How we use your data

Privacy Policy

The Fawcett Society takes security of your personal data extremely seriously. This document will describe what we do with any personal data you provide to us, what your rights are in relation to them and how you can exercise those rights. You can contact us by visiting our Contact Us page.

UK GDPR sets a high standard for consent, which must be unambiguous and involve a clear affirmative action (an opt-in)

Consent must be freely given.
Consent must be obvious and require a positive action to opt in
Consent must specifically cover the controller’s name, the purposes of the processing and the types of processing activity.
Consent must be explicit and expressly confirmed in words, rather than by any other positive action.
There is no set time limit for consent. How long it lasts will depend on the context. You should review and refresh consent as appropriate.

The UK GDPR also gives a specific right to withdraw consent.

More information about consent can be found on the Information Commissioner’s Office website here

2. When we process your data

We process your data in the following situations:

if you use our website or contact us by phone or email
if you sign up to our newsletter
if you make at least one donation to us
if you become a member of our organisation or gift a membership
if you take part in one of our research projects
if you sign up to attend one of our events
if you hold a sponsored event with us
if you purchase items from our shop
if you campaign with us
if you sign up to our affiliate programmes
if you join one of our grass-roots pilot projects
if you apply for employment with us
If you volunteer or apply for other voluntary roles with us
If you complete a survey.

We take extra care of personal data when we know that you are under 18.

The section on visiting our website will be relevant to anyone who is reading this online.

3. Data Retention

In general, we retain data for as long as is necessary to accomplish the task set out in each section below. This means that we do not retain your personal data if we have no reason to do so. On the other hand, some of our goals require us to retain your data. For example, we will keep records of transactions for 7 years as is legally required of us. We will retain information from our legacies project for an indefinite amount of time as that is a fundamental requirement of us running the scheme. If you would like us to actively delete your personal data even if it is still required for some of our stated aims, then you can make use of your right to erasure.

4. Your Rights

The General Data Protection Regulation enshrines the following rights for you in law:

Right to be informed — the right to know what is happening with your personal data. This document, as well as notices along with our services, serve to fulfil that right for you.
The right to access your personal data — you can request a copy of the data we hold about you.
The right to rectification — you have the right to correct the personal data that we hold about you. We will then inform our data processors of the rectification and expect them to update their records too.
The right to erasure — you have the right to request that we delete any personal data we hold about you. This is not an absolute right: we can retain data derived from your original data if it is no longer personal. We might also not be in a place where we can delete (all) of your data, for instance for legal reasons.
The right to object — you have the right to object to our processing of your data in the rest of this document. This right allows you to request that we stop processing your data temporarily, whilst we work to follow up on one of your other rights.
The right to the restriction of processing — this right entitles you to request a pause on our processing of your data whilst you and Fawcett Society resolve a query relating to one of your other rights. We will apply this automatically if you request this whilst exercising one of your other rights.
The right to data portability — This right grants you the ability to request a portable version of your personal data, i.e. data in an electronic format that you can then use with other service providers.

In addition, where we rely on consent as our legal basis, you have the right to unconditionally withdraw consent. At this point, we will stop processing your data, and delete any personal data that we do not need to hold for other reasons. You can exercise this right by unsubscribing directly from communications, or by completing this form.

Finally, you have the right to lodge a complaint with a supervisory body. You should normally do this in the country where you are habitually resident. In the UK this authority is the Information Commissioner. You can lodge a complaint at https://ico.org.uk/concerns/.

Of course, if you are unhappy with the way we have handled your personal data, we would prefer to hear from you directly so we can work on a solution with you.

When processing your financial data the legal basis for our processing of your data is our Legitimate Interest to generate revenue, take payments, document transactions that might be audited at a later stage and to be able to handle enquiries from you about any money you have contributed to us

5. Consent Procedure

Newsletter

We publish a newsletter that aims to keep interested persons, campaigners and activists informed about & engaged with our work. The newsletter contains information relating to our campaigns, research, and events that we run. It also contains commentary on topical issues and carries advertising for our shop. Finally, we also use it to make supporters aware of fundraising initiatives we are running.

