The Pennies Foundation is a company limited by guarantee (registered in England no. 6418982) and is a charity (registered with The Charity Commission for England and Wales charity no. 1122489, and with the Charities Regulator in the Republic of Ireland charity no. 20106331).
How we use your information
The Pennies Foundation is a registered data controller under the Data Protection Act 2018. Any information we collect is stored and processed in the UK.
Unfortunately, no data transmission over the internet is 100% secure. While we try to protect your personal information, we cannot guarantee the security of information you transmit to us and you do so at your own risk.
We never sell or give away your personal information to third parties but we may disclose it for legal or regulatory purposes.
This privacy notice tells you what to expect when we collect personal information. It applies to information we collect about:
- visitors to our websites;
- people who sign up to receive our newsletter or get in touch through the contact form on our website;
- people who contact us either be telephone or in writing including by email;
- job applicants and our current and former employees.
Visitors to our websites
We will make it clear when we collect personal information and will explain what we intend to do with it. For example, we may ask you if we can add your details to our database so that we can provide you with information about us by email. We will only contact you with this information if you say that we can do so. You can tell us at any time that you no longer want to receive information from us by email at email@example.com, by sending a letter to the Administrator at Pennies, Third Floor, 140, London Wall, London EC2Y 5DN or by following the “unsubscribe” instructions contained in any communication you receive from us.
If you do not want to accept cookies when visiting the Pennies website, you can switch them off using the options below. However, if you block cookies it will impair the functionality of our website and certain parts of the site will not be displayed, for example the Twitter and Facebook feeds.
If you do not want to accept cookies on any website, you can easily change your browser settings to refuse or delete cookies or to let you know when you get a new cookie. The means by which you can choose to refuse or delete cookies depends on your browser so please consult your browser’s menu for further details.
We use a third party provider MailChimp, a registered trademark of The Rocket Science Group LLC, to deliver our e-newsletters. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. Whenever we send you an email it will contain a link to allow you to “unsubscribe” from future communications. For more information, please see MailChimp’s privacy notice at https://mailchimp.com/legal/privacy/.
Our website is hosted at WordPress.com, which is run by Automattic Inc. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. WordPress requires visitors that want to post a comment to enter a name and email address. For more information about how WordPress processes data, please see Automattic’s privacy notice at https://automattic.com/privacy/.
People who contact us via social media
We use the Facebook, Twitter and LinkedIn platforms for our social media interactions.
We embed videos from our official YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode. To find out more please visit https://www.google.co.uk/intl/en-GB/policies/privacy/
People who email us
We do not encrypt or protect email traffic. We use Microsoft to send emails and once they leave their servers the message is sent out in plain text and is not encrypted. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. We do not accept liability for damage caused by any virus transmitted by email so you should check any email and attachments for the presence of viruses.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
People who make a complaint to us
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for three years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Job applicants, current and former employees
We are the data controller for the information you provide during the recruitment process unless otherwise stated. If you have any queries about the process or how we handle your information, please contact us at firstname.lastname@example.org.
What will we do with the information you provide to us?
All of the information you provide during the recruitment process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
What information do we ask for, and why?
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.
The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you don’t.
If you use our online application system, this will be collected by a data processor on our behalf (please see below).
We ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.
You will also be asked to provide equal opportunities information. This is not mandatory information – if you don’t provide it, it will not affect your application. This information will not be made available to any staff outside of our recruitment team, including hiring managers, in a way which can identify you. Any information you do provide, will be used only to produce and monitor equal opportunities statistics.
Our hiring managers shortlist applications for interview. They will be provided with your name or contact details or with your equal opportunities information if you have provided it.
We might ask you to participate in assessment days; complete tests or occupational personality profile questionnaires; and/or to attend an interview – or a combination of these. Information will be generated by you and by us. For example, you might complete a written test or we might take interview notes. We hold this information.
If we make a conditional offer of employment, we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurance as to their trustworthiness, integrity and reliability. You will therefore be required to provide:
- Proof of your identity – you will be asked to attend our office with original documents, we will take copies.
- Proof of your qualifications – you will be asked to attend our office with original documents, we will take copies.
You may be asked to complete a criminal records declaration to declare any unspent convictions. We will contact your referees, using the details you provide in your application, directly to obtain references. If we make a final offer, we will also ask you for the following:
- an email address which we will use to send your payslips and other payroll-related forms. If you are a member of the pension scheme we will pass on your nominated email address to B&CE Holdings Limited (B&CE) so that they can open a personal pension account for you.
- bank details – to process salary payments;
- emergency contact details – so we know who to contact in case you have an emergency at work.
If you accept a final offer from us, some of your personnel records will be held on Sage which is an internally used HR Payroll system.
Childcare Voucher Scheme
We offer a Childcare Voucher Scheme to qualifying employees which is administered by Fideliti Limited (Fideliti) and information. If you are enrolled in the scheme, we will pass on information about you to Fideliti including your National Insurance number and tax status.
For some vacancies, we sometimes advertise through JobLadder Limited (Charity Job). Charity Job will collect the application information which is used to assess your suitability for the role you have applied for, the results of which are assessed by recruiters.
For further information, please see their privacy policies at: https://www.charityjob.co.uk/info/legal/privacypolicy
How long is the information retained for?
If you are successful, the information you provide during the application process will be retained by us as part of your employee file for the duration of your employment plus 6 years following the end of your employment. This includes your criminal records declaration, fitness to work, records of any security checks and references.
If you are unsuccessful at any stage of the process, the information you have provided until that point will be retained for12 months from the closure of the campaign.
Information generated throughout the assessment process, for example interview notes, is retained by us for 12 months following the closure of the campaign.
Equal opportunities information is retained for 12 months following the closure of the campaign whether you are successful or not.
How we make decisions about recruitment?
Final recruitment decisions are made by hiring managers and members of our recruitment team. All of the information gathered during the application process is taken into account. You are able to ask about decisions made about your application by speaking to your contact within our recruitment team or by emailing email@example.com.
Under the Data Protection Act 2018, you have rights as an individual which you can exercise in relation to the information we hold about you.
You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/
Access to personal information
Individuals can find out if we hold any personal information by making a ‘subject access request’ under the Data Protection Act 2018. If we do hold information about you, we will:
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form.
To make a request for any personal information we may hold you need to put the request in writing to the address provided below.
If your contact details change, or if you think that the information we hold about you is out of date or inaccurate, please get in touch with us and provide us with the correct details.
Please let us know if you do not want to receive any further information from us and would like us to remove your name from our mailing list by contacting us by email at firstname.lastname@example.org, by sending a letter to the Administrator, Pennies, Third Floor, 140 London Wall, London EC2Y 5DN.
Where we do hold information about you, you can ask us to correct any mistakes by, contacting us in writing.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on 18/03/2018.
The terms of the policy shall be governed and construed in accordance with the laws of England and Wales and any disputes arising hereunder shall be subject to the exclusive jurisdiction of the Courts of England and Wales.
How to contact us
The Pennies Foundation