cynnal aelodaeth a rhaglenni grymuso sy'n newid bywydau a chadw mewn cysylltiad â chi fel y gallwch fod yn rhan o'n hymgyrchoedd a'n gweithgareddau. Mae'n ein galluogi ni i gadw cofnod o sut byddai orau gennych chi i ni gysylltu â chi (neu ddim!) fel ein bod yn gwybod sut y dylen ni gysylltu â chi neu beidio.

Sut byddwn ni'n defnyddio'r wybodaeth yma

Y prif ffyrdd y byddwn ni'n defnyddio'r wybodaeth a ddarparwyd gennych chi yw i gwblhau gweithred neu ddarparu cynnyrch neu wasanaeth rydych chi wedi gwneud cais rhesymol amdano. Gall hyn gynnwys, ond nid yw'n gyfyngedig i, brosesu rhodd (gan gynnwys hawlio Rhodd Cymorth, pan fyddwch chi wedi gofyn i ni wneud hynny), darparu rhaglenni a hyfforddiant, cynnal rhaglenni aelodaeth a gwaith ymchwil. Byddwn ni hefyd yn defnyddio eich gwybodaeth i'n helpu ni i ddarparu nwyddau neu wasanaethau rydych chi wedi'u prynu neu ofyn amdanyn nhw ganddon ni.

Gallwn hefyd ddefnyddio'r wybodaeth a ddarparwyd gennych i gysylltu â chi am ein gwaith, oni bai eich bod wedi gofyn yn benodol i ni beidio â gwneud hynny. Ni fyddwn yn anfon negeseuon e-bost na negeseuon testun atoch chi am ein gwaith, oni bai eich bod wedi gofyn yn benodol i ni wneud hynny.

Y ffyrdd y byddwn ni'n casglu'r wybodaeth

Rydyn ni'n casglu gwybodaeth pan fyddwch chi:

  • Yn rhoi rhodd i ni, naill ai drwy'r post, ar-lein (naill ai'n uniongyrchol neu drwy wasanaeth rhoi rhoddion trydydd parti, er enghraifft, JustGiving, Virgin Money Giving neu Everyday Hero), dros y ffôn neu drwy neges destun/SMS. Rydyn ni hefyd yn casglu gwybodaeth amdanoch chi pan fyddwch chi'n rhoi rhoddion i ni drwy sefydlu archeb sefydlog neu Ddebyd Uniongyrchol, neu'n rhoi drwy gyflogres (Rhoi Wrth Ennill)
  • Yn dod yn Gyfaill i Stonewall
  • Yn dod yn Llysgennad i Stonewall
  • Yn ymuno â'n rhaglenni cynhwysiant yn y gweithle
  • Yn ymateb i un o'n negeseuon drwy'r post neu drwy e-bost
  • Yn cyflawni gweithred ar gyfer un o'n hymgyrchoedd ar-lein (er enghraifft, llofnodi deiseb)
  • Yn cofrestru i gael yr e-gylchlythyr
  • Yn prynu nwyddau o'n siop ar-lein
  • Yn cofrestru ar gyfer un o'n digwyddiadau cynhwysiant (er enghraifft ein cynadleddau neu raglenni grymuso)
  • Yn cofrestru ar gyfer un o'n digwyddiadau codi arian
  • Yn cofrestru fel gwirfoddolwr neu godwr arian Cymunedol
  • Yn cyflwyno cais ar gyfer y Mynegai Cydraddoldeb yn y Gweithle neu'r Mynegai Cydraddoldeb Addysg (i weld manylion mwy penodol am y rhain, cliciwch ar y mynegai perthnasol)
  • Yn cytuno i adael rhodd yn eich ewyllys neu'n gwneud ymholiad ynghylch hynny, neu roi rhodd er cof neu fel teyrnged
  • Yn ymweld â'n gwefan, sef gwybodaeth gwcis
  • Yn cofrestru i weithio gyda ni yn ystod digwyddiad Pride
  • Yn rhyngweithio â ni dros y ffôn neu ar gyfryngau cymdeithasol
  • Yn gwneud cais i weithio i Stonewall
  • Yn cysylltu â Stonewall drwy ein Gwasanaeth Gwybodaeth naill ai dros y ffôn neu drwy e-bost
  • Yn rhyngweithio â ni mewn modd arall

Y ffyrdd na fyddwn ni'n defnyddio eich gwybodaeth

Ni fyddwn byth yn gwerthu eich data, ac ni fyddwn byth yn ei rannu â sefydliadau eraill at eu dibenion marchnata nhw eu hunain. Nid ydyn ni'n rhan o unrhyw gynllun cyfnewid data.