When you sign up to our newsletter, the personal data you provide will be passed on to Mailchimp, who provide mailing list infrastructure to us. Mailchimp uses some personal tracking technologies to allow us to carry out analysis on the success of our mailing list. Mailchimp is a US company, so the personal data you provide us with may leave the EU. Mailchimp operates under the EU-US Privacy Shield initiative to certify that they live up to EU standards of data protection.

We also synchronise personal data you provide when you sign up to our newsletter with our contacts relationship management system provided by the Access Group. We do this to keep track of your communication preferences.

The legal basis for our processing of your data in this way is Consent, which you can withdraw at any time by unsubscribing from the newsletter. Simply click the unsubscribe button on any of our mailings to do so.

Contractors we use:

Making a donation to us, or a fundraising event

As a charity, a large part of our funding comes from donations. In order to minimise the amount of personal data, we store on our systems, we have implemented several robust means of online giving.

When you make a donation, we collect personal data to facilitate making the payment. We also use your personal data to claim Gift Aid on your donation if you have told us that you would like us to do so. When we do so, we transfer your name and address to HMRC's systems.

Depending on which method of payment you use, the personal data you entered on our website, which is run by The Access Group, as well as additional payment details (such as your account number, or debit card number) will be provided to one of our payment providers: GoCardless for Direct Debits, or PayPal or Stripe for individual payments.

We also synchronise donation payment details with our contacts relationship management system provided by the Access Group.

The legal basis for our processing of your data is our Legitimate Interest to generate revenue, take payments, document transactions that might be audited at a later stage and to be able to handle enquiries from you about any money you have contributed to us.

Contractors we use:

Becoming a member of our organisation or gifting a membership

Our membership schemes provide us with stable, independent funding. It lies at the core of how we are able to carry out our mission.

When you become a member the data you enter on our web platform, which is provided by The Access Group, is stored there. That data, as well as your payment credentials, are also used by the payment provider used depending on the type of payment you make: GoCardless for Direct Debits, or PayPal or Stripe for individual payments.

We also synchronise your data with our contacts relationship management system provided by the Access Group in order to manage your membership with us. This will include us communicating with you by post, email or telephone for administrative purposes.

The legal basis for the above forms of data processing is our Legitimate Interest to provide an effective service for our members.

We also provide our members with our magazine, Stop Gap!. This is generally sent by email but if we have no email address it will be sent by post. In order for us to post this to you, we need to transfer your name and address to our printing contractors, CM Print.

The legal basis for the above mailing is Consent, which you can withdraw by contacting us.

Members are invited to our yearly Annual General Meeting every year. It is our legal responsibility to invite Members so they have the opportunity to vote. This invitation does not require consent as it is based on ‘legitimate interest’.

If you told us that you would like to be kept in touch with, then we subscribe you to our members-only newsletter, that we send out by email. Some of your personal details, namely your name and email address, will be transferred to Mailchimp, which provides us with a mailing list infrastructure. Mailchimp uses some personal tracking technologies to allow us to carry out analysis on the success of our mailing list. Mailchimp is a US company, so the personal data you provide us with may leave the EU. Mailchimp operates under the EU-US Privacy Shield initiative to certify that they live up to EU standards of data protection.

The legal basis for our newsletter is Consent, which you can withdraw at any time by unsubscribing from the newsletter. Simply click the unsubscribe button on any of our mailings to do so.

Gift Memberships

We keep the data of the person who gifted the membership to comply with regulations relating to the recording of financial information.

In addition, when you offer membership as a gift to someone else, you provide us with the details of the person that you wish to make the gift out to. We will contact them to let them know that we have obtained their information from you, and to let them know that they have been given this gift. We will also, in that email, ask them whether they would like to be signed up to our newsletter.

Family Memberships

When you sign up for a family membership, the same terms apply as for ordinary memberships. We will be in contact with you to manage the family membership.

We will store the details of the individual persons in your family members in the same way as we store your details.

