Privacy and Cookies Policy

Last updated: January 2025

1. Who We Are

The Sussex Heart Charity (“SHC”, “we”, “us”, “our”) is the data controller for the personal information collected through our website and other interactions.

Registered charity No. 1120998 | Company limited by guarantee No. 06339790
Registered office: Southpoint, 8 Paston Place, Brighton, BN2 1HA

You can contact us about this policy or your data rights at info [at] sussexheartcharity [dot] org, or in writing to the address above.

2. Introduction

This Privacy Policy explains when and why we collect personal information about visitors to our website, how we use it, the limited circumstances in which we may share it, and how we keep it secure.

If you are a service user or have contacted us via our helpline, please refer to the relevant privacy notice for that service.

3. What Information We Collect

We collect personal information when you:

  • make a donation or purchase;
  • contact us via a form or email;
  • sign up to receive news or updates;
  • apply to volunteer or work with us; or
  • use our website (via cookies and analytics).

Information may include:

  • Contact details – name, address, email address, phone number;
  • Technical data – IP address, browser type, and usage data such as pages visited and dates;
  • Transaction details – donation or purchase history (but not full card data).

Card payments are processed securely by third-party providers (including Stripe, SureCart, WorldPay, and JustGiving) in compliance with PCI DSS standards. SHC never stores or has access to your card details.

4. Lawful Bases for Processing

We process your data under one or more of the following lawful bases:

  • Consent – where you have opted in to receive marketing or newsletters;
  • Contract – to fulfil a purchase, donation, or enquiry you have made;
  • Legitimate interests – for administration, reporting, and improving our services, where this does not override your rights.

5. How We Use Your Information

We may use your information to:

  • process donations, orders, or enquiries;
  • maintain supporter records and thank you for your support;
  • send updates or fundraising information you have requested or that may interest you;
  • process volunteer or job applications;
  • seek feedback to improve our services; and
  • ensure the website functions effectively and securely.

We will not sell, rent, or swap your data with any third party for marketing purposes.

6. Marketing Preferences

If you have chosen to receive updates from us, you can change your preferences or unsubscribe at any time by clicking the unsubscribe link in our emails or contacting us directly.

7. Sharing Your Data

We may share limited information with trusted service providers who act on our behalf, such as:

  • payment processors (Stripe, SureCart, WorldPay, JustGiving);
  • email and newsletter platforms (Mailchimp);
  • web hosting and IT support services.

These providers are contractually required to keep your information secure and to use it only for the purposes we specify.

8. Cookies and Website Analytics

We use cookies to ensure our website works correctly and to help us understand how visitors use it.

  • Essential cookies enable core functions such as the shopping cart and checkout.
  • Analytical cookies (via Google Analytics) collect anonymous visitor statistics.

You can control or delete cookies through your browser settings. When we implement a cookie-consent tool, you’ll be able to manage non-essential cookies directly.

9. E-Newsletters

We use Mailchimp to send e-newsletters and analyse open and click-through rates to improve our content.
Mailchimp stores data securely on servers in the United States under approved data-transfer safeguards.

10. Your Data Rights

Under the UK GDPR, you have the right to:

  • Access – request a copy of the data we hold about you;
  • Rectify – correct inaccuracies;
  • Erase – ask us to delete your data, where legally possible;
  • Restrict or object – limit certain processing;
  • Withdraw consent – for marketing at any time.

Requests can be made by email or in writing. We will respond within one month.

11. Data Retention

We retain personal data only as long as necessary for the purpose collected:

  • donation and financial records – up to 7 years (for accounting and legal reasons);
  • general enquiries and volunteer records – up to 2 years;
  • marketing contact details – until you unsubscribe or withdraw consent.

Minimal information may be retained to record your opt-out preferences.

12. Security

We use appropriate technical and organisational measures to protect your data from loss, misuse, and unauthorised access.
Our website uses HTTPS encryption for secure communication.

13. External Links

Our website may contain links to other organisations. This Privacy Policy applies only to our website, so please read the privacy statements of any other sites you visit.

14. Changes to This Policy

We may update this policy occasionally. The latest version will always appear on our website, and we will notify you of any significant changes by email where appropriate.

15. Contact

Questions about this policy or your data rights can be sent to:

Data Protection Lead
The Sussex Heart Charity
Southpoint, 8 Paston Place, Brighton, BN2 1HA
Email: info [at] sussexheartcharity [dot] org

16. Governing Law

This policy is governed by the laws of England and Wales.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by