Data Protection, Do it Life, Studio 2, Neckinger Mills, 162-164 abbey Street, London SE1 2AN or email us at firstname.lastname@example.org
Who we are
Do it Life is a social enterprise with company number 10709829.
We are registered as a data controller (Do It Life Social Enterprise Limited) in accordance with United Kingdom Data Protection Act 1998. We will process any personal information we collect about you in accordance with current data protection laws (currently the Data Protection Act 1998).
Data protection legislation applies to ‘personal data’ (data that relates to a living individual such as a name, home address or mobile telephone number) and regulates how that data is collected, held and processed. Data protection in the UK is currently governed by the Data Protection Act 1998 (the “DPA”), and from the 25th May 2018 by the new General Data Protection Regulation (GDPR).
For the purposes of the DPA, Doit Life is the ‘data controller’ of the personal data of Do-it users (i.e. the organisation that is responsible for, and controls the processing of, that personal data).
Do-it believes that you ultimately own and should have control over your personal data
What do the following terms mean?
- “Doit.life” means the website platform and database available at Doit.life
- The “Website” means the website located at Doit.life.
- “We”, “us”, “Do it” and “Do-it” mean Do it Life.
- “You” mean you in your capacity as a registered Do-it user.
Why we use your information
We will only use your information where we have a legal basis to do so and will always respect your rights.
Where we use your information, it is generally because you have consented to us doing so in order to provide a service to you or it may be because we consider we have a legitimate interest to do so. Where we rely on a legitimate interest to use your information, we will always ensure that this is done in a way so as not to be intrusive and that respects your rights. Other reasons may include using information because we have a legal obligation to do so or because we have to fulfil contractual obligations.
What personal data do we process?
We process the following types of personal data about you when you use Do-it:
- Information provided by you. We collect personal data, such as your name and email address, when you register to become a member of Do-it. As part of your personal profile, you may choose to submit additional information such as your gender and your location. In accordance with the Children’s Online Privacy Protection Act (“COPPA”), where you indicate you are under 16 we may additionally collect your date of birth when you register.
- Information provided by your child. Where your child is under 16 years of age, your child may choose to submit your email address so that we can send you a parental approval request for them to use the site.
- Information provided by you as parent/guardian. We collect personal data, such as your name and email address when you approve use of the site by your child should they be less than 16 years of age.
- Information relating to your use of Do-it. We collect and process information relating to your use of Do-it, including opportunities you have applied to, and hours and comments you record around your volunteering activity.
- Information collected automatically. Do-it receives and stores information which is transmitted automatically from your computer when you browse the Internet and use Do-it. This includes information from cookies (which are described in the section below on Cookies), your IP address and browser type. Your IP address is the unique address of your computer which is automatically provided to other computers when your web browser requests a web page from those computers on the Internet.
How do we use your personal data?
We will use your personal data in order to deliver the Do-it service to you. This includes using your personal data to:
- Manage your Do-it user profile
- Manage your Do-it account
- Provide you with recommendations of volunteering opportunities that match your interests
- Send you an invite to join Do-it
- Send you a link to a parental approval form, where a child is less than 16 years of age
- To respond to or fulfil any requests, complaints or queries you make to us
We may use your email address to contact you from time to time about changes to the Do-it service, to confirm with you when you register your interest in a volunteering opportunity and notify you when a recruiter places you on an opportunity you have replied to, we may also use it for security reasons to confirm that you are who you say you are. We also may use the information collected automatically, such as your IP address and information stored via cookies, to gather statistics about the number of people who visit Do-it and to customise its content, layout and services. We may share this information, on an aggregate and anonymised basis, with third parties to help us improve Do-it and better serve our users.
If you contact us directly, including raising a support ticket at https://support.do-it.org/hc/en-us/requests/new, we will use the information you give to us to handle your enquiry or request. This may include responding to your query or feedback, or sending you relevant information. We may also keep a record of conversations we have with you, feedback you provide and any marketing or support materials we send out to you. This can help us to handle queries more efficiently.
Unless you choose to tick the relevant boxes to sign up to our newsletter and other email updates, you will not receive any further mailings other than a reply to your enquiry from the opportunity provider or opportunity host. If you would like to stop receiving further mailings from us, you can uncheck the relevant box on your profile, or unsubscribe from our newsletters using the unsubscribe link on every email newsletter. You can also choose to delete your account.
How long we keep your data
Your details are automatically removed from our database if you have not used your account for more than three years. We will also remove your details if we are unable to contact you or you do not confirm your email address.