Affiliate Programme

We offer an affiliate membership programme to organisations based on mutual agreement. We will collect and process your data in a very similar way to our normal membership programs. One of the primary differences will be our communications to your organisation.

Your organization will designate a specific individual for us to communicate with, and we will do so on the assumption that this is part of their role within your organization. That individual will normally receive our newsletters and campaigning information, but we may also on occasion, communicate content specifically tailored to our affiliate members.

Fawcett Equality Network

We offer a corporate supporters programme to organisations based on mutual agreement. We will collect and process your data in a very similar way to our normal membership programs. One of the primary differences will be our communications to you.

Your company will designate a specific individual for us to communicate with, and we will do so on the assumption that this is part of their role within your company. That individual will normally receive our newsletters and campaigning information, but we may also on occasion, communicate content specifically tailored to our corporate supporters.

Contractors we use:

Taking Part in one of our research projects

We have a comprehensive policy that has specific Terms and Conditions for research participants. Please consult our policies:

Data Retention Policy

Data Sharing Policy and Procedure

Research Data Policy and Procedure

Attending one of our events.

We organise public as well as private events to further our cause. We manage events through our web platform provided by Access Charity Websites. When you sign up to an event, data you provide will be stored on that platform.

In addition, if the event is chargeable, some of that data, is it as well as your payment details are provided to your payment provider of choice: GoCardless for Direct Debits, or PayPal or Stripe for individual payments.

When we have a stall at events where we sell items, we use our Shopify infrastructure to take card payments. When we take donations, we use the additional payment providers.

We synchronise data about our event attendees with our contacts relationship management system provided by the Access Group. We do this to facilitate event administration.

The legal basis for our event administration, including associated campaign communications is Legitimate Interest. If you have signed up for an event it is necessary for us to communicate with you about it. You can withdraw at any time by informing us of your wish to withdraw from the event. You can do so by contacting us.

Contractors we use:

Access Group
GoCardless
Mailchimp
PayPal
Shopify
Stripe
Zoom
Eventbrite
AddEvent

Hosting a Sponsored Event with us

You can organise a fundraising event for us, and we can provide the infrastructure for you! If you decide to do so, the data you provide will be stored on our web platform, which is provided by The Access Group.

We synchronise data about our fundraisers with our contacts relationship management system provided by the Access Group to administer the fundraising process. You will be assigned a dedicated income source on our systems through which we track who donated to your cause, and how much they gave.

The legal basis for our processing of your data in this way is our Legitimate Interest in providing you with a pleasant and effective fundraising infrastructure. In addition, we also process your data to allow us to maintain records that we can then use to claim Gift Aid, if appropriate, or report against the effectiveness of our fundraising campaigns

You can choose to host a sponsored event using other platforms such as JustGiving who have their own GDPR and Consent Policies.

Contractors we use:

Access Group

Campaigning with us

The legal basis for data processing below is our Legitimate Interest in providing that particular form of campaigning.

Blogging with us

If you decide to write blogs for us, we will store your contact details in our contacts relationship management system provided to us by The Access Group. Some personal data will also be stored on our web platform, upon which your articles are published. This is provided by The Access Group.

We will retain copies of communications about your volunteering in our email systems supplied by Microsoft Office365.

Contractors we use:

Volunteering with us

We work with volunteers to facilitate events, support our membership scheme and administer our shop, as well as many other specific campaigns.

To facilitate our work with volunteers, we store their details in our contacts relationship management system provided to us by Access Group.

We will retain copies of communications about your volunteering in our email systems supplied by Microsoft Office365.

Contractors we use:

Becoming involved in our local groups

We work with a number of affiliated local groups and on occasion act as mediators for them. In general, each local group is responsible for its own data management. If you express interest in getting involved in a local group to us, we will pass those details on to the most appropriate group based on your consent to do so. We will also store your contact details in our contacts relationship management system provided to us by Access Group. Local Groups must follow our GDPR Data Protection Policies.

We will retain copies of communications about your volunteering in our email systems supplied by Microsoft Office365.