Am ba mor hir y bydd eich gwybodaeth yn cael ei chadw

Our standard practice is to only hold your data for as long as it is required. This will vary depending on the activity for which the data is being used. However, we are wholly aware of our obligations under the Data Protection Act and the GDPR, and we make every effort to ensure that we only hold on to your data for as long as it is required.

In terms of physical records, by company law we are required to retain information related to donations (such as donation forms and correspondence) for seven years (six years from the end of the financial year it is collected), at which time it gets securely destroyed.

We also use a supporter database to keep a record of your interactions with us. This includes financial information such as donation history or non-financial information, like details of a telephone call to our supporter care team. This information is incredibly valuable to us for fundraising and reporting purposes, and for better understanding the variety of people who support Stonewall, so we can better plan and position our campaigns and appeals.

Because data is such a key part of helping us to achieve our goals, we have set out the following retention schedule:

Where you have made a financial contribution or commitment to our work, as a donation, legacy gift or otherwise, we will retain your information indefinitely (unless otherwise requested).

We have made this decision for two reasons – firstly because it helps us to identify the context surrounding legacy donations. Another reason is that in our experience, it is worthwhile investing in re-engaging supporters in these groups.

Where you do not fall into one of these groups (for instance, if you have only ever signed one of our petitions) we will retain your information for a period of time we feel proportionate to our business aims and your level of engagement.

It is, of course, your right to ask that your information is erased from our records whenever you wish, but please be aware that when we do, we will lose all of your preferences, including requests to opt out from certain types of communications. See information below about your rights.

Esboniad o'n dulliau marchnata, a'ch hawliau chi pan ddaw hi at gadw mewn cysylltiad, gan gynnwys unrhyw weithgarwch proffilio a sgrinio y byddwn ni'n ei gynnal 

As a charity that invests responsibly in fundraising, we operate a number of programmes to raise money from individuals. This includes sending you letters and other sorts of mail, emails, calling you on the phone and sending you text messages. The law varies depending on the channel we use to get in touch with you, but in line with our obligations according to the Data Protection Act 1998, the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, we may contact you as follows:

Post: we send post to our supporters except where you’ve specifically told us you don’t want to receive post from us.

The mailings we send out include a number of postal appeals focused on different elements of our work. We also send out our supporter magazine, to give you a closer look at the work we’re doing. We could also get in touch with you about the different ways you can support us, such as through supporter fundraising, attending a programme or by leaving a legacy. You have the right to tell us what types of mailings you’d like to receive (for instance, if you’d prefer to receive just our postal appeals or if you’d rather not receive our supporter magazine). If you’d like to discuss your preferences, please get in touch.

If you want to stop receiving postal mailings from us, you can always let us know or you can opt out through the Fundraising Preference Service. We aim to act on your request within 3 working days of receipt, but it can take up to 28 days for you to stop receiving mailings from the time you send us your request.

Email: we send out a number of email alerts to keep you up to date with our work, and to let you know how you can help.

We only send out marketing emails where you have specifically consented to receive them, and you can unsubscribe at any time, either by letting us know or by clicking the unsubscribe link at the bottom of every marketing email we send. You can also opt out through the Fundraising Preference Service.

The most effective way to opt out of receiving marketing emails is by clicking the unsubscribe link at the bottom of each message, as this is actioned instantly. When you use another method to opt out of receiving marketing emails (such as by calling us), this may take a little longer to action, although we aim to honour all opt-out requests within 3 working days of our receipt, but it can take up to 28 days from the time of your request for you to stop receiving emails

Phone: we find telephone fundraising a really effective way to connect with our supporters, so we may occasionally call you to let you know about additional ways of supporting our work if you’ve provided us with your telephone number. Phone calls may be recorded for training and quality purposes.

At the moment, we call our supporters who have indicated they are happy to hear from us by phone, with some exceptions. These are where you have specifically told us that you wouldn’t like to receive phone calls from us, or where you’re signed up to the Telephone Preference Service. Please note, we will always check if you are registered with the Telephone Preference Service before calling you regarding any marketing activity from us unless you have explicitly opted to receive telephone calls from us.

