PRIVACY POLICY

The privacy and security of your personal information is extremely important to us. This privacy policy explains how and why we use your personal data, to make sure you stay informed and can be confident about giving us your information.
By using our website, social media pages or providing your information you consent to our collection and use of the information you provide in the way (s) set out in this policy.
We may make changes to this policy from time to time. If we do so, we will post the changes on this page and they will apply from the time we post them.
WHO ARE WE?
The Blue Marine Foundation (BLUE) was established in March, 2010. BLUE exists to combat overfishing and the destruction of biodiversity – arguably the greatest problem facing the world’s oceans by delivering practical conservation solutions, including the creation of largescale marine reserves. Overfishing represents a major food security issue and has devastating consequences for the fragile biodiversity of our planet. Around 90 per cent of global fish stocks are fully or overexploited and around 90 per cent of large fish are gone. The consequences are far reaching, not only for the future of food for a growing global population, but because healthy oceans absorb half the CO2 we produce. BLUE’s aim is to put at least 10% of ocean under protection by 2020 and 30% by 2030. We also work to establish sustainable fisheries so fish stocks can recover and help to protect critically endangered species, where we feel our intervention can have the greatest impact.
BLUE also has a trading subsidiary BMT Trading Limited and this policy covers activities of BMF Trading Limited too (where relevant).
OUR COMMITMENT TO YOUR PRIVACY
We are committed to keeping the personal details of our supporters safe. This policy explains how and why we use your personal data, to ensure that you remain informed and in control of your information.
Any references to Blue Marine Foundation, BLUE or to ‘we’, ‘our’ or ‘us’ refer to:
Blue Marine Foundation. We are a registered charity in England and Wales, and our registered charity number is 1137209. Company Registered No: 07176743; and (if appropriate)
BMF Trading Limited, a wholly owned subsidiary of the Blue Marine Foundation. Company Registered No: 07004094
We use three key definitions to describe people mentioned in this policy. These are definitions used by the Information Commissioner’s Office (ICO), the UK’s independent body set up to uphold information rights (www.ico.org.uk).
Data subject: this is you, one of our supporters. As the data subject, we respect your right to control your data.
Data controller: this is us, Blue Marine Foundation. With your permission, we determine why and how your personal data is used (as tlined in this policy).
Data processor: this is a person, or organisation, which processes your data on our behalf, with your permission. For example, CAF Donate who process donations via our website or the logistics company who organise our London to Monaco cycle and collects information such as medical history or date of birth.
When we work with other organisations or individuals that act as Data Processors, we will ensure that such arrangements comply with data protection legislation. The third parties we work with at no point ‘own’ your data, so you will never hear from them independently, and they will always delete your data from their systems when they have completed the task in hand. We will never sell your personal data.
Should you wish to find out more about the information we hold about you, or about our privacy policy, please contact us:
Should you wish to find out more about the information we hold about you, or about our privacy policy, please contact us:
Head of Operations
0207 845 5850
Email: info@bluemarinefoundation.com
Somerset House, South Building,
The Strand, London, WC2R 1 LA
Our office hours are Monday – Friday, 9am – 6pm.
WHY DO WE COLLECT YOUR PERSONAL DATA?
We will only ever collect, store and use your personal data when we have an identified purpose and reason to do so, this will usually be for information about our work, to invite you to attend appropriate events, fundraising purposes, office management (though we are regulated in these activities by the Fund Raising Regulator) and feedback and other legitimate interests. The ICO refers to this as a ‘lawful basis’.
Your personal data also helps us to get to know you better and to develop a ‘profile’ of you on our secure supporter database. This ‘profile’ enables us to send you the information listed above in a timely and relevant way, to suit you. For example, keeping track of the events you have been involved with (such as the London to Monaco cycle ride) helps us to send you information about any events that we feel you would like to hear about.
BLUE will only contact you for the following reasons (though these may be updated from time to time as our operations change):
a) Fundraising or supporting a particular BLUE initiative
BLUE undertakes very little ‘direct marketing’ however occasionally our newsletter or other mailshots will include calls for support for some initiative or funds (though of course these are regulated by the Fundraising Regulator). As a matter of politeness BLUE have always had a policy which enabled any recipients of such information to unsubscribe, now it seems the rest of the world has caught up with the GDP Regulations. To subscribers prior to 25 May 2018 we are therefore relying on the “soft opt in” provisions of the GDPR to carry across our database, for those subscribing after that date our practice will continue with opt in provisions and a provision for removal from our database in the normal way. BLUE does not undertake unsolicited marketing, we find that it annoys people.
b) To enable you to volunteer with us
BLUE endeavours to make sure that this Website is accessible for 24 hours a day but will not be liable if‚ for any reason‚ it becomes unavailable for any time or for any period. BLUE also reserves the right to suspend access to this Website temporarily or permanently and without notice.
INTELLECTUAL PROPERTY
If you are a BLUE volunteer, we collect appropriate personal data so that we can keep in touch with you about, for example:
details and changes to planned volunteer work programmes that you may be taking part in
the positive impact you have on our work, by sending you relevant newsletters
As defined by the ICO, the lawful basis for processing your data for these purposes is ‘contractual’ (where administering your volunteer record) and ‘legitimate interest’ (when sending you information about our work).
c) To buy or sell goods or services
We collect personal data to comply with contractual responsibilities when we buy and sell goods and services from others. BLUE does not currently undertake retail activity to the public but does engage in some partnership arrangements trading subsidiary BMF Trading Limited.