Disclosure to third parties
We may provide your personal data and the data generated by cookies and the aggregate information to the vendors and service agencies that we may engage to assist us in providing you with the Do-it service. Such third party entities will be obligated to use your personal data solely to provide services to us in connection with the Do-it service, and for no other purpose.
We will disclose your personal data if we reasonably believe we are required to do so by law, regulation or other government authority or to protect the rights and property of Do-it, its affiliates or the public. We may also cooperate with law enforcement agencies in any official investigation and we may disclose your personal data to the relevant agency or authority in doing so.
We reserve the right to transfer your personal data in the event of a transfer of ownership of Do-it, such as acquisition by or merger with another company.
Under the General Data Protection Regulations (GDPR) you have the following rights:
- Information Right – the right to receive the information contained in this policy and our data collection forms about the way we process your personal data.
- Personal Data Access Right – the right to know that we are processing your personal data and, in most circumstances, to have a copy of the personal data of yours that we hold. You can also ask for certain other details such as what purpose we process your data for and how long we hold it.
- Personal Data Correction Right – You have the right to request that we correct inaccurate data or complete incomplete data that we hold on you.
- Personal Data Erasure Right – Known as the Right to be forgotten. In certain circumstances you may request that we erase your personal data held by us.
- Personal Data Restriction Right – You have the right to restrict the way we process your personal data in certain circumstances, for example if you contest the accuracy of the data, if our processing is unlawful, to pursue legal claims, where we are relying on legitimate interests to process data.
- Data Processing Objection Right – You have the right to object to us processing your data for (i) direct marketing purposes (ii) research or statistical purposes and (iii) purposes of profiling related to direct marketing or based on our legitimate interests
- Data Portability Right – you have the right to receive a copy of certain personal data or to have it transferred to another organisation in some circumstances
Right to Withdraw Consent at any time
Where we use your personal information based on your prior consent, such as where you have given us permission to send you marketing communications by email, mobile messaging or by direct message on social media, you can withdraw your consent at any time by contacting us.
Right to complain to the Information Commissioner's Office (ICO)
You have the right to be confident that Do-it handles your personal information responsibly and in line with good practice.
If you have a concern about the way we are handling your information, then in the first instance you should raise this with us. We will take your concern seriously and work with you to try to resolve it. However if you are still unhappy with our response you can raise a concern with the ICO, the UK data protection regulator - see the links below for details:
Links to other sites
This Website may contain links to other websites that are not owned or controlled by Do-it. Please be aware that we are not responsible for the privacy practices of such other websites.
We encourage you to be aware when you leave our Website and to read the privacy statements on the other websites that you visit.
When someone visits our website we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of our website. We collect this information in a way which does not identify anyone.
We use Google Analytics to help analyse use of our Website. This analytical tool uses ‘cookies’, which are text files placed on your computer, to collect standard internet log information and visitor behaviour information in an anonymous form. The information generated by the cookie about your use of the Website (including your IP address) is transmitted to Google. This information is then used to evaluate visitors’ use of the Website and to compile statistical reports on Website activity for us.
We will not (and will not allow any third party) to use the statistical analytics tool to track or to collect any personally identifiable information of visitors to our Website.
Disabling and enabling cookies
You have the ability to accept or decline cookies by modifying the settings on your internet browser. This website www.wikihow.com/Disable-Cookies tells you how to remove cookies from your browser. However, please note you may not be able to take full advantage of the functionality of Do-it or the Website if you do so.
Security and confidentiality
The security of your personal data depends on your protection of your account password. Please do not disclose your account password to unauthorised people.
Do-it uses industry standard technology designed to help keep your personal data safe. We use a 2048-bit SSL certificate for encryption as recommended by the cybersecurity industry and The National Institute of Standards and Technology (NIST) of the US Government. Please bear in mind though, that it is impossible for Do-it to guarantee that impenetrable security measures are in place.
For example, we cannot control any illegal and/or unforeseen activity of other users that may allow them to get around the privacy or security settings on the Website. Consequently, you acknowledge that there are circumstances in which your personal data may be accessed by unauthorised persons.
Do-it also takes appropriate organisational and security measures to safeguard your personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. Our objective is to protect your personal data as follows:
- All of Do-it's systems, hardware and software used in relation to your personal data are kept secure in accordance with standard industry practice
- All Do-it employees, contractors and third party service providers are informed of their obligations under the DPA and the restrictions in place on their use of the personal data.
- All Do-it servers are hosted within the European Union (EU) using GDPR compliant hosting facilities that meet industry security standards.