Introduction and general terms
African Community UK CIC will take good care with your personal data. We commit to protecting any personal information we obtain from you, whether you are a financial supporter, shopper, volunteer, partner or campaigner.
Who we are
African Community UK is a registered community interest company in England and Wales (company number 11418538).Our registered address is 31 Borrowdale Close, Carcroft, Doncaster, England, DN6 8QT.
African Community UK CIC’s Purpose
Our purpose and overall mission is to promote civic responsibility and build the capacity of the BME community in UK. We provide trainings , workshops, opportunities and financial aids.
Our supporters help us to achieve this in a variety of ways, primarily by:
- Fundraising, donating money and donating.
- Campaigning for change, through signing petitions, writing letters and taking part in other campaigning actions
- Volunteering at events and in our office.
We take active steps to make sure that our supporters are aware of the ways in which they can help us achieve our overall purpose.
Why we hold and process supporters’ personal data
We hold and process supporters’ personal data for a number of reasons:
- To keep a record of donations made and actions taken by our supporters and our communications with them
- To send our supporters marketing information about our projects, fundraising activities and appeals where we have their consent or are otherwise allowed to
- To support volunteers working or participating in any of our events
- To record campaigning actions by supporters
- To claim gift aid on donations
- To fulfil contractual obligations entered into with supporters e.g. online purchases
- To keep people safe, whether they are visitors to our shops, staff or participants in events
- To comply with legal obligations
- To manage our organisation
- To make sure we do not send unwanted information to supporters or members of the public who have informed us they do not wish to be contacted
These reasons are underpinned by a “legal basis” under GDPR. We outline in the next section what these are for our main activities.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Explaining the legal bases we rely on
The data protection law sets out a number of different reasons for organisations to collect and process your personal data: When collecting your personal data, we will always make clear to you which data is necessary for a particular purpose.
African Community UK CIC relies on the following legal bases in our marketing activities:
Wherever possible, we will ask for your consent to send you marketing information. We will do this clearly through a statement of what you will receive and allow you to select only those channels that you wish to hear from us by.
For example, if you donate online to one of our community development appeals, you will be asked whether you would like us to keep in touch about our projects, fundraising activities and appeals. You will also be asked which channel(s) of communication you would like us to use (with a choice of email, SMS, post and telephone being offered).
In certain situations, we process your data to pursue our legitimate interests in ways which might reasonably be expected and which do not materially impact your rights, freedom or interests. Our use of legitimate interest includes the following:
- Sending direct marketing information by post, to keep our supporters updated on our projects, fundraising activities and appeals. We will only do this where we have reason to believe that this information will be of interest. We make it easy for you to opt out.
- Where you have made online payments for any of our services we will email you to tell you about other relevant offers. All such emails will include a simple opt out mechanism.
- If you have opted in to our emails or text messages we may use your details to link to your account on Facebook or other social media site in order to serve you African community uk cic’s content.
- We analyse your previous support to us in order to offer relevant ways of supporting our activities in the future.
- To help identify businesses who may wish to support us, we send emails to individuals where relevant to their job, for instance people working in Corporate Social Responsibility.
For activities other than marketing, we may rely on different legal bases:
If the law requires us to, we may need to collect and process your data.
For example, where you sign up to the Gift Aid scheme, we will process your data for the purposes of submitting a Gift Aid claim to HMRC.
In limited situations we may use data in the public interest. It is likely to be in the public interest to collect data to prevent crime or dishonesty, ensure that we are fair in our practices by carrying out equality and diversity monitoring, or safeguard the wellbeing of people with whom we work.
When and why we will send you personalised marketing communications
We will only contact you for marketing purposes – for example keep you up to date on our work, or let you know of ways in which you can support that work – where we have your consent or we are otherwise allowed to do so.
We will make it easy for you to tell us if you would like to receive marketing communications from us and hear more about our work and the ways in which you would like to receive this information (post, email, SMS and phone). We will ask you to reconfirm your consent if we have evidence that suggests you may no longer wish to hear from us. We will never send you marketing material if you have told us that you do not wish to receive it.
Other circumstances in which you may receive marketing information from us
We may send you marketing communications by direct mail where you are a regular supporter and we have evidence that you do not object to receiving marketing material through the post.
