Who are we?
The Saint Catherine Foundation is a registered charity in England and Wales (Charity Number 1053138). We are also a company limited by guarantee (Company Number) 3091163.
Our registered offices are at: 14 Cleveland Row, London, SW1A 1DP, London, United Kingdom.
The Foundation’s Data Protection Officer (DPO) is Heather Ravenberg. The DPO may be contacted at the registered address listed above, via email at firstname.lastname@example.org or by telephone at +44 (0)20 7396 5420.
What information do we collect about you?
Personal data refers to information that can identify an individual. The various types of information that we might collect about you are as follows:
Identification Information: title, first name, surname, job title
Contact Information: email address; postal address(es), telephone number(s)
Financial Information: bank account details, payment card details
Transaction Information: records of purchases, donations and event bookings you have made with us
Event Participation Information: records of events that you have attended with us
Communications Information: your preferences about the types of information you wish to receive from us, and records of our contact with you
Technical Information: any information you enter on our website, the Internet protocol (IP) address used to connect your computer to the Internet, computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page.
Other Information: information that you have provided us about your interests in relation to the Monastery of St Catherine and our work there
How and when do we collect information about you?
We collect data about you in a few different ways.
From you: when you contact us direct to provide us with the relevant information for making donations, becoming a Friend, purchasing items from us, booking to attend an event or electing to receive updates from us about our work. This contact may be in writing, via telephone or in person (Identification, Contact, Financial, Transaction, Communications and Other Information, as described above).
From third parties or publicly available sources: when you make purchases on our website, place orders on third-party sites that are fulfilled by us or when you book events on external websites; or when we use publicly available sources to update contact information (Identification, Contact and Transaction Information, as described above).
From automated sources: when you use our website (Technical Information, as described above).
How will we use your personal data?
We will use your data in accordance with all applicable laws, as follows:
When you have given us consent to contact you: we will use your Identification, Contact and Communications Information for the purpose of contacting you with updates about our work and notifications of fundraising campaigns and events
When we have a contract with you to fulfil: when you make donations, become a Friend, purchase items from us or book to attend an event, we will use your Identification, Contact, Financial and Transactions Information to register you as a supporter, process your payment and, when applicable, deliver your order.
When it is necessary for our legitimate interests or those of a third party and the protection of your personal data does not override those interests: we will use your Identification, Contact and Communications Information for the purpose of maintaining our relationship with you by contacting you with updates about our work and notifications of fundraising campaigns and events
Will we share your data with anyone else?
We will not sell your data to any other entity for any purpose.
We will not share your data with any other entity for marketing purposes. We may need to share your data with third parties for the processing of donations and payments for sales and event bookings, or so that we may arrange for the shipment to you of items that you have purchased from us. We make every effort to ensure that these third parties your data only for the purpose for which we have shared it and that they delete the data when it is no longer needed for that specific purpose.
If you contact us with a query regarding the Monastery of St Catherine, we may share your contact details with the Fathers at the Monastery for the express purpose of responding to your query.
How long will we keep your personal information?
We will hold our data only as long as it is necessary to comply with any legal or accounting requirements or to maintain our relationship with you.
What are your data protection rights?
You may exercise the following rights at any time, by contacting our DPO at 14 Cleveland Row, London, SW1A 1DP, United Kingdom or email@example.com:
How can you control what we send you or request we update your personal information?
If any time you wish to stop receiving communications from us, or if you wish to change your contact details, you may do so by: clicking ‘unsubscribe’ at the bottom of an email; emailing us at firstname.lastname@example.org; telephoning us at +44 (0)20 7396 5420; or writing to us at Saint Catherine Foundation, 14 Cleveland Row, London, SW1A 1DP, United Kingdom.
We will immediately honour all requests to change communication preferences, including those to stop all communications.
How do we keep your data safe?
We make every effort to securely store personal data, and have put in place appropriate measures to prevent this data from being lost, stolen or otherwise accessed or used without authorisation.
Our website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Links to other websites
How can you raise privacy concerns or make complaints about this policy?
If you have any questions or concerns about this policy, or would like to make a formal complaint about our data protection activities, please contact us at:
Saint Catherine Foundation
FAO Data Protection Officer
14 Cleveland Row
You also have the right to make a complaint to the Information Commissioner’s Office, the UK’s independent data protection authority, at https://ico.org.uk/global/contact-us/ or https://ico.org.uk/concerns/.
This policy was last updated on 25 May 2018.