Privacy Policy

Fair Processing Notice

This privacy policy is provided by Power to Change Trust, a charity registered in England with registered charity number 1159982, whose main address is Clarence Centre, 6 St Georges Circus, London, SE1 6FE (“we” or “us”).

From time to time, as part of running our business, we collect and use certain personal information about individuals with whom we have contact, including in relation to our Twine software products and related services that we provide (we refer to such individuals in this notice as “contacts” or “you”).

Under data protection law, as a data controller, we have certain legal responsibilities about how we collect, use and share your personal information.  

  1. This privacy policy is provided by Power to Change Trust, a charity registered in England with registered charity number 1159982, whose main address is Clarence Centre, 6 St Georges Circus, London, SE1 6FE (“we” or “us”).

    From time to time, as part of running our business, we collect and use certain personal information about individuals with whom we have contact, including in relation to our Twine software products and related services that we provide (we refer to such individuals in this notice as “contacts” or “you”).

    Under data protection law, as a data controller, we have certain legal responsibilities about how we collect, use and share your personal information.  

    This policy explains our privacy practices and covers the following:

    • The type of individuals whose personal information we collect
    • What personal information about you we collect and use
    • How we use your personal information
    • Who we share your personal information with
    • How long we retain your personal information for
    • Any transfers involving your personal information
    • How we legally justify using and sharing your personal information
    • Your legal rights in relation to your personal information
    • Other relevant information, including how to contact us
  2. Whose personal information do we collect

    We collect and use personal information relating to the following types of individuals:

    • Our existing customers - we collect and use contact details of people who we liaise with at organisations who are our existing customers i.e. organisations who purchase the Twine software and related services.  
    • Other individuals associated with our customers - we receive personal information from our customers, concerning various individuals with whom they have contact, including volunteers, their own clients and other types of individual with whom they have contact.  We refer to such individuals in this policy as “clients of our customers”.  We use this on our Twine software, to provide reports back to the customer’s business.
    • Users of the Twine mobile app and Twine software - if you use our Twine software, including the Twine app, then we will collect and use certain personal information about you.
    • Our business partners - we collect and use certain personal information about contacts who work at organisations who provide goods and services to us, i.e. our suppliers and organisations with whom we partner to provide our products and services. 
    • Potential customers - you may express an interest in our Twine software and services, for example by phoning us or registering an interest on our website.  We also send marketing communications to potential customers – please see paragraphs 4(c) and 8 below for more information. 
    • Other third parties - from time to time we may also collect information about contacts at other third party organisations, such as potential partners, community businesses, grantees (organisations are nominated for a Twine account), organisations who provide grants and contacts who work for other organisations in the industry.  
  3. What personal information about you we collect and use

    Regardless of whose personal data we collect and use as indicated above, the information will only include (as a maximum) your name, email, phone number (work and/or possibly your personal mobile number), place of work and job title.  Please also see under paragraph 3(b) below regarding some situations where certain individuals may voluntarily provide our customers with details of their age and gender.  Therefore, all information which we collect about you will be in a “business to business” context and will not contain any sensitive information or information relating to your home life (other than personal mobile numbers).  

  4. Sources of personal information

    1. Referrals occasionally we receive referrals from customers, partners and other third parties, passing someone’s contact details to us who they think may be interested in our Twine products and services.
    2. From our customers - if you are a client of our customer, then we may receive personal information about you from our customer, for instance if you interact as a client or volunteer with a local business, then we may receive your email address, your phone number, and, at your discretion, your age and gender.Information from your employer  your employer may pass us your contact details.
    3. Information you provide - the information you provide when you get in touch with us, for instance registering an interest via our website or if we meet at a networking event and your provide your business card. 

