Privacy Statement & Donor Bill of Rights

Privacy Statement and Donor Bill of Rights

Tom and Olli

The H.E.A.R.T.S. Charitable Trust is committed to protecting your privacy and your rights as a donor.

Protecting your privacy

The H.E.A.R.T.S. Charitable Trust, incorporated as a charitable trust and registered as a charitable entity (CC51224), and its related entities are totally committed to protecting your personal information. Please read this statement carefully as it describes how we handle your personal information.

In accordance with the New Zealand Privacy Act 1993, we at The H.E.A.R.T.S. Charitable Trust maintain high standards for the protection of data to ensure that donor information remains private and is only used for the purpose it was collected.

Your personal information is stored in secure databases in New Zealand.

As required by the Privacy Act 1993, we follow strict security procedures in the storage and disclosure of your personal information. These security procedures mean that we may occasionally request proof of identity before we are able to disclose sensitive information to you.

This Statement is regularly reviewed and if necessary updated to meet legal requirements for privacy. We may revise this Privacy Statement by publishing a revised version on our website. That revised version takes effect from the time it is published.

Personal information

‘Personal information’ simply put is any information or opinion that can identify or be used to identify you. We collect and hold personal information from our donors, supporters, volunteers, contractors, visitors to our field programs, and other individuals. For example, if you are a donor, we would collect and hold your name, address, e-mail address in order to process your donations accurately. From time to time, we may collect more detailed personal information, such as when we conduct surveys, but provision of more detailed information is purely voluntary.

Personal information about you may also be collected by us when you speak to someone from our team by phone or send us information via email or postal mail.

Rest assured, we’ll only gather your data when you supply this to us voluntarily. We use this information to ensure we fulfill your request(s).

Collection of personal information

Most of the time, we collect personal information directly from individuals like you at the time you deal with us. For example, when you make a donation, send us an email or sign the release form at our premises. From time to time we may obtain personal information from third parties. When we do so, we will take reasonable steps to ensure that we make you aware of the collection of your information in accordance with New Zealand privacy law.

We collect information about our supporters and website users, including:

Personal information that you provide voluntarily when registering and completing forms (such as when you make a donation)

Use of personal information

We use your personal information primarily to:

  1. Process your donations accurately

  2. Communicate with you on matters relevant to your donations (e.g. from time to time provide you with information about us that may be of interest to you)

  3. Providing you with any other services you have requested

  4. Using the information for any other purposes for which you give us permission.

If you decide not to provide personal information, we may not be able to carry out these activities and functions.

Communications from us

We may use your personal information to send direct marketing messages or if we feel it is appropriate to the nature of your relationship with us, e.g. if you make a donation to an appeal, you will receive information about future appeals. Or if you have participated in one of our workshops or training, we will send you information about future events.

We do not wish to send communications to you that you do not want to receive.

If at any stage you feel that you are receiving communications of any kind from us that you do not want, please contact us. Please allow seven days for us to process your request.

We do not sell your personal information to third parties and, except as provided for in this Privacy Statement we do not make your personal information available to third parties.

Use of email or mobile number for donor communications

During your interactions with us via the website or phone, you can supply an email address which we will use to contact you about our service. We do not sell or rent email addresses to third-party organisations.

By default, a visitor/donor is:

  1. opted-in to regular monthly and/or weekly account updates

  2. opted-in to our service announcements

  3. opted-in to receive survey invitations to help us improve our service to you.

If you’d rather not receive these types of communications please contact us.

Disclosure of personal information

We generally do not disclose personal information to other organisations unless we believe it is reasonably necessary to conduct the functions and activities of The H.E.A.R.T.S. Charitable Trust, if you give your consent or if it is required or authorised by law including in emergency situations or to assist law enforcement.

Security of personal information

We take all reasonable steps to ensure the security of personal information by storing it in a secure environment. If contract service providers are used, they will be bound by our Confidentiality Policy. We require our employees, contractors, volunteers, and third-party service providers to respect and protect the confidentiality of personal information we hold.

We keep your information safe by storing it in encrypted files and only allowing certain staff to access it.

This website has security measures designed by the website provider Squarespace who have a dedicated security team that guides the implementation of controls, processes, and procedures governing the security of Squarespace and its customers. To see the full information on what these measures are, please go to https://www.squarespace.com/measures.

Secure pages on our website are protected by an SSL certificate. A security icon visible on your screen, for example a padlock, confirms that your browser supports SSL security. Click on the security icon to verify the security certificate on this website.

However, all unencrypted information exchanged via the internet may be accessed and used by people other than those for whom it is intended, for example if you send us any personal information by email it is sent at your own risk.

Access to, correction of and deletion of personal information

You may at any time request access to, correction of or deletion of any personal information about you held by us.

Please feel free to contact us to talk about your personal information or the communication we send you.

We are happy to provide you with any personal information that we hold about you, at any time. If it is wrong, we will correct it.

Dealing with us anonymously

You may request us to deal with you anonymously or through a pseudonym. We will accommodate your request if it is lawful and practical for us to do so. For example, it may not be possible for us to process your donations or accept you as a volunteer if you do not provide the necessary personal information.

Cookies

When you use our website, we may collect personal information from you automatically through cookies including: your IP address and or domain name; your operating system (type of browser and platform); and the date, time and length of your visit to the website. We use this information primarily for the compilation of statistical information about the use of our website. Most web browsers are set by default to accept cookies. However, if you do not wish to receive any cookies, you may set your browser to either prompt you to refuse cookies or automatically refuse cookies.

