£
Personal Info

Credit Card Info
This is a secure SSL encrypted payment.

Terms

Donation Total: £1.00

privacy

Privacy Policy Dildil

 

1. Introduction

DilDil.org (“we”, “us”, “our”, “the Charity”) is committed to protecting and respecting your privacy. This Privacy Policy (also known as a privacy notice) sets out how we collect, use, share, store, and protect your personal data, and explains your rights in relation to your personal data, in accordance with UK data protection laws (the UK GDPR and Data Protection Act 2018).

This policy applies to visitors and users of the DilDil.org website, as well as individuals who interact with us via other channels (e.g. by email, telephone, events, volunteering, donations, and general communications) when we collect or process their personal data.

By using our website or providing us with your personal data, you consent to the collection, use, disclosure, and retention of your personal data as described in this policy (unless a different lawful basis applies).

If you have any questions about this policy or how we use your personal data, please contact us (see Section 14).

2. Who we are / Data controller

DilDil.org is the data controller for the personal data you provide to us or which we collect. This means we are responsible for deciding how we use your personal data and ensuring it is used in accordance with applicable law.

Our registered address, charity number, and contact details should be inserted here.

If we appoint a Data Protection Officer (DPO) or a responsible privacy contact, their name and contact details should also be listed.

3. The personal data we collect / what information we hold

We collect and process different types of personal data depending on how you interact with us. Below are examples of categories of data we may collect:

a) Identity & contact information

  • Name, title

  • Email address

  • Postal address

  • Telephone / mobile number

  • Organisation name (if relevant)

b) Transaction / donation / payment data

  • Donation amounts and history

  • Gift Aid declarations

  • Records of transactions with us

c) Communications data

  • Emails / newsletters / campaign responses

  • Survey responses

  • Correspondence (via email, telephone, post)

d) Usage / technical data (website & digital)

  • Internet Protocol (IP) address

  • Browser type and version

  • Operating system

  • Referring website / pages visited / clickstream data

  • Time, date, and duration of visits

  • Cookies / tracking data (see Section 7)

e) Volunteering / event / beneficiary / service user data

  • If you volunteer, attend an event, use our services or apply to be involved, we may collect additional data, such as:
    • Emergency contact
    • Skills, qualifications, interests
    • Dietary or medical requirements (if relevant for an event)
    • Records of attendance, participation, feedback
    • (If relevant) information about your background e.g. in grant applications, assessments, or eligibility

f) Sensitive / special category data

Where strictly needed and lawful, we may collect special categories of personal data (for example health or medical info, or in the context of safeguarding) — but only with your explicit consent or where another lawful basis applies, and with extra safeguards.

4. How we use your personal data / our lawful bases

We only process your personal data when we have a lawful basis to do so under UK data protection law. Common lawful bases we rely on include:

  • Consent: Where you have given your explicit permission (e.g. subscribing to a newsletter, volunteer sign-up). You may withdraw consent at any time.

  • Contractual necessity / performance: Where processing is necessary to perform a contract with you (e.g. processing payment for a service, fulfilling your request).

  • Legal obligation: Where we have a legal duty (e.g. for accounting, regulatory, auditing or reporting).

  • Legitimate interests: For our legitimate purposes (e.g. administration, communications, improving our services), provided these do not override your rights and freedoms.

Some of the ways in which we use your personal data include:

  • To register you as a user, donor, volunteer, event attendee, or service user

  • To process donations, payments, administer gift aid

  • To send you information about our work, newsletters, appeals, events (based on your communications preferences)

  • To respond to your enquiries, feedback, requests

  • To manage our relationship with you (including record-keeping, audits, reporting)

  • To improve our website, services, content and user experience

  • To monitor usage and gather analytics (e.g. via cookies)

  • To comply with legal or regulatory obligations (e.g. accounting, reporting to funders, safeguarding requirements)

  • To prevent fraud or misuse

If we decide to use your personal data for purposes other than those set out above, we will notify you at the time and, if required, seek your consent.

5. Sharing your personal data

We may share your personal data with third parties in certain circumstances, always subject to appropriate safeguards. Such parties may include:

  • Service providers / processors: companies who provide services on our behalf (e.g. payment processors, IT hosting, email mailing tools, CRM systems)

  • Funders, grant-makers or partners: where required or agreed, subject to confidentiality and data sharing agreements

  • Professional advisers: such as auditors, lawyers, consultants

  • Regulatory or governmental bodies: where required by law or regulation

  • In connection with a merger, acquisition or reorganisation: only if DilDil merges or transfers part of its operations

  • Safeguarding or external bodies: to protect individuals where there is a legal duty or serious risk

We will ensure that any third parties to whom we transfer your personal data adhere to equivalent standards of privacy, protection and security (e.g. via contracts, data processing agreements).