We will not use legitimate interest if you have opted out of direct mail whether direct to us or by registering with the Mailing Preference Service (MPS) or the Fundraising Preference Service (FPS).
Soft opt in
This allows organisations to send marketing communications by email and SMS to individuals who have previously purchased similar goods and services, provided they were given the opportunity to opt out at the time of purchase. In our case, this allows us to send marketing emails and SMS to previous clients and supporters. We apply a 24-month time limit, and only communicate on this basis where you have paid for a service or donated within this period. We will not use the soft opt in option if you have opted out of receiving email and/or SMS, whether direct to us or via the Fundraising Preference Service.
When we collect information about you
African Community UK CIC may collect your personal data in the following circumstances:
1. When you give it to us DIRECTLY
You may give us your personal data directly when you make a donation, sign up for one of our events, take part in a campaigning action, volunteer, pay for our services online. when you communicate with us.
2. When you give it to us INDIRECTLY
You may give us your information indirectly when you sign up to events, contribute to us via fundraising sites like JustGiving or Virgin Money Giving, or participate in a campaigning action with a partner. These independent third parties will pass your data to us where you have indicated that you wish to support us and have given your consent or it is a necessary part of completing a contract with you.
Sometimes your personal data is collected by an organisation working on our behalf (for example a professional fundraising agency) but as they are acting on our behalf we are the “data controller” and responsible for the security and proper processing of that data.
3. When you access African Community UK CIC’s Social Media
We might also obtain your personal data through your use of social media such as Facebook, WhatsApp, Twitter or LinkedIn, depending on your settings or the privacy policies of these social media and messaging services. To change your settings on these services, please refer to their privacy notices, which will tell you how to do this.
4. When the information is publicly available
We might also obtain personal data about individuals who may be interested in giving major gifts to social enterprises like ours. In this scenario, we may seek to find out more about these individuals, their interests and motivations for giving through publicly available information. This information may include newspaper or other media coverage, open postings on social media sites such as LinkedIn, and data from Companies House. We will not retain publicly available data relating to major donors without their consent, which will be sought at the earliest practical opportunity. Where we decide not to make contact, we will delete all personal data obtained, other than basic contact details, to which we will apply a suppression flag to ensure we do not make contact in the future.
We may also gather information if your activities relate to our work – for instance, if you are a public figure such as a Member of Parliament or you represent an organisation which we work with or which is related to one of our campaigns we may gather information about you in order to inform our campaigning and make decisions – for instance, whether we engage with you to seek your support for our work, ask your constituents to write to you, or choose to work you in another way.
If you visit our website as an anonymous visitor (e.g. you switch off cookies), We may still collect certain information from your browser, such as the IP address (an IP address is a number that can uniquely identify a computer or other internet device).
What information might African Community UK CIC (ACUK) collect about you?
We only collect personal data relevant to the type of transactions or interaction you have with We.
Whatever your interaction with us this information will be minimal and linked to the purpose for which we need it.
For example, when you contact us to make a donation, make payment online, support our gift aid scheme, take a campaign action, or sign up to any of our activities or online content (such as newsletters, competitions, or message boards) or you telephone, email, write to or text us, or engage with us via social media channels, we may receive and retain personal information.
In these cases we are likely to process details such as your name, email address, postal address, telephone or mobile number, bank account details to process donations and whether or not you are a tax payer so that we can claim Gift Aid.
If you visit one of our offices or sites we may capture you on CCTV, or you may give information to our staff via a feedback process or through our Gift-Aid Scheme.
If you participate in an event we may (with your permission) take your photograph or video, or interview you.
If you participate in market research, we may ask you questions regarding your experience with us, or other survey questions relating to your experience.
If you are a campaigner or work with our campaigns team, we may collect information such as correspondence with you regarding campaigning, details of your background and activities with us or relating to the issue, the events you attend, or how we would like to work with you.
Where we gather information about you which is publicly available – for instance as a major donor or your views on our campaigning activity – this may include your name, contact details, views and positions you have expressed, and details regarding your circumstances- for instance which political roles you hold or what your background is.
Sensitive Personal Data
We only collect “sensitive personal data” about our supporters, e.g. health status, where there is a clear and specific reason for doing so, such as participation in a marathon or volunteering at a music event or our office or office related activities.
