- About Us
- Oasis Model
- Our Work
- Our Communities
- Get Involved
The Oasis Foundation Privacy Notice – Privacy and Cookies
At Oasis we believe in open, honest and healthy relationships. It is this belief, along with compliance to the law, that shapes the way we communicate with people and manage data.
In a nutshell, we only collect data on you that you give us and only use it and store it in ways that you have specifically said we can.
There are a few exceptions to this. This policy gives you the detail on those exceptions and our approach in general. Have a read, and if you have any other questions, get in touch with us at info@Oasisuk.org
Dealing with the data you give us
There are three main ways which you might give us your personal data:
Let’s chat about these three.
Signing up to one of our mailing lists
This is pretty straightforward. If you opt to sign up to one of our mailing lists, we’ll ask for your contact details and then ask you to take a ‘positive action’ to show that you consent to us contacting you. Usually this will be through ticking a box although we can take verbal consent so long as we’re really, really sure you want to hear from us. Our forms will give you the chance to specify how you want to be contacted (i.e. email, post, phone etc).
At that point you’ll be added to the relevant mailing list and will receive updates, newsletters, appeals and information on campaigns around the relevant topic. In all these communications they’ll be opt out and unsubscribe options. However, if we haven’t heard from you in any way after 5 years we’ll ask you if you still want to hear from us and if we don’t hear anything, we’ll take you off the mailing lists.
Giving us money
As a charity dependent on generous donations we can’t express how grateful we are to the people that give us money. We endeavour to be hugely respectful and careful with any data you give us in this process.
If you donate money to us, we figure you may want to hear news from us. So when you donate online, we’ll give you the chance to sign up to one of our mailing lists – but you don’t have to take it.
If you don’t sign up to a mailing list we will only contact you around matters relating to your donation. We will keep your details recorded for 6 years. We have to do this in order to satisfy requirements of HMRC and our auditors. After this time has expired we’ll delete your details unless we have your consent to keep them.
Buying a product or signing up to a course or event
When you buy a product or sign up to an event, we’ll give you the chance to sign up to one of our mailing lists (or of course, you may already have signed up to one). But you don’t have to do so.
If you are not signed up to one of our mailing lists, we will only use your information to contact your for something transactional about that product (i.e. delivery status) or the event / course (i.e. instructions on how to get to the venue).
If money has changed hands then we will need to keep your details for 6 years in order to satisfy the requirements of HMRC and our auditors. In this scenario we’ll delete your details after 6 years. If there’s no money involved (for example if it’s a free event) we’ll remove your details as soon as the event is over / the product is received etc.
When I give you my data, who am I actually giving it to?
When you give us your data we will only use it for the purposes you’ve given us consent to use it form. This data will be held by Oasis in the UK which in and of itself is a group of charities:
However, you need to be aware that if you have given your data to Oasis in a country outside the UK, we can’t access it. Similarly if you’ve given it to us, we can’t pass it on to them. If you’ve given data to us and to another Oasis country, you have a separate relationship with Oasis in the UK and Oasis in the respective country.
This Privacy Notice covers the work of the Oasis Foundation which is responsible for four websites: oasisglobal.org, oasisuk.org, oasis.foundaiton and openchurch.network.
Therefore if you have given data to Oasis in more than one country and would need to ask each individual country to delete that data.
Hope this makes sense. Get in touch with us if not.
What happens when I ask for my data to be deleted?
If you get in touch to say you don’t want to hear from Oasis anymore, we’ll immediately remove you from all the mailing lists you’re currently subscribed to.
We’ll then do an internal trawl to find out exactly what data we hold on you across the Oasis family in the UK. This may take a couple of weeks.
As a general rule, we’ll delete all that information. The only exceptions are if we have (what the law calls) legitimate interest or another legal basis to retain that data. This will usually be because:
Will you share my data with anyone?
There are a few people that we may HAVE to share your data with. For example, if you’ve given money to us and claimed gift aid (again, thank you) than we have to share that info with HMRC. Similarly your donation may have been processed through PayPal and we use various other financial management systems where we would enter some of your data.
There’s also some third party suppliers we may need to give your personal data to if we’re going to be communicating with you. For example, if we’re going to post you our Christmas newsletter we’ll need to give your name and address to our printers. We have really good agreements in place with third party suppliers to ensure your data is protected. Just let us know if you want details.
What we never do however is sell your data or swap it with other charities or organisations.
Will you ever profile my data?
In some limited circumstances we may combine personal information you have given us with information that is available in the public domain. This is to create a profile of your interests and preferences that help us to get to know you better and engage better with you. Anything like this would be in the public domain – published biographies, employment interests, media coverage, social media. If you’re not happy about this, please do get in touch with us at email@example.com.
What about cookies and IP addresses? An IP address counts as my personal information.
It certainly does.
In terms of IP addresses, all of our websites do track and store these. We need to for security reasons. However, we make sure that our web hosting company regularly delete these.
A Cookie sounds like a biscuit – but sadly it’s not. A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Most browsers allow you to refuse to accept cookies. For example:
(a) in Internet Explorer (version 9) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
(b) in Firefox (version 16) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
(c) in Chrome (version 23), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.
Blocking all cookies will, however, have a negative impact upon the usability of many websites.
If you block cookies, you will not be able to use all the features on this website including but not limited to making donations.
You can also delete cookies already stored on your computer. For example:
(a) in Internet Explorer (version 9), you must manually delete cookie files (you can find instructions for doing so at http://support.microsoft.com/kb/278835);
(b) in Firefox (version 16), you can delete cookies by clicking “Tools”, “Options”, “Privacy” and then “Show Cookies”, and then clicking “Remove All Cookies”;
(c) in Chrome (version 23), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Delete cookies and other site and plug-in data” before clicking “Clear browsing data”.
Again, doing this may have a negative impact on the usability of our website.
Do you ever compile data and use it to contact people without their consent?
There will be people that Oasis feels it has legitimate interest to store the personal information of and make direct contact with. These people will usually fall into one or more of the following people:
Before we contact anyone under the basis of legitimate interest we will conduct an internal assessment to be sure we are within our rights to do so.
Changes to the policy
Thanks for reading this! Final thing to say is that if ever we make significant changes to this policy we’ll get back in touch to check you’re happy.
Thank you again for your interest in Oasis!
If you have any questions about this policy you can contact Gareth Streeter via firstname.lastname@example.org