top of page

Privacy Policy

PRIVACY POLICY

Artboard – 19.jpg

We want everyone that we support and those who support us, to feel confident that any personal information shared with us is handled with care. This Privacy Policy sets out how we collect, use and store your personal information, this means any information that can directly or indirectly identify you. This includes for example, a photograph of you, your telephone number and date of birth. 

​

SISU’s Privacy Policy may change so please remember to check back from time to time. If we make any changes to this Privacy Policy, we will make this clear on our website or contact you to let you know. We are committed to treating you with respect and openness.

1. Who we are

Here at SISU, we are committed to protecting your personal information and making every effort to ensure that your personal information is processed in a fair, open and transparent manner.

 

We are under application to be a "data controller" under C1658814 for the purposes of the Data Protection Act 2018 and the EU General Data Protection Regulation 2018 (EU GDPR) and the Data Protection & Electronic Communications Regulation 2019 (UK GDPR). This means that we are responsible for and control the processing of your personal information.

2. How we collect information about you

Everything we do, we do to ensure that we provide a rights-based holistic approach to the needs and rights of women and girls, and we hope to grow and expand the services we can offer as we continue to build our own capacities, and the capacities of other women and girls. We want to make sure you receive the communications that are most relevant to you, be it through visiting our website or receiving emails, post or phone calls. We want to make sure you receive the best attention when you have contact with SISU.

 

We collect information from you in the following ways: 

​

  • When you interact with us directly - this could be if you register with us for help and support, ask a question about our services, apply for a job or volunteering opportunity or otherwise provide us with your personal information. This includes when you phone us, visit our website, or get in touch through the post, or in person. 
     

  • ​When you visit our website - we gather general information which might include which pages you visit most often, and which services or information is of most interest to you. We may also track which pages you visit when you click on links in emails from us. We also use "cookies" to help our site run effectively. We use this information to personalise the way our website is presented when you visit to make improvements and to ensure we provide the best service and experience for you.

3. Information we collect and why we use it

Personal Information:  

​

Personal information we collect includes details such as your name, date of birth, email address, postal address, telephone number and credit/debit card details (bank details will be required when you are a beneficiary), as well as information you provide in any communications between us. You will have given us this information so we can provide the help and support we can provide for you or any of the other ways to interact with us.

 

We will mainly use this information:

​

  • To process your bank details to verify any financial transactions. 

  • To provide the services that you have requested. 

  • To update you with important administrative messages whilst being a beneficiary to our services, or other support we provide that you have requested from SISU. 

  • To comply with the Charities (Protection and Social Investment) Act 2016 and follow the recommendations of the official regulator of charities, the Charity Commission, requires us to identify and verify the identity of supporters who make major gifts so we can assess any risks associated with accepting their donations. 

  • To keep a record of your relationship with us. 

  • Where you volunteer with us, to administer the volunteering arrangement. If you do not provide this information, we will not be able to process your data, or provide goods and services you have requested.

​

We may also use your personal information to contact you about our work and how you can support SISU.

​

Sensitive Personal Information:

​

Data Protection Law recognises that some categories of personal information are more sensitive. Sensitive Personal Information can include information about a person’s health, race, ethnic origin, political opinions, sex life, sexual orientation or religious beliefs.

​

If you share your personal experience or the experiences of a friend or relative, we may also collect this sensitive information. If you provide us with any Sensitive Personal Information by telephone, email or by other means, we will treat that information with extra care and confidentiality and always in accordance with this Privacy Policy. 

​

If you contact us at SISU, through any channel such as emails, you may choose to provide details of a sensitive nature.

​

We will only use this information for the purposes of dealing with your enquiry, quality monitoring or evaluating the services we provide. We will not pass on your details to anyone else without your express permission, except in exceptional circumstances.

4. Legal basis for using your information

There are lawful reasons that allow us to process your personal information, one of these conditions under data protection law is 'legitimate interests'. This means that the reason that we are processing information is because there is a legitimate interest for SISU to process your information to help us to achieve our vision of promoting well-being and recovery and facilitating positive changes in behaviour. 

​

Whenever we process your Personal Information under the ‘legitimate interest' lawful basis we make sure that we take into account your rights and interests and will not process your personal information if we feel that there is an imbalance.

 

Some examples of where we have a legitimate interest to process your Personal information are where we contact you about our work via post, use your personal information for data analytics, conducting research to beer understand who our supporters are, improving our services, for our legal purposes (for example, dealing with complaints and claims), or for complying with guidance from the Charity Commission. 

​

However, we will mostly use your Consent to process the data you give us. Consent according to the GDPR should be gathered only where the individuals fully understands the purposes for which it will be used. Consent must be freely given, and we must be able to demonstrate how we have collected it. Consent is only valid if we have informed the individual of our intention and we may only use the data for those purposes.

 

We may also use other conditions in accordance with the Data Protection Act 2018. Those details in Schedule 1, parts 2, 3 and 4 allow us to process data without consent where it would be impossible to gather it, but it is in the best interests of the individual for us to process the information. The law says we must have supporting policies for this to be lawful.

5. Sharing your Information

The personal information we collect about you will mainly be used by our staff (and volunteers) so that they can support you. 

​

We will never sell or share your personal information with organisations so that they can contact you for any marketing activities. Nor do we sell any information about your web browsing activity. 