You can opt out of receiving fundraising phone calls by letting us know, or you can opt out through the Fundraising Preference Service.

We try to action all opt-out requests as quickly as possible but we do produce telephone calling files in advance to save on costs. We will action requests to be removed from calling lists within 3 working days, but it can take up to 28 days from the time of your request for you to stop receiving calls.

SMS: where you’ve provided us with a mobile phone number, we may also send you text messages about our work, but only if you have specifically asked us to.

If you’d like to opt out, you can either reply to our messages with a request to opt out, let us know or opt out via the Fundraising Preference Service. Text requests to opt out are actioned instantly, otherwise we aim to act on opt-out requests within 3 days of receipt, but it can take up to 28 days from the time of your request for you to stop receiving texts.

Profiling

In order to make our messages to you more relevant, we may use your personal information to create a profile of your interests and preferences. What this means is that we could use pieces of information you’ve either given us directly (such as your age or location) or your behaviour (your donation history, including the amount, frequency and method through which you give, or any campaign actions you’ve taken, including signing petitions) to create a profile. This not only gives us an idea of who our supporters are, but also helps to make sure that when we get in touch with you or ask you to take an action on our behalf, it is done in a way which is relevant and tailored to you.

This enables us to identify supporters who are likely to be able to help us either in a financial or non-financial capacity, and it’s also an effective way for us to maximise the use of our marketing budget, so we’re able to help further our cause with the resources we have available to us.

We consider this one of our legitimate interests and as such have considered our position carefully to ensure that any activity is implemented in a fair and balanced way, taking into account your rights as an individual. It is your right to opt out of your information being used for profiling, and there is information on how to do this at the end of this section.

Screening

Additionally, as part of our legitimate interests, we have considered that screening is an effective way for us to ensure that we are contacting you with appropriate and relevant messages. We operate a number of different programmes to nurture support and want to make sure that when we make a request of any of our supporters, it’s an appropriate one. As such, we do make use of third-party wealth screening companies who combine information we provide with publicly available information to help us determine which of our supporter programmes any particular supporter is best suited for. While this does form a crucial part of our strategy to secure voluntary income, it is your right to be able to opt out from your information being screened, and details of how to do this are at the end of this section.

Publicaly available information

As part of the work we do, we occasionally carry out research of our own to identify individuals in the public spotlight who may be interested in supporting Stonewall, and also to gain additional insight into current supporters of significant public standing. This practice, known as desk research, makes use of publicly available information through sources such as published rich lists, newspapers and corporate websites, and aids us in identifying opportunities for new major donors, event sponsorship, corporate partnerships, event speakers and media opportunities.

We may also carry out desk research in the following areas: prospective organisations in the public, private and third sectors who may be interested in joining our workplace programmes. From time to time we may contact prospective schools who may be interested in attending one of our programme delivery sessions and in turn joining our education programme.

Your rights - opting out of screening or profiling

It is your right to opt out of your information being used for any sort of profiling and screening. If you would like to do this, please send a request either to supporter.care@stonewall.org.uk or call us on 020 7593 2291.

Sut rydyn ni'n rhannu gwybodaeth gyda darparwyr a chontractwyr sy'n gweithio ar ein rhan, a'n polisi ar rannu gwybodaeth tu allan i'n sefydliad

So that we are able to provide you with the high level of service we pride ourselves on, and to make the most of the resources available to us, we work with a number of contracted suppliers who on our behalf help us carry out various important tasks. This could include sending out post or making phone calls, processing and banking donations and sending out thank you letters. As a result, when you deal with us, you can expect your information to be shared with our contracted suppliers in a safe and secure manner.

These suppliers have all entered into an agreement to handle information we supply them in a confidential and secure way in accordance with our instructions. They have all been through a vetting process and we make interim checks to ensure that their processes remain secure and robust. These organisations will never use your details for reasons beyond the scope of our interaction with them.

At the same time, we make use of cloud-based systems (hosted databases, email servers and service providers) to help us provide you with an optimal supporter experience. Although it is only Stonewall personnel who use and access these systems, the information within them is securely stored on and off-site.

The suppliers and systems we use can be based in different countries, which sometimes fall outside the European Economic Area (EEA). Where this is the case, we always ensure that adequate safeguards are in place to protect your rights by way of contractual agreements with these suppliers.