The ICO define the lawful basis for processing personal data for these purposes as ‘contractual’.
d) To meet our legal obligations
We collect personal data in order to comply with legal obligations such as providing information to bodies such as HMRC, Charity Commission, Companies House, HSE andthe Charity Commission.
The ICO define the lawful basis for processing personal data for these purposes as ‘legal obligation’.
e) To enable effective functioning of our organisation
We collect personal data to enable BLUE to operate effectively in a variety of ways such as:
liaising with government, authorities and local communities about conservation activities
evaluating events, campaigns and website activity
office management
responding to feedback, complaints and compliments to staff,
complying with regulators eg, Fundraising Regulator, the Charity Commission
safeguarding, health and safety, security
The ICO define the lawful basis for processing personal data for these purposes as ‘legitimate interest’.
WHAT KIND OF PERSONAL DATA DO WE COLLECT? HOW DO WE COLLECT IT?
a) Basic information
We will usually collect basic information about you, including your name, email address, telephone number and in some cases your business/personal address.
Most of the time, we collect this data from you directly. Sometimes this is in person; other times, it is by email, over the telephone or in writing. Occasionally we obtain information, such as your email address or telephone number or other contact details, from an existing supporter/contact who deems that you have a legitimate interest in BLUE’s work.
b) Getting to know you better
We also collect information about you that helps us to get to know you better. This may include:
records of donations you have made
your preferences of how you would like us to contact you
ways you have helped us through volunteering your time
records of events you have attended and meetings you’ve had with members of the team.
Sometimes we may collect other information about you. When we do so, will be very clear as to why we are collecting such information, and we will only do so with your specific consent and permission.
If you do not wish for your data to be collected in any of these ways, or have questions about them, please contact us.
Head of Operations
Telephone: 0207 845 5850
Email: info@bluemarinefoundation.com
Blue Marine Foundation, Somerset House, South Building, London, WC2R 1LA
Our office hours are Monday – Friday, 9am – 6pm.
Other ways in which we collect personal data to get to know you better include:
c) Sensitive personal data
We do not normally collect or store sensitive personal data (such as information relating to health or emergency contact details) about supporters. However, there are some situations where this will occur (such as for volunteers’ medical conditions)
When we do so, we will be very clear as to why we are collecting such information, and we will only do so with your specific consent and permission. In these situations, we collect the data from you directly.
We may also collect sensitive personal data if you have an accident on one of our project locations. This information will be retained for legal reasons, for safeguarding purposes and to protect us (including in the event of an insurance or legal claim). If this does occur, we will take extra care to ensure your privacy rights are protected.
d) Children and young people
In line with data protection law, we will not collect, store or process your personal details if you are under 13 years of age; unless we have the express permission from your parent or guardian to do so.
HOW DO WE STORE YOUR DATA?
a) Security
All of the personal data that is processed by BLUE is done so by our staff in the UK. However, for the purposes of IT hosting and maintenance your information may be situated outside of the European Economic Area (EEA). BLUE are monitoring carefully the implications of Brexit on this arrangement. This will be done in accordance with guidance issued by the Information Commissioner’s Office.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). We have documents relating to data protection procedures which personnel are required to follow when handling personal data.
b) Payment security
When processing donations via our website, visitors are re-directed to CAF Donate, a trusted worldwide fundraising platform. Please see CAF Donate’s privacy policy here for details regarding how your financial details are stored and your data processed.
BLUE complies with the payment card industry data security standard (PCI-DSS) published by the PCI Security Standards Council, and will never store card details.
We cannot guarantee the security of your home computer or the internet, and any online communications (e.g. information provided by email or our website) are at the user’s own risk.
c) Data retention policy
We will only use and store information for as long as it is required for the purposes it was collected for.
YOUR RIGHTS
We respect your right to control your data. Your rights include:
a) The right to be informed
This privacy notice outlines how we capture, store and use your data. If you have any questions about any elements of this policy, please contact us.
b) The right of access
If you wish to obtain a record of the personal data we hold about you, please email info@bluemarinefoundation.com.
c) The right to rectification
If we have captured information about you that is inaccurate or incomplete, we will update it.
d) The right to erase
You can ask us to remove or randomise your personal details from our records.
e) The right to restrict processing
You can ask us to stop using your personal data.
f) The right to data portability
You can ask to obtain your personal data from us for your own purposes.
g) The right to object
You can ask to be excluded from marketing activity.
h) Rights in relation to automated decision making and profiling
We respect your right not to be subject to a decision that is based on automated processing.
For more information on your individual rights, please see the Information Commissioner’s Office.
YOUR RIGHTS
We respect your right to control your data. Your rights include:
a) The right to be informed
This privacy notice outlines how we capture, store and use your data. If you have any questions about any elements of this policy, please contact us.
b) The right of access
If you wish to obtain a record of the personal data we hold about you, please email info@bluemarinefoundation.com.
c) The right to rectification
If we have captured information about you that is inaccurate or incomplete, we will update it.
d) The right to erase
You can ask us to remove or randomise your personal details from our records.
e) The right to restrict processing
You can ask us to stop using your personal data.
f) The right to data portability
You can ask to obtain your personal data from us for your own purposes.
g) The right to object
You can ask to be excluded from marketing activity.
h) Rights in relation to automated decision making and profiling
We respect your right not to be subject to a decision that is based on automated processing.
For more information on your individual rights, please see the Information Commissioner’s Office.
For more information on your individual rights, please see the Information Commissioner’s Office.