Our Privacy Policy

nurtureuk is committed to protecting your personal information. This page explains how we process the information we collect or which you provide. By agreeing to this Privacy Policy, you are agreeing that you understand and agree with its terms. If you do not agree to this Privacy Policy, you should not use this website.  

 

If you have any questions about this privacy policy, please email dataprotectionofficer@nurtureuk.org or write to:

Data Protection Officer
nurtureuk
The Green House
244-254 Cambridge Heath Road
London E2 9DA

Who are nurtureuk?

We are the UK's leading charity that specialises in the practice of nurture. We also own and operate the Boxall Profile® Online tool. 

Our registered charity number in England and Wales is 1115972. In Scotland, our registered charity number is SC042703.

The types of information we collect through this website

When you engage with us – for example, by ordering our services or products, or getting involved in our campaigns – we may collect and process information about you, or about other people who you are working on behalf of (“your personal information”). Depending on the activity, this may include name, email address, postal and billing address, telephone number, and name of employer. 

We’ll also ask for information when you report a problem with our website, and if you contact us, we may keep a record of that correspondence.

Sometimes, we may ask you to complete surveys that we use for research purposes, but you’re under no obligation to respond to them.

We may also collect details of your visits to our website, including traffic data, location data, weblogs and other communication data, as well as the resources that you use.

To make our website more efficient and make sure that it reflects its visitors’ needs, we also use cookies to collect and record information about how our site is used. We may also collect your IP address (a number that identifies a specific internet connection). However, unless you’re signed into your nurtureuk account, neither cookies nor your IP address will identify you as an individual. 

For more information on cookies and IP addresses, please read our cookies policy (below). By continuing to use our site, you agree to our use of cookies.

Please note that if you are submitting personal information on behalf of another person, you agree that you either have their consent to do so, or are sharing the information with us for another lawful reason. 

How we use your personal information
  • We use your personal details to generate helpful pre-filled forms or invoices on our website.
  • We may send you information about products or services you’ve ordered, including related fundraising or campaigning activities.
  • We analyse the way people use our website, to make it as efficient and user-friendly as possible.
  • We use IP addresses to establish your approximate location, prevent disruptive use of our website, and to see how many visits we receive from different countries or areas.
  • We use personal data to understand our customers better, to make our direct marketing more targeted, and to provide our customers with the most relevant information.

All of this data will be securely stored on our servers, or as specified in the sections of this policy headed ‘Where we store information related to your use of this website’ and ‘How we store and process information related to use of nurtureuk services’.

If you no longer want us to store or use your information, you can request that we delete your data (see the section headed ‘How to access or delete your personal information’).

How we’ll contact you

If we contact you by phone or letter, we won’t do so again if you ask us not to. You can contact us to change your contact preferences by logging into your account on the nurtureuk website, or – if you don’t have an account – by emailing our team on info@nurtureuk.org or calling +44 (0)203 475 8980.

We will never contact you to send you information about how you can support nurtureuk by email or text, unless you’ve given us permission to do so.

How we handle your personal information 

We use SSL encryption on our website to encrypt any information you give us. This ensures that the data is collected and stored securely.

Once your data has been collected, we use reasonable and appropriate measures to ensure its security, including strict controls over who can access and process your data. 

nurtureuk will never rent or sell your personal information to any other organisation, for use in their own direct marketing activities. Except as specified in the section headed ’Where we store and process information related to your use of nurtureuk services’, we will only disclose or share your personal information to third parties if: 

  • We are legally obliged to do so
  • To apply our terms of use for this website or other agreements 
  • To protect the rights, property or safety of nurtureuk, our donors or others. This includes sharing information for the purposes of fraud detection and protection.
How we handle direct debit or credit card information

We always make sure that sensitive information, like debit cards, credit cards or personal information is collected and stored securely. Both we and our partners always use SSL encryption to encrypt data sent between us and our customers.

nurtureuk is Payment Card Industry (PCI) compliant and we use external PCI compliant providers to collect this data on our behalf. We do not store PCI data on our own systems.

To protect yourself when sending us sensitive information, please ensure that you’re using devices running supported operating systems and regularly updated browsers that offer some form of malware protection. Only ever connect your devices to networks that you trust.

How we use recurring payment methods

For some of our services, we allow individual customers to pay using recurring monthly or annual 0% interest instalments.

For some events, you can pay using a 0% monthly instalments payment system, over 6 or 8 months – depending on your preference.

If you pay for an annual membership subscription, you’ll be asked to agree to recurring annual payments before signing up. We will always notify you before your subscription is due to renew.

You can cancel a recurring payment to nurtureuk at any time. However, if you still owe us a payment, we’ll send you an invoice and reminders until the balance is settled. We’ll also explain the different ways you can pay this balance. To cancel a recurring payment, please email: info@nurtureuk.org.

