Privacy Notice — The Seedkeep Foundation

Privacy statement

We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.

DO YOU NEED EXTRA HELP?

If you would like this notice in another format (for example: audio, large print, braille) please contact us (see ‘How to contact us’ below).

WHO WE ARE

The Seedkeep Foundation uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.

THE PERSONAL INFORMATION WE COLLECT AND USE

Information collected by us

In the course of carrying out the objects of the Foundation, we collect the following personal information when you provide it to us:

name, address, telephone numbers (landline and mobile), email address; and
confidential financial details if provided by you for the purposes of administering a grant.

How we use your personal information

Under data protection law, we can only use your personal data if we have a proper reason for doing

so, e.g.:

to comply with our legal and regulatory obligations;
for the performance of our services to you or to take steps at your request before entering into services with you;
for our legitimate interests or those of a third party; or
where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. The table below explains what we use (process) your personal data for and our reasons for doing so:

What we use your personal data for Our reasons

To provide services to you, in assessing and

dealing with your application to the Foundation.

For the performance of our services with you

or to take steps at your request before entering

into those services

Any processing necessary to comply with our

professional, legal and regulatory obligations that

apply to our us, e.g. under health and safety

To comply with our legal and regulatory

obligationsWhat we use your personal data for Our reasons

regulation or rules issued by the Charity

Commission

Gathering and providing information required by

or relating to audits, enquiries or investigations by

regulatory bodies

To comply with our legal and regulatory

obligations

Ensuring business policies are adhered to, e.g.

policies covering security and internet use

For our legitimate interests or those of a third

party, for example, to make sure we are

following our own internal procedures so we

can deliver the best service to you

Operational reasons, such as improving efficiency,

training and quality control

For our legitimate interests or those of a third

party, i.e. to be as efficient as we can so we

can deliver the best service for you.

Ensuring the confidentiality of commercially

sensitive information

For our legitimate interests or those of a third

party.

To comply with our legal and regulatory

obligations

Preventing unauthorised access and modifications

to systems

For our legitimate interests or those of a third

party, e.g. to prevent and detect criminal

activity that could be damaging for us and for

you

To comply with our legal and regulatory

obligations

Updating and enhancing applicants’ records For the performance of our services or to take

steps at your request before entering into those

services.

To comply with our legal and regulatory

obligations

For our legitimate interests or those of a third

party, e.g. making sure that we can keep in

touch with the applicants

Statutory returns To comply with our legal and regulatory

obligations

Ensuring safe working practices, staff

administration and assessments

To comply with our legal and regulatory

obligations

For our legitimate interests or those of a third

party, e.g. to make sure we are following our

own internal procedures and working

efficiently so we can deliver the best service to

youWhat we use your personal data for Our reasons

External audits and quality checks, e.g. for the

Charity Commission and the audit of our accounts

To comply with our legal and regulatory

obligations

The above table does not apply to special category personal data, which we will only process with

your explicit consent.

Who we share your personal data with

We routinely share personal data with:

 professional advisers who we instruct to assist us in carrying out our services to you, e.g.

solicitors (Raworths LLP of Harrogate HG1 1HF), accountants, tax advisors or other

experts;

 external auditors, e.g. the Charity Commission and the audit of our accounts;

 our banks; and

 external service suppliers, representatives and agents that we use to make our Foundation

more efficient, e.g. administration services, shredding or off site back-up server providers.

We only allow our service providers to handle your personal data if we are satisfied they take

appropriate measures to protect your personal data. We also impose contractual obligations on service

providers to ensure they can only use your personal data to provide services to us and to you.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to

comply with our legal and regulatory obligations.

We will not share your personal data with any other third party.

Information collected from other sources

We may also obtain personal information from other sources such as:

 Companies House, HM Land Registry or the Charity Commission; and

 via IT systems, for example a document management system or automated monitoring of our

systems, such as our computer networks and systems.

How long your personal information will be kept

We will hold personal data for 10 years. We take the view that we can hold the personal data for

this time due to the probability of reapplications.

YOUR RIGHTS

Under the General Data Protection Regulation you have a number of important rights free of charge.

In summary, those include rights to:

• fair processing of information and transparency over how we use your use personal

information;

• access to your personal information and to certain other supplementary information that this

Privacy Notice is already designed to address;

• require us to correct any mistakes in your information which we hold;

• require the erasure of personal information concerning you in certain situations;

• receive the personal information concerning you which you have provided to us, in a

structured, commonly used and machine-readable format and have the right to transmit those

data to a third party in certain situations;• object in certain other situations to our continued processing of your personal information;

and

• otherwise restrict our processing of your personal information in certain circumstances.

If you would like to exercise any of those rights, please:

• email, call or write to us (See ‘How to contact us’ below);

• let us have enough information to identify you ;

• let us have proof of your identity and address (a copy of your driving licence or passport and

a recent utility or credit card bill); and

• let us know the information to which your request relates, including any reference numbers, if

you have them.

KEEPING YOUR PERSONAL INFORMATION SECURE

We have appropriate security measures in place to prevent personal information from being

accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal

information to those who have a genuine business need to know it. Those processing your information

will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you

and any applicable regulator of a suspected data security breach where we are legally required to do

so.

HOW TO COMPLAIN

We hope that we can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory

authority, in particular in the European Union (or European Economic Area) state where you work,

normally live or where any alleged infringement of data protection laws occurred. The supervisory

authority in the UK is the Information Commissioner who may be contacted at

https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

CHANGES TO THIS PRIVACY NOTICE

This privacy notice was published in December 2022.

We may change this privacy notice from time to time, when we do we will inform you via this

website.

HOW TO CONTACT US

Please contact us if you have any questions about this privacy notice or the information we hold about

you.

If you wish to contact us, please send an email to seedkeepfoundation@raworths.co.uk, write to The

Seedkeep Foundation c/o Raworths LLP, 89 Station Parade, Harrogate, North Yorkshire, HG1 1HF,

or call 01423 566666 and specify that it is in relation to The Seedkeep Foundation.