Contractors we use:

Signing up to an affiliate programme

Retention Policy

The retention policies for our individual affiliate programmes depend on the programmes themselves and the terms of those programmes. Please see the details of the programme you are signing up to.

Free Wills Network

We work together with the Free Wills Network, managed by Capacity Marketing, to provide a legacies programme for us. As part of this programme, we advertise the network's service to our members for whom we can provide a free standard will.

If you decide to make use of this offer, then you will be providing the personal data you submit on our webform directly to Capacity Marketing. We will also hold that data you submit in our own contact relationship management system hosted by the Access Group so that we can keep track of who has expressed an interest in our legacies programme.

We will retain your data in the context of this programme for as long as you are part of it, and the legal basis for this is your consent which you can withdraw at any time.

Data Controllers, we work with:

2. Equal Pay Advice Service

We work together with Leigh Day to provide this service. We refer candidates that are eligible for the equal pay advice service to Leigh Day, who then carry out the service confidentially.

If you apply for the service, the form data you provide will be stored by us. We may use it in an aggregated fashion for reporting purposes. We pass the data on to Leigh Day who will then contact you to progress your case. Leigh Day will provide some data strictly for the use of reporting back to us.

We will retain your data in the context of this programme for the duration of the programme. The legal basis for our processing your data in this fashion is consent which you can withdraw at any time. At this point, we would anonymise your data, but still, use it in aggregate.

Data Controllers, we work with:

Smart Survey
Leigh Day

Joining one of our grassroots pilot projects

We will occasionally start new initiatives to organise people around issues concerning gender equality. We will never assume that you would like to join such a network by default.

On the other hand, sometimes people that are part of such networks are interested in organising a local Fawcett Group. To this end, we will occasionally inform you about local groups through the network's communication channels.

If you sign up through the website, your data will be stored by our website provider, The Access Group. In any case, we will securely transfer your data to our contacts relationship management system, which is hosted by the Access Group.

We use MailChimp to facilitate our mailing lists. Mailchimp uses some personal tracking technologies to allow us to carry out analysis on the success of our mailing list. Mailchimp is a US company, so the personal data you provide us with may leave the EU. Mailchimp operates under the EU-US Privacy Shield initiative to certify that they live up to EU standards of data protection.

In addition, we may securely and temporarily pass your data to CM Print, who we use for printed communications with you.

The legal basis for this data processing is your consent, which you can withdraw at any time

Contractors we use:

Applying for a position with us

When you apply to work with us, you will inevitably submit personal data to us, in the form of your application. We process this data for the purpose of filling the post you applied for. But on occasion, we may well wish to hold on to your details, and even your application, for some time afterwards even if your application was not successful. This is for us to get back to you if we feel another job opening might suit you. We would only do this after we explicitly asked for your permission.

We would retain this data for up to a year after your application to the post. If we decide not to hold on to your data, then we will securely destroy it after the vacancy has been filled.

If your application is successful, then the context in which we hold your personal data changes. It is now governed by our internal HR procedures, which you would be free to consult at that point.

In either of the above cases, your personal contact details will be added to our contact relationship management system, hosted by the Access Group. Your application itself would be stored in our Office365 environment.

We also will ask you to complete an anonymous diversity survey, hosted on Smart Survey. This is optional and contains no direct questions that serve to identify you.

The legal basis for our processing of your data in the context of recruitment is consent, which you can withdraw at any time.

Contractors we use:

How we handle data of young people

The GDPR designates personal data of young people as particularly sensitive. In addition, there are additional regulations in place around fundraising when it comes to young people and young adults.

For this reason, where we have identified user journeys where we might be collecting personal data of young people, we ask for a date of birth.

If you provide us with that date of birth, it will be stored on our web platform, which is provided by The Access Group. We will also store it on our contacts relationship management system, which is provided by the Access Group.

The legal basis for this is Legal Obligation, as set out in the GDPR.

Our use of your data when you are a person of public interest, such as a politician, campaigner or journalist

We are, amongst other things, a campaigning organisation. A part of the work we do involves talking to, networking, and building alliances with politicians and other persons of public interest.

