Ipswich School and The Old Ipswichian Club maintains a database of alumni, friends, supporters, stakeholders and parents in order to stay in touch with our community and keep you updated about news, events, careers initiatives and fundraising activities.
Some of our database (but not all) choose to join our online community by registering on this website and creating an online profile. In both instances (individuals with offline database records and individuals with online profiles), we collect and store personal information (or “data”) about you. We are committed to protecting and respecting your privacy and this Policy sets out what information we collect about you, where and how we use (“process”) it.
We may change this Policy from time to time. If we make any significant changes we will advertise this on the website or contact you directly with the information. Please check this page occasionally to make sure you are happy with any changes.
If you have any questions about this Policy or concerning your personal information, please contact Nikki Brown, Development Director at firstname.lastname@example.org.
For the purposes of the General Data Protection Regulations (GDPR) and any subsequent UK legislation covering data protection, the Data Controller is Ipswich School.
What type of personal information we collect
The information we have about you depends on where we collect it, but may include:
Date of birth
Years at Ipswich School
Higher education and work details
Participation in our events, emails, competitions, surveys and other activities
Donations made to Ipswich School
Log-ins and activity on the website
A record of payments made via the website (but we do not store your credit/ debit card details as these are processed securely externally by a third-party payment provider) which could include event tickets, shop purchases or online donations
Consent options and communication preferences
Content (such as announcements, stories, photos, documents, comments, events, jobs) that you post on this website or provide to us by other means
Where we collect information from
We collect personal information when you:
visit this website
create or update your online profile
complete and return a survey issued by Ipswich School and/or The Old Ipswichian Club
post content on to this website or other websites and social media sites managed by Ipswich School
take part in an event
attend a meeting with us and provide us with information
contact us in any way including online, email, phone, SMS, social media or post
leave Ipswich School and we transfer some basic details about you from the main School database in to this database
How we use your information
We will use your personal information in a number of ways, always with a legal basis for processing your data. These may include:
providing you with the information or updates that you have asked for
sending you communications (with your consent if required) that may be of interest, including invites to events, newsletters and fundraising campaigns
delivering our obligations under any contract between us
seeking your views on the services or activities we carry out, so that we can make improvements
updating our database records and ensuring we know how you prefer to be contacted
analysing your engagement with our website and other content to help us improve our services for you
running the Old Ipswichian Club activities/reunions/sports fixtures/careers activities
Profiling and research for fundraising purposes:
We may use research and limited profiling techniques to target our resources and fundraising activity more effectively, so that we can make appropriate requests to those who have the means and the desire to support Ipswich School financially. We do this in the following ways:
In order to protect the reputation of Ipswich School, certain legal and regulatory obligations may require us to use your personal information to carry out due diligence on your donation. We may need to use publicly available information to conduct ethical screenings on potential donors of a significant gift, to ensure our reputation is protected. This might include researching the sources of the donor’s money, previous business practices and reputation.
If you choose not to have your personal information analysed for due diligence purposes, we may not be able to accept your donation.
Using publicly available information:
When communicating with individuals who have given, or might consider giving, a substantial donation to Ipswich School, we may seek to find out more about that individual, their interests and their motivations for giving, and may invite them to become more involved in supporting Ipswich School.
We do this by collating biographical, financial, corporate and philanthropic information from a wide variety of sources, including information that is held on our database and information that is publicly available. This publicly available information could be obtained by searching for current directorships listed on Companies House or relevant newspaper or media coverage about an individual. This may be carried out internally by the Ipswich School Development Office or by a specialist GDPR compliant third party.
Other sources of data that we use include:
Who’s Who – a source of biographical information about influential people
192.com – a directory of information about people and businesses in the UK
Linkedin.com – an online network of people and businesses interested in connecting with others for career and business opportunities
Zoopla – information about house prices in an area where an individual lives
If you would prefer for us not to use your information in this way please contact us.
