The Cohesion and Integration Network (COIN) is a charity registered in England and Wales with the registered charity number: 1180761. Our mission is to fundamentally transform policy and practice in the cohesion and integration field through connecting and supporting members and advocating on their behalf. Our vision is a more integrated and less divided society.
To fulfill our work in support of its mission and aims, COIN may collect, store and process personal data about our members, contacts, advisors, contractors, and other third parties, and we are committed to handling personal data in accordance with data protection law. You can be assured that we will only request and retain personal information if we have a lawful basis to do so, as outlined by the General Data Protection Regulation (GDPR) (EU 2016/679) 2018, and by the Data Protection Act 1998.
COIN is the ‘data controller’ of the personal data provided to and stored and processed by COIN.
1. What do we collect?
COIN is a membership organisation and as a result, we collect details about your organisation when it registers as a member. We also ask for some personal information from you as an individual, in the following situations:
- As the contact of the organisation you are registering as a member.
- Exchange of personal information following a meeting or discussion between a COIN staff or Board member
This information will include your full name and work email address. For members, we will also ask for non-personal data such as your organisation’s postcode and address (to be placed on the Integration Map), payment details (if a paying member) and a short description of your organisation.
You are responsible for making sure you give us accurate and up to date information. If you provide information on behalf of another person, you will need to tell them how to find this privacy statement and make sure they agree to us using their information for the purposes set out in it.
We will also collect personal data when you access the services we offer. Depending on the service you use, the way we collect data is including but not limited to the following:
- Newsletter sign-up – full name, work email address and birth date.
- Event sign up – full name, work email address and payment details (for paid events only). This data will either be processed by us or the company Eventbrite. Please see section 4 for further information.
- Website viewing and usage – website usage is collected with your consent by using cookies. Please see our Cookies document for further information.
- Online feedback or research surveys – full name, organisation and work email address.
- Access to online forums: – full name and work email address. This is an offer for the Standard and Advanced Members: you can opt-in to access our online forums when you join these membership packages. When you do so we then send you a Slack link and you give your email address and name to the company Slack which will be hosting these forums. Please see section three and five for further information.
- Payment details: when paying for membership on our website, we ask for non-personal details such as your organisation’s bank details. We use the company Stripe to process our payments, and they may also ask for a work email address and work telephone number.
In all instances where we collect the data from individuals it’s in order to deliver our charitable services.
2. How will we use your data?
We use your personal information to process and manage your membership account and to provide services you have requested from us. We do not share your information with third parties, unless it is necessary to deliver the service you have requested from us or to report inappropriate online behaviour on our online forums. Primary examples of this include, but are not limited, to:
- Sharing data with our event venues for security, safety and administrative purposes, or to ensure our accessibility obligations are met.
- Asking you to share your email and name with the company Slack to set you up on one of our online forums as a benefit of the Standard or Advanced packages. Please note, we will only do this at your request and with your explicit permission.
- Sharing data with our external event staff or volunteers, including our trainers and consultants.
- If necessary, informing third parties of inappropriate behaviour in our online forums as per our Code of Conduct.
In some instances we may need to collect further information, for instance, to provide the appropriate access facilities and for dietary requirements. This information will be accessible under the ‘need to know’ principle and will not be retained post event.
We never share your information with third parties for marketing purposes without asking for specific, unambiguous consent. For example, some of our events are delivered alongside a relevant partner (e.g. universities or community voluntary service organisations). On some occasions, we might ask you if we can share those details with the partner. This will be very clear on the event sign up form. If in any case, this consent is not received then your data will not be shared.
From time-to-time, we may use your feedback and attribute it to you (e.g. by quoting a name and organisation alongside the feedback). We take this information from the surveys you are asked to complete and we do so to talk about our services publicly or demonstrate the impact of the charity to key stakeholders e.g. funders. We never share your information without asking for specific, unambiguous consent. This will be very clear on the relevant forms you complete. If in any case, this consent is not received then your data will not be shared.
3. Marketing and communications
We would like to send you information about our events, products and services which may be of interest to you. If you have consented to receive marketing (by signing up to our newsletter or opting-in to receive a newsletter when signing up as a member), you may opt out at a later date by emailing us at: firstname.lastname@example.org to let us know your change of preference.
You have the right at any time to stop us from contacting you for marketing purposes.
4. Member data use
4.1 Member communications
As a member of the Cohesion and Integration Network, you will receive regular, relevant communications from us (e.g. newsletter and an events bulletin). Signing up as a member, you can opt-in to receive the newsletter. Signing up as a member includes automatic subscription to other communication channels such as event bulletins.