Links to other websites

The H.E.A.R.T.S. Charitable Trust website may contain links to third party websites, and third-party websites may also have links to The H.E.A.R.T.S. Charitable Trust website. Our Privacy Policy does not apply to external links or other websites. These third-party websites may collect your personal information. We encourage you to read the privacy policies of any website you link to from our website.

Security of online donations and transactions

Donations made online on The H.E.A.R.T.S. Charitable Trust website are processed in real time using a secure payment gateway. Donations are processed in New Zealand (and for all other countries) in New Zealand Dollars. If you have any questions or concerns about making an online donation to The H.E.A.R.T.S. Charitable Trust please contact us.

We will always ensure that your privacy is protected when using our website or when personal data is provided to us by you or another party.

Your data is not permanently stored on our website.

When you send us an email, it is not encrypted and is therefore not secure.

Credit and debit card security

We work diligently to protect the security of your personal cardholder information, including credit and debit card information.

When you submit personal information including credit card details, a secure server is used. Our electronic database is secured by a firewall to ensure, so far as practicable, that it is not accessed by unauthorised parties. This website has security measures designed to protect against the loss, misuse and/or alteration to your personal information under our control. Secure pages on our website are protected by an SSL certificate. A security icon visible on your screen, for example a padlock, confirms that your browser supports SSL security. Click on the security icon to verify the security certificate on this website.

It is important for you to protect against unauthorised access to your information and to your computer. Ensure you logout when you have finished, especially if using a shared computer.

If you send us personal cardholder data by email or by postal mail or provide us with this information over the phone, we have strict processes in place to ensure that we meet the Payment Card Industry Security Standard Council’s payment card industry data security standards and only store cardholder data in a secure encrypted environment.

Job applicants

When The H.E.A.R.T.S. Charitable Trust receives an application for employment personal information that was included in the application may be collected, such as your contact details, career history, education details, eligibility to work in New Zealand, written references and other career-related information. This may also include sensitive information, such as medical information or criminal history.

The following personal information may also be obtained from third parties:

  1. Personal information through a recruitment service provider

  2. Prior employment history from previous employers or nominated referees

  3. Criminal record history, by way of a criminal history check

  4. Eligibility to work in New Zealand, by way of a visa status check

  5. Educational qualifications, by way of requesting confirmation of qualifications or results from an academic institution.

If personal information is obtained from third parties, reasonable and practicable steps will be taken at or before the time of collection (or as soon as practicable after collection) to notify an individual, or otherwise to ensure awareness of the collection of personal information.

Personal information may be collected during the recruitment process for the purpose of assessing and progressing an application, inviting applicants to apply for future positions of interest at The Foundation and conducting statistical reporting and analysis in relation to the recruitment processes. Your personal information for future job opportunities may be held, unless specifically requested to be deleted.

By applying for a job and providing your personal information, an individual is providing consent to collect personal information, using and disclosing it for the purposes set out in this Privacy Statement. This may include disclosing your personal information to referees and also to other third parties that we use to help with the recruitment process. Personal information may also be disclosed to law enforcement agencies to verify whether an individual has a criminal record.

The Donor Bill of Rights

The H.E.A.R.T.S. Charitable Trust is committed to upholding the international Donor Bill of Rights.

Philanthropy is based on voluntary action for the common good. It is a tradition of giving and sharing that is primary to the quality of life. To assure that philanthropy merits the respect and trust of the general public, and that donors and prospective donors can have full confidence in the not-for-profit organisations and causes they are asked to support, we declare that all donors have these rights:

  1. To be informed of The H.E.A.R.T.S. Charitable Trust mission, the way The H.E.A.R.T.S. Charitable Trust intends to use donated resources, and its capacity to use donations effectively for their intended purposes

  2. To be informed of the identity of those serving on The H.E.A.R.T.S. Charitable Trust’s governing board, and to expect the board to exercise prudent judgment in its stewardship responsibilities

  3. To have access to The H.E.A.R.T.S. Charitable Trust’s most recent financial statements

  4. To be assured their gifts will be used for the purposes for which they were given

  5. To receive appropriate acknowledgment and recognition

  6. To be assured that information about their donations is handled with respect and with confidentiality to the extent provided by law

  7. To expect that all relationships with individuals representing organisations of interest to the donor will be professional in nature

  8. To be informed whether those seeking donations are volunteers, employees of the organisation or hired solicitors

  9. To have the opportunity for their names to be deleted from mailing lists that an organisation may intend to share

  10. To feel free to ask questions when making a donation and to receive prompt, truthful and forthright answers.

Complaints

We investigate any complaints or concerns any person may have about our protection of their privacy. If we become aware of any ongoing concerns or problems concerning our privacy practices, we will take these issues seriously and work to address these concerns.

There are no fees for lodging a complaint. If you wish to make a complaint about how we handle your personal information, please contact us at H.E.A.R.T.S. Charitable Trust, 242 Taylors Road, 5512, Ōtaki, New Zealand or kiaora@hearts.org.nz.

Please provide as much detail about the facts surrounding your complaint so we can resolve it accordingly, and allow us at least seven days to respond to your complaint. If we fail to resolve your complaint, you may refer the matter to the New Zealand Privacy Commissioner.

If you have feedback or complaints on any other matter please contact us at kiaora@hearts.org.nz

The H.E.A.R.T.S. Charitable Trust is PCI DSS compliant.

The PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards designed to ensure that companies that accept, process, store or transmit credit card information maintain a secure environment.

The H.E.A.R.T.S. Charitable Trust website is compliant against the PCI Data Security Standards. For further details, please see the website provider information here.