Welcome to the latest version of the privacy and cookie notice and other information covering the activities of Hatch. Our contact information is here and we are registered under the Data Protection Act 1998 (registration number ZA212531).
This page was last updated on 14 May 2018 and the information set out here is in force from 25 May 2018.
How we may gather your personal dataWe primarily use the legal basis of consent for processing personal data that you supply to us and therefore we only receive such data after you have given your consent. We may also process data under the legal basis of legitimate concern, such as to ensure the security of the sites and services we run or to support our work to improve democratic engagement.
The routes via which we may gather your personal data include:
This gathering of data includes both data you directly supply, such as by filling out a form, and also data provided when you interact with one of the services we operate digitally, such as the IP address, browser type and operating system of the device used.
The data gathered via surveys and forms may include special category data, such as whether or not you are a member of a political party or a supporter of a particular charity. Such data may also come from you sending us an email in which you choose to reveal such information, e.g. “As a member of the Organisation X, we disagree with your claim that…”
What we might do with your personal data
We may use personal data you provide to keep you informed about our work, to ask you questions, and to let you know about opportunities to get involved with our work, and to tell you about the work of others (like charities and campaigning organisations who share our values) that we think might appeal to you.
We may tailor the content supplied to you based on the personal data you have previously provided and may also use the data to ensure the security of our systems. We may also use your personal data to process any donations or payments that you make to us.
Any special category data you have consented to give us will be used only for the purposes of analysing our activities (such as to establish if our activities are fully inclusive), to analyse the answers of the survey or form used to collect it, or for providing direct follow-up to any points raised in those answers. If the data is contained in a comment that you have chosen to submit for publication, however, it may be published.
The routes via which we may contact you include:
Sharing and storing data
We will not share your data with anyone else except:
A service provider will only have personal data passed to them under this final category if their own systems, standards and legal terms are compliant with the requirements of GDPR. Their use to process your data will also be governed by their own privacy notices. Some of the service providers mentioned above may store personal data outside the E.U. and they will only be used in this way if the transfer of data outside the E.U. is done in accordance with Chapter V of GDPR. (You can read more about the safeguards involved on the Information Commissioner’s website here.)
If you choose to interact with one of our profiles or pages on a social network, such as Facebook or Twitter, that interaction may result in personal data being shared with us by the social network operating under its own legal contract with yourself.
Our sites may display adverts served up by Google. If you choose to interact with the adverts, such as by accepting cookies from them or by clicking on an advert, then your personal data may be processed by them, subject to their own privacy policies.
Our own data records are separate from those other organisations that we support – such as charities and campaigning organisations that share our values and priorities. Data is only shared if there is a clear legal basis for doing so, such as having asked your consent before gathering the data.
Withdrawing your consent
You may at any time withdraw the consent you have given for us to process personal data from you.
Cookies and tracking pixels
Our family of sites may place cookies and tracking pixels on the device from which you are accessing them. The emails we send out may also use a tracking pixel. To find out more about what cookies are, see this article from the BBC. To find out more about what tracking pixels are, see this article from Digiday.
If you want to find out more about any individual cookies that any one of our sites use, please either email email@example.com or install a tool such as Ghostery, which provides detailed information about cookies on all the sites you visit.
Retention of data
Personal data which you provide via cookies will be retained for no more than two years.
Other data which is not special category data will be retained as long as it is required to accurately deliver information to you by the means set out above and to meet regulatory requirements (e.g. for tax purposes and for compliance with laws on electoral finance).
This may include retaining data after you have made an unsubscribe or similar request to ensure that you are not subsequently sent information by mistake and to protect against, for example, malicious attempts to add you to lists you do not wish to be a member of.
Special category data will not be retained for longer than five years.
You can, in addition, exercise your legal rights for data to be deleted if you wish.
Anonymous aggregate statistics may be retained when personal data is deleted.
Your legal rights
GDPR provides the following rights for individuals:
If you have a complaint of a query, you can raise it with us via firstname.lastname@example.org or, if appropriate, contact the regulator, the Information Commissioner.