To this end, if you are such a person, we may hold information about you, your voting history, your campaigning and/or professional work in our contact relationship management system, hosted by the Access Group. We may use this information for influencing and campaigning work with you, or in the process of generating reports or research.

The legal basis for our use of your data in this context is our legitimate interest to further our charitable goals.

Contractors we use:

Using our website, or contacting us by phone or email

We use software that allows us to track your interaction while on our website, the software is powered by Google Analytics. We do this improve your user experience and to gather usage statistics to make informed choices on further web development and design.

We also use other unobtrusive web technologies, such as session cookies to provide a functioning or pleasant website as a whole. These technologies, as well as our web platform, are provided by Raising IT.

Large parts of this analysis rely on anonymous data, but some data for instance, your IP address, is personal.

The legal basis for this processing is our Legitimate Interest in being able to provide an engaging and welcoming online platform to support the mission of the Fawcett Society.

When you contact us by phone, depending on your query, we will create or update some of your personal information in our contact relationship management system, which is hosted and developed by the Access Group.

When you contact us by email, your email address, as well as the contents of your email, will be stored on our Office365 environment, provided by Microsoft. In addition, we may create or update a record for you in our contact relationship management system.

The legal basis for both the above uses of your personal data is our Legitimate Interest in being able to provide a well-functioning office environment where we can serve enquiries from a diverse range of people.

Cookies

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.

For further information, visit https://www.aboutcookies.org or https://www.allaboutcookies.org.

You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

Contractors we use

Other Websites

Our website contains links to other websites. This privacy policy only applies to this website, so when you follow a link to other websites, you should read their own privacy policies.

List of Data Processors we work with

Access Group

Access Group provide us with secure storage for our customer relations management database. They also provide us with the software powering that database and our website.. They host as well as develop the software. As a result, any data submitted through our website (such as registration data, or donor data), is stored on Access Group servers. Access Group merely hold the data for us, and we are in control of retention & manipulation. As such, they act as Data Processors in our service. You can read their Privacy Policy for more details.

Access Group merely provide the infrastructure for our database, and as such, do not access any data, we store in it.

CM Print

We use CM Print to produce & post paper documents that are then sent to our members. To this end, we securely transfer personal identification from our systems to CM Print, who only use it for postage & printing. The copy of the data they hold is destroyed after completion of the project.

Google Analytics

We use Google Analytics to carry out analysis of usage on our website so that we can improve it & the campaigning work we carry out. We only use Google Analytics aggregate reporting.

Google Analytics does transfer data out of the EU. To this end, it is EU-US Privacy Shield certified.

You can find more information on Google's use of your data here.

Mailchimp

We use Mailchimp to manage our newsletter as well as to organise mass-mailings related to campaigns, events and administration.

To this end, some personal detail, such as your name and email address, is stored on Mailchimp's servers. Also, Mailchimp uses some personal tracking technologies to allow us to carry out analysis on the success of our emails. Mailchimp is a US company, so the personal data you provide us with may leave the EU. Mailchimp operates under the EU-US Privacy Shield initiative to certify that they live up to EU standards of data protection.

Microsoft Office365

We use the Microsoft Office365 infrastructure to provide our email and data storage infrastructure. In the course of communicating with us by email, and in the course of our work to carry out our charitable goals, we will store personal data in this infrastructure.

Microsoft complies operates under EU-US Privacy Shield certification and provides additional contractual commitments.

You can find out more about this at here.

Smart Survey

We use Smart Survey as our preferred survey service provider. Smart Survey collects and stores data for us as supplied by participants to our surveys. They only store the data to fulfil their agreement with us as the account holder.

You can find out about the Smart Survey's approach to privacy here.

 IPArL

We use IPArl as our preferred email campaign provider. IPArL collects and stores data for us as supplied by participants to our email campaigns. They only store the data to fulfil their agreement with us as the account holder.

List of Data Controllers we work with

Capacity Marketing

We work with Capacity Marketing as part of the Free Will's network. We provide some personal data, explicitly based on your request, via secure data transfer, which is then only used by Capacity to help you enrol in the Free Wills scheme.