  5. How we use your personal information

    1. Day to day communications – we need to communicate effectively and efficiently with our customers, end users, partners and other parties, in order to facilitate our provision of high quality and timely communications, products and services. Similarly, where your organisation provides services to us, we will need to know which individuals at your organisation we need to communicate with and keep details of your personal information on our systems.  Therefore, we use personal information for day to day communications with such parties. Our communication methods include social media, written correspondence, email, telephone and face to face meetings. 
    2. Use in our Twine software and services – our Twine software and services use personal information about individuals, particularly clients of customer’s.  Our Twine software and services store and use this information, to produce BI reports, conduct other analysis and provide other information which is shared back with that particular customer.  We also produce reports which are shared with a wider group of third parties and customers – however, such reports are fully anonymised so do not contain any personal information. Our Twine platform is cloud based and therefore is also stored by third parties, on their servers (as well as on our databases).  Please see further details at paragraphs 5 and 7 below. Examples of particular services which we operate relating to Twine include support services, which we provide by phone, online conference calls, face to face meetings and email.   We also use social media to communicate with existing customers and users of our Twine software and services including through:
      1. WhatsApp – we use WhatsApp to liaise with existing customers; 
      2. Via Facebook – we run a Twine user support group.
    3. Managing accounts – we process personal information in relation to setting up and managing accounts with our customers, suppliers and partners, and will use personal information in this regard, for related internal administration. 
    4. Marketing – as a business, we want to make people aware of the range of products and services which we can offer, for instance making existing customers aware of new solutions and special offers, but also telling potential customers about our Twine software and services.  We keep lists of contacts on our client relationship management (CRM) system called Hubspot (see paragraphs 5 and 7 below for further details of Hubspot), and from time to time we may send marketing information to you by phone and email.  However, we will only send you marketing emails and other communications where we have first obtained your consent to our doing so, for instance we may telephone you to discuss our Twine software where you have expressly asked us to do so.  Please see paragraph 9 below regarding your right to object at any time to receiving direct marketing information.
    5. Campaigns – surveys and competitions - If you are a customer or end user of Twine software, we will, from time to time, send you survey campaigns and feedback questionnaires about the Twine software and services,.  This is a simple questionnaire which asks you to rate the software – it does not collect any more data about you, and it is up to you whether or not you choose to fill in the questionnaire. 
  6. Parties who we share your personal information with

    We share your personal information with the following parties: 

    1. Occam Technologies Inc. – who are a third party supplier, who provide software and services which enable us to deliver the Twine platform.  We only send them your email address.  
    2. Nexmo – who provide support services to us in relation to the Twine software.  They only receive phone numbers and the content of messages relating to support.
    3. Hubspot – provider of our CRM system, who provide a hosted solution and will have potential access to the details set out at paragraph 2 above. 
    4. Various other providers of miscellaneous, software and cloud services, that we appoint for the provision of supporting tools, that enable us to store and manage contact information, but on a more ancillary basis than in respect of the third parties listed above. This may include organisations such as MailChimp, Calendly, GoogleDrive, Skype, and other similar providers of such software and cloud services whom we may appoint from time to time.

    Please see paragraph 7 below regarding details of international transfers to these parties.  

  7. How long we retain your personal information for

    The length of time that we retain your personal information for varies, according to the type of individual whose personal information we have collected, and what this is being used for:

    Type of IndividualPurposeApplication retention period
    Our existing customersProviding our Twine software and services, day to day communications Campaigns Managing and setting up the accountFor the duration of the contract between us and the customer + 7 years.   However, we will seek to anonymise as much personal information as possible once the contract comes to an end.
    Clients of our customersUse in our Twine software and services
    End users of the Twine softwareProviding our Twine software and services Campaigns Managing the account
    Our business partnersReceiving services Managing and setting up accountsFor the duration of the contract between us and the business partner + 7 years.  However, we will seek to anonymise as much personal information as possible once the contract comes to an end.
    Potential customersMarketingWe will review the personal information that we hold on such individuals every 6 months and unless we have regular contact with you or a reasonable prospect of establishing a relationship with you or your organisaiton, we will delete or anonymise such personal information.
    Other third partiesDay to day communications, marketing
  8. Transfers of your personal information

    Under data protection law, when personal information is being transferred outside the European Economic Area (EEA), we as data controller, are under an obligation to ensure that such transfer is performed in a manner that ensures that your personal information is adequately protected.  Details of the transfers, and how the data is protected, are set out below:

