Introduction

Our Future (OF) takes your privacy seriously. We are committed to looking after your personal information, handling it in a responsible manner and securing it with industry standard administrative, technical and physical safeguards.

OF follows two guiding principles when it comes to your privacy:

  • Transparency. We work hard to be transparent about what personal information we collect and process.
  • Simplicity. We strive to use easy-to-understand language to describe our privacy practices to help you make informed choices.

If you have any queries about this privacy notice or about any aspect of OF’s data management please contact our data protection lead at hello@our-future.io 

This Privacy Notice will be regularly updated to ensure that it continues to comply with the latest regulation and best practice. It was last updated on 01/12/2023.

Our privacy notice is a detailed guide to how we use your information. It sets out our approach to how we handle your personal information in the following areas. Please click on the links below to access information that is relevant to you and your relationship with us.

Visitors to our website

When someone visits www.our-future.io we use a third party service, Google Analytics, to collect standard internet usage information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. As soon as this information is collected through Google Analytics, users’ IP addresses are made anonymous, and we will not make any attempt to find out the identities of those visiting our website.

Our websites are hosted by Ionos web hosting. Apart from the analytical data captured by Google Tag Manager and Google Analytics, the website will also capture all requests made to the server to detect and prevent fraud and unauthorised access and to maintain server security.

We use cookies on our websites in order to make the websites work more efficiently as well as provide information on the use of the site. The cookies collect information in an anonymous form, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited. 

Business contacts

We may collect personal data from business contacts to enable us to undertake the legitimate activities of the organisation.

Research undertaken by OF

From time to time, OF may undertake research which will involve the collection of personal data. Where possible, this data will be anonymized before publication. Where anonymization is not possible, data will only be shared if explicit consent is received. Any identifiable personal data will be held for up to one year following completion of the project.

Members of the public who make enquiries

If you contact OF with an enquiry, we will store your details only for as long as necessary to enable us to respond to your enquiry and for up to 3 months after our response. This may be by telephone, email or written correspondence. 

Mailing lists

If you sign up to our newsletter, we will retain your personal details to enable us to get in touch with you about our work and other relevant initiatives or news through our newsletter. You can unsubscribe at any time. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our newsletter. 

Suppliers and others to whom we make payments

If we have an obligation to pay you (e.g. following delivery of services or to reimburse expenses) we will collect personal data from you to enable us to complete this contractual transaction. We will store this data in our accounting system, Xero. We use online banking to make supplier payments.

Other activity

Organisations we contract with may be required by anti-money laundering (AML) legislation to verify the identity of their clients. Therefore, for AML purposes we are required to keep personal data about our directors. This data is reviewed every 6 months to ensure only accurate current copies are retained and out of date information is destroyed. 

IT management systems

OF uses several systems to manage its IT infrastructure. Personal data of users (normally only staff) is collected to enable us to manage and operate our systems and is logged in our accounts held on these systems. This includes:

  • Google – to warehouse our data and provide us with website analytics
  • Microsoft – to provide Office Suite facilities (such as SharePoint, Word, Outlook, etc), including file storage for OF day-to-day operations. 

In addition, OF contracts with Inflection Point to provide IT support. Inflection Point have access to all OF systems for the purposes of support and maintenance only and manages OF’s backup and spam management systems. Their contract includes a data processing agreement which meets the standards of GDPR.

OF also contracts with other third parties on a per-project basis. This may necessitate access to specific platforms and the data within. If this is the case, Data Sharing Agreements are put in place between OF and the third party, and access to any sensitive data is restricted as much as possible.

Job applicants, current and former staff

All the information you provide during the job application process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.

We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.

We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for, but it might affect your application if you don’t. Information on the equal opportunities form will be treated in confidence and will not be seen by staff directly involved in the selection process. The questionnaire will be detached from the application form before the form is seen by those involved in selection, stored separately and used only to provide statistics for monitoring purposes after which point it will be destroyed.

If you are unsuccessful at any stage of the process, the information you have provided until that point will be retained for 6 months from the closure of the campaign.

Information generated throughout the assessment process, for example interview notes, is retained by us for 6 months following the closure of the campaign.