We collect this data where we need it to ensure that we provide appropriate facilities or support to enable you to participate in the event or carry out your role. Clear notices will be provided on application forms so that it is clear what information we need and why we need it. In certain circumstances, such as when we recruit volunteer festival stewards, we need to obtain information about criminal convictions (where these are unspent) in order to check that it is appropriate for you to undertake the role.
Rarely, we may collect this data for the prevention of crime or dishonesty, to safeguard those with whom we work, or for another reason which is in the public interest. Where we do this we will do it carefully and in accordance with applicable laws.
Should you support us in a substantial way, we may provide an account manager to help you tailor your relationship to suit your interests. If this is the case we may collect sensitive personal data where relevant to our relationship, such as your political or religious views. Should you disclose information to us about your health or your family, this may also be recorded, so that we can communicate with you in a considerate and appropriate manner.
All sensitive personal data is stored on a secure database, to which only a limited number of relevant staff have access. It is deleted when no longer relevant, is never shared with third parties, and is available to you at any point should you wish to see it.
How will we use your personal data?
We will use your personal information for the following purposes:
For administrative reasons, including:
- “service administration”, which means that We may contact you for reasons related to administering any donations you have made, your tax status with regard to Gift Aid if claimed, the completion of commercial or other transactions you have entered into with We or the activity or online content you have signed up for;
- to confirm receipt of donations (unless you have asked us not to do this), and to say thank you and provide details of how your donation might be used. for example if you donate via text you will receive a “bounce back” text message;
- in relation to correspondence you have entered into with us whether by letter, email, text, social media, message board or any other means, and to contact you about any content you provide;
- for internal record keeping so as to keep a record of your relationship with us;
- to fulfil sales contracts you have entered into with We, such as the Tag Your Bag (Gift Aid) scheme, under which we are required to notify you of the proceeds from sale of items you have donated to We shops;
- to provide logistical and fundraising information to people who are taking part in a fundraising event support us.
- to communicate with our volunteers – to support you in your designated role or administer that role and our organisation;
- to keep your data up to date – for instance we use the Royal Mail’s data on postal address changes to ensure that we can maintain contact with you where we believe you are happy to be contacted by post, we also use services which notify us of the recently deceased to avoid any distress that continued communications would cause;
- to implement any instructions you give us to with regard to withdrawing consent to send marketing information or informing us through the Fundraising Preference Service that you do not wish to receive any marketing information;
- to use IP addresses to identify the location of users, to block disruptive use and to establish the number of visits from different countries;
- to protect our staff and those with whom we work, or to prevent crime and dishonesty. This will involve frequent fraud and anti-terrorism screening of employees and partners using the World-Check database (Refinitiv – Thomson Reuters), and the use of eDiscovery features on our Microsoft tools to support investigations.
- For marketing and fundraising reasons.
For market research
- to invite you to participate in surveys or research about us or our work (participation is always voluntary);
- to analyse and improve the activities and content offered on our website to provide you with the most user-friendly navigation experience. We may also use and disclose information in aggregate (so that no individuals are identified) for marketing and strategic development purposes.
Will We share your personal information with anyone else?
We will only use your information within our organisation for the purposes for which it was obtained. We will not, under any circumstances, share or sell your personal data with any third party for their own marketing purposes, and you will not receive marketing from any other companies, charities or other organisations as a result of giving your details to us.
We may need to share your information with service providers who help us to deliver our projects, fundraising activities and appeals, for instance through handling responses to our emergency appeals. These “data processors” will only act under our instruction and are subject to pre-contract scrutiny and contractual obligations containing strict data protection clauses. We do not allow these organisations to use your data for their own purposes or disclose it to other third parties without our consent and we will take all reasonable care to ensure that they keep your data secure.
Facebook and other social media sites
We may also use your email address and phone number to match to your account on Facebook or other social media sites in order to show you our content while using these services. We only do this where you have opted in to marketing emails or phone calls and we keep your data secure by encrypting it. No data we hold about you is retained by the third party.
In addition, we may also use your email address and phone number to link to Facebook or other social media sites in order to identify other users of these sites whom we believe would be interested in us, and we may then show them our content. No data we hold about you is retained by the third party.