Securing your passwords

If you’ve chosen or been given a password to access certain parts of our website, you’re responsible for keeping that password confidential and not sharing it with anyone else.

Plant growing out of dry out soil with two open hands encircling it
Where we store information related to your use of this website

nurtureuk uses internet service providers and servers located in the UK or the European Economic Area. We’ll ensure that your personal information related to your use of this website is held by those internet service providers, in compliance with UK data protection regulations, including the Data Protection Act 2018 and the UK GDPR. 

How we store and process information related to use of nurtureuk services

Depending on the nurtureuk services you use, buy, or sign up for on this website, your personal information may be transferred, stored or processed in other systems, by other data processors, and in other locations.
When we use the services of other data processors, we do so to fulfill our obligations under the terms and conditions of the services we provide, and in the legitimate interests of developing our charity, and improving your use of our products and services. 

By submitting personal information through this website for these specific services, you are agreeing to the transfer, storing or processing of data in locations within the UK and the European Economic Area, and, in some specific cases, to other locations. We will always take all steps reasonably necessary to ensure that this data is treated securely and in accordance with this privacy policy, and in line with UK data protection regulations, including the Data Protection Act 2018 and the UK GDPR.  When you (or another user you are working on behalf of) use these services, we may also issue an additional privacy notice that relates to the specific service, the specific programme (for example, a programme of work commissioned by a third party), or to the specific platform or system through which the service is delivered. Any additional terms within these privacy statements, along with any relevant terms within data processing agreements that we have with your employer, or with a third party commissioning our services on your behalf, should be considered part of this privacy policy.

To manage contact data and our relationships with customers, members and partners, we use Salesforce CRM, a customer relationship management tool. The data we collect may include personal details including your name and email address, your relationship to an organisation, your job title, details of your use of nurtureuk products and services, including bookings for training courses and sessions. 

This data is processed and stored within cloud-based Salesforce CRM servers based in the EEA. Data is stored encrypted (at rest when stored on the servers, in the database, in search index files, and in the file system). 

We use Zendesk, a customer support tool, to provide support on the use of this website and nurtureuk’s products and services, and if you email one of our email addresses through this website. The data we collect and process in this way may include your name and email address, your relationship to an organisation, the content of your original enquiry or customer service query, along with any replies to resolve your query, which may include additional data you choose to share (for example, any additional information within your email signature). This data is processed and stored safely in encrypted form in the UK or EEA.

When you sign up for some of our services, including membership, and opt in to be contacted by us, we use Mailchimp, an e-mail marketing tool, to manage mailing lists and to send emails to you. The data that is held on Mailchimp servers may include your name, your email address, the identify of your employer or another organisation you are connected to.  This data may be processed and stored safely in encrypted form outside the UK or EEA. Our data processing agreement with Mailchimp includes the EU Standard Contractual Clauses approved by the Information Commissioner’s Office, which offer essentially equivalent protection as under the UK GDPR. 

To manage payments for products and services within this website, we use Stripe, a cloud-based payment platform. For more information on how Stripe handles this data, please view the Stripe privacy policy here. Please note that, depending on the specific products or services you have opted to purchase, Stripe may transfer data outside of the UK and European Economic Area for storage or processing, but will do so with adequate safeguards, or your express permission. In its processing agreements with us and with any sub-processors, Stripe uses the Standard Contractual Clauses approved by the ICO, which provide a high level of protection for user data.

We use Google Cloud and Google Workspace services to store and process some information related to your use of nurtureuk services, and to store emails you may send to us through this website, and some forms you may complete within the website. This data may be stored on Google cloud-based servers within the UK or EEA, encrypted at rest, or on Google cloud-based servers outside the EEA, encrypted at rest. In its processing agreements with us, Google uses the Standard Contractual Clauses approved by the ICO, which provide a high level of protection for user data.

We use Zapier, an automation tool, to transfer some personal data between our systems. This data may include your name, email address, organisation name, and sign-ups or purchases of our between our systems. Your data may be retained for a a period in line with our retention policy after a transfer has been made, and is stored safely on cloud-based servers before being automatically deleted. While this data may be processed and stored safely in encrypted form outside the UK or EEA, our data processing agreement with Zapier includes the EU Standard Contractual Clauses approved by the Information Commissioner’s Office, giving you essentially equivalent protection as under the UK GDPR. 

If you request an invoice for a purchase of a product or service from within this website, we will use a third-party service provider to process this request. As part of this processing, your name, email address and relationship to an organisation may be collected and stored by our provider, to service these requests, and to meet requirements in law, such as retention of sales records for VAT purposes. To manage invoicing and customer data related to these requests, we use Iplicit, a cloud-based accounting system. If your data is held on this system, it is stored securely on servers within the UK or EEA. 

How long we will store your data

We will ordinarily store the information we hold related to your use of this website, and related to use of products and services for a period in line with our data retention policy.  To determine the appropriate period to retain data, we consider the nature and sensitivity of the data, the potential for harm, whether we can achieve our purposes through other means, as well as any applicable legal or contractual requirements.