If you are successful, the information you provide during the application process will be retained by us as part of your employee file. This includes your criminal records declaration, fitness to work, records of any security checks and references. Your employment file will also contain all personal data related to your employment at OF. This will be retained for the duration of your employment plus 6 years following the end of your employment. After that time, we will retain basic details of your name, start and end date and job title only for archive purposes.

Personal contact details of employees will be shared with organisation managers and directors for the purposes of emergency contact. Personal contact details of nominated emergency contacts for individual staff members will be held on employee files and will only be used in an emergency. These will be deleted within one month of the employee leaving OF.

Data processes and HR

We may use recruitment agencies to assist us with filling posts. Details of the Privacy Policies of the agencies will be available on their websites.

OF contracts payroll management to Samara and Co. 

Social media

OF uses a variety of social media platforms including Twitter, LinkedIn and YouTube. 

Photographs and videos

Videos

OF will often use videos, which may be commissioned by us or submitted by those we work with, to illustrate the work of the organisation. These may involve personal data which we collect as part of the legitimate activities of the organisation. Videos may be stored on OF systems or hosted on our website or YouTube.

Videos commissioned by the organisation may be recorded and edited by external film makers and we will have a data processor agreement which meets the standards of GDPR in place.

From time to time we may showcase videos produced by third parties such as partners that we work with through our communications channels. In doing so, we will make every effort to ensure suitable permissions and compliance with GDPR are satisfied before use of video.

Photographs

We may photograph events that OF host or are involved in and we will inform participants that this is the case either by notice or specific forms. Participants have the right to withdraw their consent by following the instructions given.

We will also take photographs of staff – both headshots and at events. Staff will be asked to provide their consent to the use of these photographs.

We may use the photographs in OF publications, social media, website or the press. Photographs will be stored on OF systems and held for up to 5 years, or in the case of staff headshots until the person leaves OF. If we commission an external photographer, we will put a data processor agreement which meets the standards of GDPR in place and the photographer will be bound by the same photograph retention policy.

From time to time we may request images from those we work with to promote the work that we support through our communication channels. In accessing images, we will make every effort to ensure suitable permissions and compliance with GDPR are satisfied before use of the images.

Publications

We may collect personal detail about grantees or other individuals involved in the work of OF in order to produce publications about OF’s work. We will obtain the consent of the individuals involved to their inclusion. The information that we include in OF publications is shared through our website and other communications channels, including press releases and social media. In the process of preparing and disseminating publications, we may share information with a variety of third-party processors. For example, graphic designers will often format and arrange printing of content. Proofreaders and / or consultants may be engaged to review work. In all cases we will ensure a data processor agreement is in place which meets the standards of GDPR. OF will retain digital and hard copies of publications in order to maintain an archive of OF’s work.

Audit and regulatory requirements

We may share any data about the operation of OF with our auditors, HMRC, the Charity Commission, the Information Commissioner’s Office, Companies House and other regulatory bodies should this be necessary to complete statutory audit and regulatory requirements.

Your rights

Under the General Data Protection Regulation (GDPR) which came into force on 25 May 2018 you have rights as an individual data subject which you can exercise in relation to the information we hold about you. Read more about these rights on the ICO’s website.

Complaints and queries

OF tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate.

We would also welcome any suggestions for improving our procedures. To contact us, or raise a concern, email hello@our-future.io

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of OF’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to our data protection lead at the address in the Introduction above.

If you want to make a complaint about the way we have processed your personal information, you can contact the ICO as the statutory body which oversees data protection law ico.org.uk/concerns

Access to your personal information

OF tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under GDPR. If we do hold information about you, we will:

  • give you a description of it;
  • tell you why we are holding it;
  • tell you who it could be disclosed to;
  • let you have a copy of the information in an intelligible form; and
  • correct the information if there are any mistakes.

To make a request to OF for any personal information we may hold you need to put the request in writing addressing it to our data protection lead and emailing hello@our-future.io.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting the data protection lead.

If you object to how we have handled the processing of your data, please make the complaint in writing and email hello@our-future.io.

Privacy notice changes

As stated above, we will regularly review our privacy notice. Although most changes are likely to be minor, changes may be made from time to time to ensure our policy remains current and responsive to any changes in how OF receives and protects your personal information. We encourage you to frequently check this page for any changes to our policy. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.

Get In Touch