There are two ways to prevent this use of your data, you can either update your preferences at We by opting out of the relevant channel of communication or you can do this via the social media site:
Updating your preferences with us will not guarantee that you never see our content on social media, since the social media site may select you based on other criteria and without your data having been provided by us.
Current and former African Community employees
When you leave us, We may process your data to respond to requests for employment references. In addition, OGB participates in the Inter-Agency Scheme for the Disclosure of Safeguarding-related Misconduct in Recruitment Process within the Humanitarian and Development Sector (‘Scheme’). Where you apply for employment with another member of the Scheme, they will request a statement from us disclosing whether you have been found to have committed misconduct (in the form of sexual exploitation, sexual abuse or sexual harassment) while employed with us. We will respond to these requests in line with the rules of the Scheme.
More details about the Scheme are available on the Steering Committee for Humanitarian Response website.
Where legally required
We will also comply with legal requests where disclosure is required or permitted by law (for example to government bodies, statutory bodies, or law enforcement agencies for tax purposes, where it is in the public interest, or the prevention and detection of crime, subject to appropriate protection in law).
We may transfer your personal data outside the EEA. If it does so, this may occur under the protections of the European Commission’s standard contractual clauses, but will otherwise only take place where appropriate standards and safeguards are in place.
How long will We keep your personal information?
We will hold your personal information on our systems for as long as is necessary for the relevant activity, for example we will keep a record of donations subject to gift aid for at least seven years to comply with HMRC rules.
If you request that we stop sending you marketing materials we will keep a record of your contact details and appropriate information to enable us to comply with your request not to be contacted by us.
Legacy income is vital to the running of the charity. We may keep data you provide to us indefinitely, to carry out legacy administration and communicate effectively with the families of people leaving us legacies. This also enables us to identify and analyse the source of legacy income we receive.
Where you contribute material to us, e.g. user generated content or in response to a particular campaign, we will only keep your content for as long as is reasonably required for the purpose(s) for which it was submitted unless otherwise stated at the point of generation.
How to control what we send you or request we update your personal information
The accuracy of your information is really important to us. We want to ensure that we are able to communicate with you in ways that you are happy with, and to provide you with information that is of interest.
If you wish to change how we communicate with you, or update the information we hold, then please contact us:
- email us at email@example.com
- write to us at: 31 Borrowdale Close, Carcroft, Doncaster, England, DN6 8QT
- call us on 0333 339 3763 (Mon-Fri 9am-5pm)
Additionally you can opt out of email and SMS separately:
- Email – You can opt out of marketing emails at any time by clicking the unsubscribe link in any marketing email from We.
- SMS – You can also opt out of SMS messages by texting NOINFO to 07723138347, this is charged at your standard text rate.
How long will it take for these changes to be effective?
We endeavour to meet the following service levels where supporters request we do not send them marketing information:
- Email – one week from receipt of email
- SMS – one week from receipt of SMS
- Telephone – one week from receipt of request to opt out
- Mail – 28 days from receipt of ‘do not mail’ request. This period is longer than for other channels due to the production times for mailing campaigns, and in most cases we would expect the change to be effective much more quickly.
How We keeps your data safe
We ensure that there are appropriate technical controls in place to protect your personal details. For example our online forms are always encrypted and our network is protected and routinely monitored.
We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors.
We use external companies to collect or process personal data on our behalf. We do comprehensive checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they collect on our behalf, or have access to. We have a robust partner monitoring framework to ensure these contractual obligations are met.
These organisations – referred to as “Data Processors” also have legal liability for the way in which your data is used, providing you with additional protection.
For information on the types of cookies we use, how we use them and how you can control your cookie preferences, see the cookies section of this policy.
Your rights over your personal data
You have a variety of rights in respect of your data, including the rights to see, update, restrict, object to the use of or withdraw use of your data. In particular, depending upon why we hold your data, you may have the right to request:
- Access to the personal data we hold about you, including how we first obtained your details, free of charge in most cases (this is known as a ‘Subject Access Request’).
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we delete your personal data from our systems (this is known as the “Right to be Forgotten”).