How to access or delete your personal information

You can request that we delete your personal information that we hold. To request this, contact our Data Protection Officer and your data will be deleted from both the website, our servers and any additional systems we use, with the exceptions noted below. If we delete your data on your request, you’ll no longer be able to access your account, the information it contains, or to access or use any of our services that you have previously signed up for or purchased, or been entitled to use. 

Please note that we’re legally required to hold some personal information to fulfil our statutory obligations – for example, when we collect Gift Aid or process an invoice.  We may also be required to hold some data to meet other legal or contractual requirements, and in some cases where a separate data processing agreement (for example, with your employer, or with an organisation that has commissioned services on your behalf) covers the use of all or some of your data. 

You have a right to know if nurtureuk is storing any of your personal data, and a right to be provided with that information (with some exceptions, as specified under the UK GDPR).

To ask us for your personal data, you can email info@nurtureuk.org or write to:

Data Protection Officer
nurtureuk
The Green House
244-254 Cambridge Heath Road
London E2 9DA

We do not make a charge for this. It'll help us to find your information if you can tell us something about the nature of your contact with us.

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.

Updates or changes to the privacy policy

We reserve the right to make changes to this Privacy Policy. Each time you visit this site, please check our Privacy Policy to check that we haven’t made any changes to sections that are important to you. Where appropriate, we may notify you of such changes by email.

Cookies Policy

We use cookies on our website to make sure it’s working the way it should, to make improvements, and to tailor the content to each visitor.

A cookie is a small file that’s sent to your computer or mobile phone, containing information that tells us you’ve used our website before. Cookies are safe and secure, and are commonly used on websites.

A cookie typically contains:

  • The name of the server the cookie was sent from
  • The lifetime of the cookie
  • A unique identifier (usually a number).
How cookies work

When you visit our website, cookies are downloaded to your device. Your browser and our web server exchange the cookie, and we use this number to recognise you when you return to our site or browse from page to page. Only the server that sends a cookie can read and use it.

This file is stored on your computer's drive or phone's storage. All websites can send a cookie to your browser if allowed by your browser settings. Many websites do this to track the flow of online traffic.

Types of cookies

Cookies can be categorised by their life span:

Session or temporary cookies 

These cookies expire when you close your browser or when the session times out

Persistent or permanent cookies 

These cookies are usually stored on your hard disk, survive across multiple sessions, and last longer.

We also use cookies and similar technologies to customise content and advertising, to provide social media features and to analyse site traffic. 

We may also share information about your use of our site with our trusted social media, advertising and analytics partners.

We use Google Analytics to better understand how our visitors are using this site and to improve their online experience. Using cookies and other technologies, Google Analytics gathers fully anonymised data about how you and other visitors use this website, which is then stored securely. The data gathered may include:

  • IP address (which is stored in a de-identified form) 
  • The type and screen size of your device 
  • Your approximate geographic location
  • Your domain name 
  • Your browser type, version and plug-ins
  • Your operating system and platform
  • Your settings or preferences
  • Your use of the different pages of the site, or other content within the website, and your completion of defined pathways through the website or tasks within the website 
  • The language you use to display our website. 

We use Hotjar to better understand our customers' needs and to improve their online experience. Hotjar is a technology service that tells us about people’s behaviour on our website: how much time they spend on which pages, which links they click, what they do and don’t like etc. Using cookies and other technologies, Hotjar gathers the following information about each visitor to our site: 

  • Their IP address (which is stored in a de-identified form) 
  • The type and screen size of their device (with unique device identifiers) 
  • Their geographic location (just the country)
  • The language they use to display our website. 

Hotjar stores this information for us in a pseudonymised user profile. Hotjar is contractually forbidden to sell any data collected on our behalf. For further information, please see the 'about Hotjar' section of Hotjar’s support site.

We use Facebook Pixel to serve you information or ads on your social media based on your browsing behavior. This allows your behavior to be tracked after you have been redirected to our website by clicking on the Facebook ad. The Facebook Pixel stores a cookie on your device to enable us to measure the effectiveness of Facebook ads for statistical and market research purposes. We do not have access to the information collected through the Facebook Pixel. However, the information collected via the Facebook Pixel, on this website as well as other websites on which Facebook Pixel is installed, is also stored and processed by Facebook. Facebook may link this information to your Facebook account and also use it for its own promotional purposes in accordance with Facebook’s Data Usage Policy. The Facebook Pixel also allows Facebook and its partners to show you advertisements on and outside of Facebook. You can opt-out of displaying Facebook ads by visiting your Facebook Ad Settings, and you can clear and control the information third parties share with Facebook in your Off-Facebook Activity page.

Controlling or deleting cookies

You can control and disable cookies through your browser settings. To find out more, visit the website allaboutcookies.