If we transfer your data outside the UK, we will only do so in compliance with data protection law (e.g. using standard contractual clauses, UK adequacy decisions, or other approved transfer mechanisms).

6. Data retention / how long we keep your data

We will retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including any legal, accounting, reporting or regulatory requirements.

After that, we will either securely delete, anonymise or destroy your personal data. In some cases, we may retain a minimal record (name, donation history, and date) for archival, audit or charitable history purposes, unless you request otherwise.

We periodically review our data retention policies to ensure compliance with legal and operational needs.

7. Cookies and tracking technologies

When you visit our website, we (and our third-party service providers) may use cookies and similar tracking technologies (e.g. pixels, analytics) to collect information about your browsing behaviour (e.g., which pages you visit, how long, what you click). This helps us understand usage, improve the site, and deliver a better user experience.

We distinguish between:

  • Strictly necessary cookies: required for core website functionality

  • Performance / analytics cookies: to measure and analyse site use

  • Functionality cookies: to remember your preferences (e.g. language, login status)

  • Targeting / marketing cookies: to deliver relevant content or adverts (if applicable)

You can usually block or delete cookies through your browser settings. Please note that disabling certain cookies may affect the functionality or performance of the site.

For full details, please see our separate Cookie Policy (if you maintain one) or a “Cookies” section in your website footer.

8. Security and protection of personal data

We use appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction or damage. Some of these measures include:

  • Encryption, pseudonymisation (where feasible)

  • Access controls and authentication

  • Secure servers and firewalls

  • Regular backups

  • Internal policies, staff training, confidentiality obligations

  • Periodic audits and reviews of security

While we strive to protect your data, no system is perfect or immune to risk. In the event of a data breach, we will follow our data breach response procedure and, if required, notify the Information Commissioner’s Office (ICO) and affected individuals in accordance with the law.

9. Your rights

Under UK data protection law, you have a number of rights concerning your personal data. These include:

  1. Right to be informed / access — you may request confirmation of whether we process your personal data and, if so, access to it and certain information about that processing.

  2. Right of rectification — you can ask us to correct inaccurate or incomplete data about you.

  3. Right to erasure (“right to be forgotten”) — in certain circumstances you may ask us to delete your data.

  4. Right to restrict processing — you may ask us to limit how we process your data in certain circumstances.

  5. Right to data portability — where applicable, you may request to receive your data in a structured, machine-readable format and/or transmit it to another controller.

  6. Right to object — you may object to our processing based on legitimate interests or for direct marketing.

  7. Right to withdraw consent — where we process your data on the basis of consent, you can withdraw it at any time, without affecting the lawfulness of past processing.

  8. Rights relating to automated decision-making / profiling — if we use automated decision making or profiling (if applicable), you may have additional rights (e.g. human review).

If you wish to exercise any of these rights, please contact us (see Section 14). We will respond within one month (or longer if complexity demands, as permitted by law). We may ask you to provide proof of identity before acting on your request.

You also have the right to lodge a complaint with the UK’s Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed.

10. Marketing / communications preferences

We may from time to time send you newsletters, appeals, event invitations, or other updates about DilDil.org’s work. We will only send such communications where we have a lawful basis (e.g. consent or legitimate interests) and in compliance with applicable marketing laws.

You can opt out or change your communication preferences at any time via an unsubscribe link in emails or by contacting us directly.

We do not sell your personal data to third parties for marketing purposes.

11. Children and minors

Our website and services are primarily intended for adults. Where we knowingly collect personal data from children (e.g. minors volunteering or participating in specific programmes), we will obtain appropriate consent from a parent or guardian and treat the data in accordance with higher protective standards.

We do not knowingly market to children under 13 years old.

12. Links to other websites

Our site may contain links to external websites (e.g. partners, funders, social media). This Privacy Policy does not apply to those sites. We encourage you to review their privacy policies; we do not accept responsibility for their practices.

13. Changes to this privacy policy

We may update this policy from time to time (for example, as our practices evolve, legal changes, or new features). When we make material changes, we will notify you (e.g. via our website or by contacting you) and update the “Last updated” date above.

Please check this page periodically to stay informed about how we protect your data.

14. Contact us / Data Protection enquiries

If you have any questions, requests or concerns about this policy or how we process your personal data, you may contact:

DilDil.org
Flat 34 Hazlewood Tower, Golborne Gardens, London, England, W10 5DT
Email: info@dildil.org

If you are not satisfied with our response, you have the right to contact the UK Information Commissioner’s Office (ICO).