This Privacy Notice explains the types of personal information we collect, how we use that information, who we share it with and how we protect it.
Who we are
For the purposes of applicable data protection laws, the data controller is Protect (Whistleblowing Advice) Limited, a company limited by guarantee with its registered office at Green House, 244-254 Cambridge Heath Road, London E2 9DA.
What information is covered
“Personal information” or “personal data” means information that enables you to be identified directly or indirectly, either on its own or in combination with other information.
Information we collect through the Advice Line and legal advice services
- Contact information including your name, email address and telephone number.
- Information relating to your employment, including your position, employer and length of employment.
- Information relating to your request for advice, including details of incidents or events.
- A unique case reference number generated to keep a record of your request for advice.
- Special category data where you provide it, including information about trade union membership, health, race, ethnic origin, sexual orientation, political views or religious views.
As a general rule, users of our Advice Line service should not provide us with personal information relating to third party individuals, such as colleagues or managers.
Information we collect through Business Support and Whistleblowing Benchmark
- Your name, job title, email address, phone number, country and desired products.
- Information related to your request for products or services, including billing information and contact details.
- Your communication and marketing preferences.
Where we receive information from Business Support and Benchmark clients about employees, customers or other individuals, the client is responsible for ensuring that the data is transferred to us in compliance with applicable data protection laws.
Information we collect from our website
- Donation information, including your name, email address, donation amount and payment card details.
- Information relating to online browsing activities on our website, including pages visited and other metrics.
How we use your personal information
We use Advice Line and legal advice information to manage our relationship with you, respond to advice requests, keep you informed, verify your identity, provide advice, anonymise information for research and campaigning, review feedback and comply with legal obligations.
We use Business Support and Benchmark information to manage our relationship with your organisation, respond to enquiries, fulfil orders, send service-related messages, provide customer support, prevent fraud, review feedback and, where permitted, send carefully selected information about our products and services.
We use website information to process donations, understand how people use our website, improve user experience, keep our website safe and secure, detect fraud or misuse and, where permitted, deliver relevant website content and marketing.
Direct marketing
Advice Line and general website: we do not use your personal information for direct marketing purposes.
Business Support and Benchmark only: we may send carefully selected information about our products and services. You have the right to opt out of receiving direct marketing at any time.
Sharing your personal information
Your personal information is intended for Protect, but may be shared with third parties where necessary.
- Service providers, including IT, payment processing, web-hosting, online survey, marketing and IT support providers.
- Third-party companies used to audit or improve website content and performance.
- Our pro bono network of lawyers who assist us in delivering Advice Line support.
- Third parties where disclosure is required or permitted by law, including police, regulators, government agencies or judicial authorities.
- Third parties connected with a reorganisation, restructuring, merger, acquisition or transfer of assets.
International transfers
We do not transfer your personal information outside of the EEA.
Your rights
If you are an EEA resident, you may have rights of access, rectification, deletion, restriction, portability, objection and withdrawal of consent.
You can make a request to exercise your rights by emailing [email protected]. For your privacy and security, we may require you to prove your identity before providing requested information.
Complaints to a data protection authority
You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws. In the UK, the Information Commissioner’s Office can be contacted by telephone on +44 0303 123 1113, by email at [email protected], or through www.ico.org.uk.
Security and retention
We use technical and organisational security measures to safeguard personal information, including limiting access to employees and authorised service providers who need to know it, encryption and other administrative, technical and physical safeguards.
We retain personal data only for as long as necessary for the purpose for which it was collected and as permitted by applicable laws. When we no longer need it, we remove it from our systems and records or anonymise it.
Children’s privacy
We will never knowingly collect personal information from individuals under the age of 13 without first obtaining verifiable parental consent. If we become aware that a person under 13 has provided personal information without consent, we will remove it from our files.
Contact
If you have questions or concerns about this Privacy Notice, please email [email protected].