- That we no longer process your data automatically to decide whether particular marketing activities are likely to be of interest, or suggest an appropriate donation level based on your previous donation history. This is known as profiling, and helps us to ensure that our marketing is relevant and appropriate.
You can contact us to request to exercise these rights at any time, see the section above How to control what we send you or request we update your personal information for details of how to get in touch.
Opting out of Direct marketing
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We will always comply with your request.
Where we are sending you direct marketing on the basis of our legitimate interest, you can also ask us to stop. In the case of postal marketing sent on this basis, we will always comply with your request to opt out. Similarly, where we send email marketing on a soft opt in basis (see the section above , when we collect information about you,) we will also comply with all requests to opt out.
Right to be Forgotten
Upon request we will delete your personal data from our systems, to the extent that we are permitted to by law or regulatory guidelines. For instance under HMRC rules we are required to retain financial data for 7 years for audit purposes, and so will not be able to delete donation details until this time period has elapsed.
Opting out of profiling
Upon request we will cease using your personal data to decide whether you would be interested in particular updates and other marketing. Such requests may lead to you not hearing from us in future.
Subject Access Requests
You have the right to request a copy of the personal information we hold about you. We will provide this as soon as possible, and within a month unless there are specific reasons why this would not be possible. We will always let you know if this is likely to be the case.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
How to find out more, or make a complaint about our approach to data protection
If you would like more information, to update your details or have any questions about this policy, please contact our supporter relations team by email at firstname.lastname@example.org or write to us at: 31 Borrowdale Close, Carcroft, Doncaster, England, DN6 8QT or call us on 0333 339 3763 (Mon-Fri 9am-5pm).
To make a formal complaint about We’s approach to data protection or raise privacy concerns directly with our data protection team, please contact:
The Data Protection Officer, African Commnunity UK CIC.
31 Borrowdale Close, Carcroft, Doncaster, England, DN6 8QT
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0333 339 3763
Or go online to the ICO website.
Do we obtain data from other organisations?
We receive data from a limited number of Third Parties, including:
- CACI Ltd – who provide summarised data at postcode level (this is typically 16 houses). This includes data such as age, income, house type, and the ages of children in the household. We use this information to decide who to target for our marketing campaigns, so as to improve the effectiveness of our fundraising, and to ensure we do not send out marketing information which is unlikely to be of relevance.
- UK changes – who provide data on house movers and the deceased so that we can keep our records up to date and make sure we only send marketing materials where appropriate. This data is only obtained where it is consistent with current data protection laws and our Fundraising Policy, and where you have given permission for it to be shared for this purpose.
- Publicly available sources such as Twitter, Facebook, LinkedIn, parliamentary records, or statements which you make publicly, depending upon our relationship with you – in particular we are likely to collect these in connection with our campaigning activities.
From the following suppression services:
- The Mail Preference Service (MPS), which ensures we do not send unsolicited mail to those who have indicated they do not wish to receive it.
- The Telephone Preference Service (TPS), which ensures we do not telephone people who do not wish to receive unsolicited phone calls.
- The Fundraising Preference Service (FPS), which ensures we do not send unsolicited marketing material to people who have indicated that they do not wish to hear from us.
Do we use profiling as part of its marketing campaigns?
Profiling is a common technique used in direct marketing and involves analysing data to improve the targeting of communications. We use profiling techniques to help ensure our communications are relevant. Profiling allows us to target our resources effectively, which donors consistently tell us is a key priority for them. It enables us to raise more funds, sooner, and more cost-effectively, than we otherwise would. The data may have been provided to We by our supporters when responding to our marketing campaigns, or when using our website, or social media sites such as Facebook. It may also have been provided by external organisations as described below. When building a profile we may analyse geographic, demographic and other information relating to you, as well as your previous responses to our marketing campaigns. We do this in order to determine whether we believe a particular marketing campaign might be of interest. Some of the data is provided by external organisations and may be provided at an aggregate level (e.g. by postcode). Where it relates to you as an individual we check that you have provided your express consent to the relevant third party for this use of your data. This helps to maximise the effectiveness of our campaigns and to minimise the wastage that would result from sending marketing information where it is not of interest. You have the right to request we cease this profiling, for details see the section above: Your rights over your personal data.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.