    Party to whom we transfer personal informationAmazon Web ServicesOccam Technologies Inc.NexmoHubspot
    Country to where we transferUnited StatesUnited States and KenyaUnited StatesUnited States
    What that party does with the personal informationAs part of operating the Twine App, we use a hosting provider, Amazon Web Services (AWS), which operates servers located in the United States.Frontline provide a software tool that enables us to conduct text messaging related surveys, as part of the Twine software package.Support and maintenance of the Twine softwareHubspot provide a CRM platform for us and host the data on their servers in the United States. 
    How that data is protected in accordance with data protection lawIn these circumstances the personal information will be transferred to and stored by AWS in accordance with the EU-U.S. Privacy Shield, which has been approved by the European Commission as offering adequate levels of protection and therefore complies with data protection law.We have put in place the EU approved standard contract clauses between us and Occam, which ensures that any personal data of yours transferred to Occam is adequately protected.  We have put in place the EU approved standard contract clauses between us and Nexmo, which ensures that any personal data of yours transferred to Nexmo is adequately protected.  In these circumstances the personal information will be transferred to and stored by Hubspot in accordance with the EU-U.S. Privacy Shield, which has been approved by the European Commission as offering adequate levels of protection and therefore complies with data protection law.
    How to find out more informationYou can find more information about AWS’s certification with Privacy Shield at: https://aws.amazon.com/complia...If you would like to receive a copy of the signed model clauses in place between us and Occam, please contact us using the contact details set out at paragraph 10 below.If you would like to receive a copy of the signed model clauses in place between us and Nexmo, please contact us using the contact details set out at paragraph 10 below.You can find more information about Hubspot’s certification with Privacy Shield at:  https://www.privacyshield.gov/participant?id=a2zt0000000TN8pAAG&status=Active

    In respect of the other miscellaneous third parties listed at paragraph 5(d) above whom we appoint from time to time to provide certain ancillary software and services, and who may potentially be able to access your personal information, we will likewise ensure that where such third parties are based outside of the EEA, that any transfer of personal data to them is conducted in a legally compliant manner.  If you would like further information on the identity of these parties, their location and what steps we have taken to ensure that a transfer of your personal information to them is compliant with data protection law, please feel free to get in touch with us.

  9. Legal grounds for processing your personal information.

    Every use that we make of your information must meet a legal ground in the list set out by data protection law.   The legal grounds which we rely on are as follows:

    1. For marketing purposes - the legal ground which is relevant to us contacting you to provide you with marketing information (whether by phone or email) is your explicit consent.  You can withdraw your consent to this at any time by informing us in writing (including by email), which will mean that we will no longer send you such marketing communications.
    2. For all other uses - the legal ground which is relevant to us processing your personal information for the other purposes outlined in this privacy policy is: to achieve our legitimate business interests, in a situation where your rights are not jeopardised so as to override this. Our legitimate business interests would include: 
      1. enabling us to provide effective communications with our customers and partners, 
      2. managing accounts and relationships with customers and partners;
      3. to operate our software and related services efficiently; and 
      4. to help us improve the use of data and learning in the community organisations sector.  
  10. Your rights in relation to your personal information

    If you have any questions in relation to our use of your personal information, you should first contact us using the contact details in paragraph 10 below. Under certain conditions, you may have the right to:

    1. require us to provide you with further details on the use we make of your personal information;
    2. require us to provide you with an electronic copy of personal information that you have provided to us;
    3. require us to update any inaccuracies in the personal information we hold;
    4. require us to transfer a copy of your personal information to another data controller, in a structured,  machine readable and commonly used format;
    5. withdraw consent to us sending you marketing information, which you can do at any time;
    6. require us to delete any personal information that we no longer have a lawful ground to use;
    7. require us to restrict our use of your personal information;
    8. complain to the Information Commissioner at any time;
    9. object to use of your personal information for direct marketing purposes;
    10. object to our uses of your personal information which are based on the 'legitimate interests' legal ground, as indicated above.  If any of our uses of your personal information based only on this legal ground is causing you undue harm, then we must cease using your personal information for that purpose.

    Your exercise of these rights is subject to certain conditions and exemptions, for example to safeguard the public interest in investigating crimes, or protecting legal privilege. If you exercise any of these rights we will check your entitlement and respond in most cases within a month.

    If you are not satisfied with our use of your personal information or our response to you, you can complain to the contact listed at paragraph 10 below.

  11. Other Information

    We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to your personal information, by contacting us as set out below.

    From time to time, we may make changes to the Twine software, without notice, and consequently our privacy policy may change at any time in the future. We therefore encourage you to review it from time to time to stay informed of how we are using your personal information.  

    We are required to employ adequate technical and organisational security measures to protect your personal information from any loss, destruction, damage or unlawful disclosure.  However, no transmission over the internet can ever be guaranteed as secure.  Consequently, please note that we cannot guarantee the security of any personal information which you transfer via the internet to us.

    If you have questions about either this privacy policy, please contact the Twine Project Officer whose contact details are as follows:  powertochangeTwine@gmail.com , 07520619084

Untitled-1Untitled-1Untitled-1Untitled-1