Y mesurau diogelwch sydd ganddon ni ar waith i gadw eich gwybodaeth yn ddiogel

We have put extensive measures in place to protect your information, both on and offline. As an organisation, we are PCI-DSS compliant and have implemented strict policies and procedures to ensure that we handle, process, and store data in a secure way, both on and offline.

Where we have control system of transfer, all information transmitted to us electronically is transferred in a secure way, using industry-standard technologies. In addition to this, online card payments are handled securely by our partners, and all online payment information is stored securely by them. Our IT network is secured with a number of safeguards including firewalls and antivirus packages which are regularly updated and secured against malware and ransomware. Network passwords are regularly changed and all staff are trained in matters of data protection.

The security protocols of our contracted partners (referenced in the section above) are equally robust and are checked and monitored as part of our vetting process. More information about the security standards of our partners can be found in their privacy policies. For details of these, please get in touch.

Ein defnydd o gwcis

Cookies are small pieces of code which are downloaded to your computer or mobile device when you visit a website, allowing us to recognise your device on subsequent visits. We use cookies to monitor the status of our website and ensure that it is running efficiently, and we also use cookies to remember your preferences. Cookies are anonymous and are not linked to any personal information.

You can find out more about our use of cookies in our Cookie Policy.

Eich hawliau i optio allan o dderbyn ein cyfathrebiadau, eich hawliau i gael gofyn am weld pa wybodaeth rydyn ni'n ei dal amdanoch chi a diwygio neu ddileu eich manylion

As a charity, we have put this policy together to give you more control when it comes to your information and how we may use it. When considering the law in this area, you are afforded certain rights in terms of viewing the information we hold about you, correcting that information if necessary, and asking us to delete it should you like it to be erased.

In addition to this, you have the right to request that we do not use information we hold about you for the purposes of screening or profiling, and you also have the right to update marketing and fundraising communication preferences. You can do this by opting in or out.

To exercise any of your rights, please get in touch.

Accessing the information we have about you (Subject Access Requests)

You have the right to request a copy of the information we hold about you. This is known as a Subject Access Request.

To make a Subject Access Request, please make a request in writing, addressed to:

Data Protection Officer
Stonewall Equality Ltd
192 St John Street
London
EC1V 4JY

We may ask you to fill in a form in order to help expedite your request, prove your identity or to provide more detail regarding your request.  

We aim to complete your request within 30 days of our receipt. We may extend the period by a further two months where requests are complex or numerous. If this is the case, we will inform you within one month of the receipt of the request and explain why the extension is necessary.

Correcting the information we hold about you

It is also your right to correct the information we hold about you, for instance, if you have changed your address or phone number.

We aim to act on these sorts of requests within a week of our receipt.

Deleting the information we hold about you

You have the right to ask us to delete the information we hold about you. Whilst we are duty bound to comply with your request, this is different from opting out and means that we will erase all history of our interaction with you, as far as our legal obligations allow. We will also lose all history of your preference requests, including opt-outs and unsubscribes. This means that if you re-engage with us in the future, we will have no record of your prior preferences and may end up contacting you according to the rules we have set out in this policy.

Please note that in line with our legal obligations, we are required to hold on to all information pertaining to donations for a period of seven years (six years from the end of the financial year it was collected). Should you wish for us to erase the information we hold about you, we will happily comply whilst retaining the bare minimum of information required for us to fulfil our statutory obligations.

Opting out of fundraising communications and profiling/screening

Even if you have given us your consent to receive marketing communications, it is your right to withdraw this consent (opt-out) at any time. We aim to act on requests of this kind within three working days of our receipt, although because we brief and prepare our communications in advance, it can take up to 28 days from the time of your request for contact to cease.

In the same way, you have the right to object to any processing we carry out as a result of our legitimate interests, including any profiling or screening activity we either carry out directly or through one of our partners.

Sut i gysylltu â ni

You can get in touch with us in the following ways.

By post:

Supporter Care Team
Stonewall Equality Ltd
192 St John Street
London
EC1V 4JY

By email: supporter.care@stonewall.org.uk

By phone: 020 7593 2291

Diweddariadau i'r polisi yma

We may update this policy from time to time. If we make any material changes to this policy we will let you know, should we have the sufficient permissions to do so. We will at this time also make it clear on our website that we have updated our terms.

This policy was last updated May 2018. Its version number is v1.0.