As Members, we ask you to put non-personal data such as your organisation’s postcode and organisation description on the Integration Map. This Integration Map is in the public domain.
4.2 Directory of Members
For Standard and Advanced memberships, we will also ask you to put the name of your organisation and your work email address in the Directory of Members. This Directory of Members can only be accessed by other Member organisations which have agreed to our Code of Conduct.
4.3 Online Forums
We accept payments through Stripe and Woo Commerce. When processing payments, some of your data will be passed to Stripe and/or Woo Commerce, including information required to process or support the payment, such as the purchase total and billing information.
We ask for the above non-personal and personal information to achieve our charitable aims.
You have the right to withdraw your consent from receiving our communications, having your details on the Directory of Members or your organisational details on the Integration Map at any time. For more information, see section 6 below. You can unsubscribe from the above without affecting your membership status with the Cohesion and Integration Network.
5. How do we store your data?
Where we use third party providers for some services (e.g. Eventbrite, MailChimp, Slack and Box) your data may be held outside of the EEA and usually in the USA. We make sure that we use reputable third parties. Please see below for further details.
5.1 How long we keep your data
We retain your personal data for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation, typically seven years). In addition, personal data may be securely archived with restricted access (and other appropriate safeguards) where there is a need to continue to retain it.
Financial records, including those of membership, event payments and refunds, will be retained for a minimum period of seven years from the end of the financial year in which the booking was made in order to comply with statutory obligations.
If you register for an event organised by us, your information will be stored either by us or the company Eventbrite. We will clearly indicate who is processing your data when you sign up for an event. Eventbrite might also handle the payments for events on behalf of the Cohesion and Integration Network and will keep information required for financial legal reasons, to manage refunds and disputes for seven years. In this respect they are a data controller.
5.4 Online Forums
The third-party website Slack will host our online forums, and you will be an Authorised User of this online forum. Please see our Code of Conduct for further details. Slack usually retains files and messages sent on Slack indefinitely and may hold personal information after your account has been deactivated to pursue legitimate business interests. See here get.slack.help for further information.
We use third party Mailchimp to deliver our newsletters. Mailchimp retains your Personal Information until it has no on-going business need to do so in which case it is deleted or anonymised. If this is not possible (for example it has been stored in back-up archives) they will store and data and isolate it from further processing until deletion is possible. See: mailchimp.com.
We process our payments through the third–party company Stripe. As a payment company, Stripe retains personal data to comply with their tax, accounting and financial reporting obligations: stripe.com.
6. Your data protection rights
6.1 Right to access or update your data
If you wish to access or rectify personal data that has been collected or if you wish to receive any personal data we hold on you, please contact email@example.com and we will respond to your request within one calendar month.
6.2 Right to delete your data
If you wish to have your data removed entirely from our records, please contact firstname.lastname@example.org and we will respond to your request within one calendar month.
Please note that for legal reasons we are required to keep financial/transactional records for a minimum period of seven years from the end of the financial year in which the transaction was made.
6.3 Right to move your data
If you wish to have your data transferred from the Cohesion and Integration Network to another organisation, please contact email@example.com and we will respond to your request within one calendar month.
6.4 Right to withdraw your consent
If you wish to withdraw your consent from receiving our email communications, this can be done by clicking ‘unsubscribe’ at the bottom of an email you receive from us.
Please note that this does not apply to emails sent by our team which relate directly to the service you have requested or purchased, these emails may not have an unsubscribe function. However you can reply to these emails at any time with any concern or questions about your personal data.
6.5 Right to object to, or restrict data processing
If you object to the processing of your personal data, or wish to restrict the way in which it is processed by us, please contact firstname.lastname@example.org and we will respond as soon as possible. Please note that this may affect our ability to deliver our services to you.
7. Privacy policies of other websites
Updates to this privacy statement will appear on this website. This privacy statement was last updated on 27/08/2019.
9. How to contact us
Please contact us if you have any questions about our privacy notice or information we hold about you:
By Post: The Cohesion and Integration Network
2 Federation Street
By Email: subject Access Requests, complaints about data usage and all other enquiries: email@example.com
10. How to contact the appropriate authorities?
If you wish to take your complaint further, you can contact the Information Commissioner’s Office (ICO), which is the independent regulatory authority who exist to uphold information rights in the UK. For more information, visit their website or call their helpline on 0303 123 1113.