​

SISU may however share your information with our Support Partners who work with us on or on our behalf to deliver services, but processing of this information is always carried out under your Consent. We make sure that they store the data securely, delete it when they no longer need it and never use it for any other purposes.

 

We enter into contracts with Support Partners, and these contracts outline specific requirements for them to comply with Data Protection Laws and ensure that they have appropriate controls in place to secure your information. 

 

Please note, SISU may disclose your information if required to do so by law (for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority); or, in order to enforce our conditions and other agreements.

6. Keeping your information safe

We take looking after your information very seriously. We've implemented appropriate physical, technical and organisational measures to protect the personal information we have under our control, both on and o-line, from improper access, use, alteration, destruction and loss.

 

Unfortunately, the transmission of information using the internet is not completely secure. Although we do our best to protect your personal information sent to us this way, we cannot guarantee the security of data transmitted to our site. 

​

Our websites may contain links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. Please be aware that advertisers or Web sites that have links on our site may collect personally identifiable information about you. This privacy statement does not cover the information practices of those websites or advertisers.

 

Any debit or credit card details which we receive on our website are passed securely to our payment processing partner, according to the Payment Card Industry Security Standards.

7. How long we hold your information for

We only keep information supplied to us as long as it is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations.

8. Your rights

You have various rights in respect of the personal information we hold about you – these are set out in more detail below. If you wish to exercise any of these rights or make a complaint, you can do so by contacting our team at; 

​

SISU Group, 29 Bute Gardens, University of Glasgow, Glasgow, G12 8RS by email at
welcome@sisu-group.org or call our office on 07375 860086 

​

You can also make a complaint to the Information Commissioner’s Oice (ICO) which regulates the use of information in the UK. They can be contacted on 0303 123 1113 or by going online to  www.ico.org.uk/concerns 

​

If the organisation is based outside the UK, the complaint should be directed to the relevant data protection supervisory authority in that Country.

​

  • Access to your personal information - You have the right to request access to a copy of the personal information that we hold about you, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making. You can make a request for access free of charge. Please make all requests for access in writing and provide us with evidence of your identity.
     

  • Right to object - You can object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes. Please contact us as noted above, providing details of your objection.
     

  • Consent - If you have given us your consent to use personal information (for example, for marketing), you can withdraw your consent at any time.
     

  • Rectification - You can ask us to change or complete any inaccurate or incomplete personal information held about you.
     

  • Erasure - You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.
     

  • Portability - You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
     

  • Restriction - You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.
     

  • No automated decision making - Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless you have given us your consent, it is necessary for a contract between you and us or is otherwise permitted by law. You also have certain rights to challenge decisions made about you. We do not currently carry out any automated decision-making.
     

Please note, in accordance with the Data Protection Act 2018, we may not be able to uphold nor acknowledge all of these rights under some circumstances. Further details can be found in our policy documents.

9. Cookies

‘Cookie’ is a name for a small file, usually of leers and numbers, which is downloaded onto your device, like your computer, mobile phone or tablet when you visit a website.
They let websites recognise your device, so that the sites can work more eectively, and also gather information about how you use the site. A cookie, by itself, can't be used to identify you.
 

How do we use cookies:
 

We use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you come to our website and also allows us to improve the user experience.
 

The cookies we use
 

We use the categorisation set out by the International Chamber of Commerce in their UK Cookie Guide.
 

We use all four categories of cookies: 
 

  • Strictly necessary cookies are essential for you to move around our website and to use its features.
     

  • Performance cookies collect anonymous information about how you use our site, like which pages are visited most. 
     

  • Functionality cookies collect anonymous information that remember choices you make to improve your experience, like your text size or location. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. 
     

  • Targeting or advertising cookies collect information about your browsing habits in order to make advertising relevant to you and your interests. As such if you visit SUSI’s website you may then be more likely to see adverts about SUSI’s work on other websites as your browsing suggests that this is an area of interest. 
     

No cookies, please:
 

You can opt out of all our cookies (except the strictly necessary ones). 
 

But, if you choose to refuse all cookies, our website may not function for you as we would like it to. 
 

If you have any questions about how we use cookies, please contact us.

10. Monitoring

Your communications with our teams (including by telephone or email) may be monitored and/or recorded for training, quality control and compliance purposes to ensure that we continuously improve our customer service standards.
 

To find out more about this policy and how we look after your personal information, contact our oice team through any of the below contacts: 
welcome@sisu-group.org 

07375 860086
 

SISU Group, 29 Bute Gardens, University of Glasgow, Glasgow G12 8RS
 

This policy document was approved by SISU’s management and is issued on a version-controlled basis. 

Updated March 2025

STAY CONNECTED

Artboard – 11.png
DSC03246.png
DSC02778.png

Stay Connected

Follow our journey, sign up for our newsletter

Thanks for registering!

STANDING WITH SISU

Artboard – 10.png

Standing With SISU

Group 419.jpg
Group 420.jpg
Group 421.jpg
Group 422.jpg
Group 424.jpg
Group 423.jpg
Group 425.jpg
Alliance-logo-P-web.png

MEMBERSHIPS & ACCREDITATIONS

Artboard – 10.png

Memberships & Accreditations

Group 426.jpg
Group 427.jpg
Group 428.jpg
Image 2.jpg
bottom of page