Our legal basis for processing your information
The use of your information for the purposes set out above is lawful because one or more of the following applies:
it is necessary for our legitimate interests to hold and use your information and we are not impacting your privacy by doing so
you have given us your consent for the information to be used
it is necessary for us to hold and use your information to carry out our obligations under a contract entered into with you
Updating your consent preferences
If you have an online profile on this website you can update your consent options by logging-in and clicking on “My Settings” in your profile. Scroll down to find your ‘Consent options’ where you will see a list of consents and the options “opt-in”, “opt-out” and “unspecified”.
If we are using consent as our legal basis for processing your data, we must have an explicit “opt-in” from you for this specific type of processing.
If we are using legitimate interests as our legal basis for processing your data, we will process your data responsibly in a way that you would reasonably expect, and you can opt-out at any stage.
If you click ‘unsubscribe’ at the bottom of one of our emails sent you will be automatically opted-out of these types of email communications in the future.
If you want to contact us about your consent preferences please contact Nikki Brown, Development Director by email at email@example.com.
How we keep your information safe
We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.
Your data is stored on a dedicated, secure cloud server hosted by Amazon Web Services (AWS) in the EU and managed by our website provider, ToucanTech. Industry standard firewalls, anti-virus, encryption and back-up methods are in place, as well as strict data handling protocols.
We always ensure only authorised persons have access to your information, which means only our approved employees and contractors, and that everyone who has access is appropriately trained in data management.
If you have an online profile for this website you are responsible for keeping your login details (email and password) confidential and we ask that you do not share your password with anyone.
No data transmission over the internet can be guaranteed to be completely secure. So, whilst we strive to safeguard your information, we cannot guarantee the security of any information you provide online and you do this at your own risk.
Who has access to your information
Third parties who provide services for us, for example collecting or processing data and sending mailings. We select our third-party service providers with care. We provide these third parties with the information that is necessary to provide the service and we will have an agreement in place that requires them to operate with the same care over data protection as we do
Third parties if we run an event in conjunction with them. We will let you know how your data is used when you register for any event
Web hosting, email hosting, analytics and search engine providers that enable us to run our community database and improve our website and its use
Third parties in connection to fundraising research to improve donor relationships and encourage philanthropic giving.
Third parties in connection with restructuring or reorganisation of our operations, for example if we merge with another business. In such event, we will take steps to ensure your privacy rights will be protected by the third party
Other than this, we will not share your information with other organisations without your consent.
Keeping your information up to date
Please would you let us know if your contact details change. Online members can update your details directly by logging-in to the website and clicking on ‘My Settings’ under your profile. You can also update your details by contacting us at firstname.lastname@example.org.
The law states that we can store cookies on your machine if they are essential to the operation of the website, but that for all others we need your permission to do so.
The list below explains the cookies we use and why:
Used to remember you as you travel from page to page in a single session (without leaving the website) in order to provide a continuous and unified experience
Used to remember your login details when you return to the website after previously logging out, by storing them in your browser. This cookie is turned off by default and is only activated when you select the ‘Remember Me’ check box during login.
Opting out of cookies
If you do not wish to receive cookies from us or any other website, you should be able to turn cookies off on your web browser: please follow your browser provider’s instruction in order to do so. Unfortunately, we cannot accept liability for any malfunctioning of your computer or its installed web browser as a result of any attempt to turn off cookies.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
How long we keep your information for
We will hold your personal information for as long as it is necessary for the relevant activity.
Where we rely on your consent to contact you for direct email marketing/ fundraising purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for three years. We may periodically ask you to renew your consent.
If you ask us to stop contacting you, we will keep a record of your contact details and limited information needed to ensure we comply with your request. If you ask us to remove your personal data from our database we will delete all the information we hold out apart from your name and the dates that you attended Ipswich School and archive your record in our database. Keeping your name (but archiving your record) allows us to ensure you are not re-added to the database in the future after any change of Ipswich School personnel.
You have the right to request details of how we use your personal information through making a subject access request. Such requests have to be made in writing by contacting email@example.com
You also have the following rights:
to request rectification of information that is inaccurate or out of date;
to erasure of your information (the “right to be forgotten”);
to restrict the way in which we are dealing with and using your information;
to request that your information be provided to you in a format that is secure and suitable for re-use (the “right to portability”);
in relation to automated decision making and profiling.