GoCardless

We use GoCardless as our Direct Debit payment provider. In the course of making a commitment to payments by Direct Debit to us, some data is transferred to GoCardless so they can present you with a form to collect your payment details. These details are stored on GoCardless' servers that are operated within the EU.

GoCardless acts as a data controller with regard to your data which means that they operate according to their own retention policies and data processing policies. Nonetheless, we are given access to your personal data so that we can carry out reporting & other administrative tasks.

For more information on how GoCardless treats personal data, you can browse these resources. You can also read their Privacy Documents.

PayPal

We use PayPal to allow our supporters to make convenient online payments. PayPal acts as an independent data controller, and we do not transfer personal data to them except in order to pre-populate one of their forms. PayPal makes some personal data available to us for reporting and administrative purposes.

PayPal's infrastructure is global, and as such personal data will be transferred out of the EU.

You can read more about PayPal's privacy commitments here.

Stripe

We use Stripe as a debit and credit card payment gateway. Stripe acts as an independent data controller, and we do not transfer personal data to them except to pre-populate one of their forms. Stripe makes some personal data available to us for reporting and administrative purposes.

Stripe's infrastructure is global, and as such personal data will be transferred out of the EU. You can find out more about the clauses Stripe use for these transfers by contacting them at [email protected].

You can read more about Stripe's privacy commitments here.

Leigh Day

We work with Leigh Day as part of our Equal Pay Advice Service. They are an independent data controller to whom we pass initial referral data. They share some data back with us so that we can track progress in cases.

SwiftAid

SwiftAid process additional Gift Aid claims. The data used is only used to process Gift Aid and is not disclosed to any third party. You can find their privacy policy here

Other Relevant Policies

Data Subject Rights Policy and Procedure

Information Security Policy

Consent Policy and Procedure

Access Control Policy

Incident and Breach Policy and Procedure

Data Retention Policy

Data Sharing Policy and Procedure

Research Data Policy and Procedure

Terms and Conditions of Becoming a Fawcett Member

Any changes to this policy must also be updated as part of the Website Privacy Notice

Latest

Transforming Early Childhood Education and Care: Part 2

Fawcett's new report draws on expertise from around the world to create a blueprint for an ECEC system that is not only fit for purpose, but fit for the future.
Join our movement for women's rights

We campaign for gender equality. At home, at work, and in public life. Join us — become a Fawcett member today!
A Bookshop of One's Own

Author of Stand We At Last and longstanding Fawcett member Zoe Fairbairns reviews Jane Cholmeley's A Bookshop of One's Own.
FAQs - Public Harms Call for Evidence

Who we are

The Fawcett Society is the UK’s leading membership charity campaigning for gender equality and women’s rights. If you believe in a society where no one is prevented from reaching their full potential because of their gender, join us today.
Work with us
Join our movement for women's rights

We campaign for gender equality. At home, at work, and in public life. Join us — become a Fawcett member today!
Our history

Millicent Fawcett began campaigning for women’s equality in 1866, and was instrumental in achieving first votes for women in 1918. At The Fawcett Society, we’ve continued her legacy of fighting sexism through impactful research and hard-hitting campaigns for over 155 years.
Close the gender pay gap

Did you know it will take 100 years to close the gender pay gap at current rates? We cannot afford to keep going backwards.
Fawcett research shows exposure to gender stereotypes as a child causes harm in later life

7 MARCH 2019: New polling today shows ‘significant and wide-ranging consequences for both women and men’.
Equal Pay

The Equal Pay Act in the UK is not fit for purpose. We're calling to end pay secrecy with a legal 'Right to Know'. The time for change is now.
Find a local group

We’re delighted to have a growing number of active and effective local women’s rights meet ups, who work in the local community to enforce change and campaign on our behalf. Their work is invaluable to Fawcett.
Sex Discrimination Law Review

How do we make equality law in the UK fit for the 21st century? Create a fairer and more equal society by supporting our Law Review.
Equality – it’s about time: Timeline of women’s rights 1866-2016

29 JANUARY 2016