Privacy policy

Preamble

The Duke of Edinburgh’s International Award Foundation is committed to ensuring the privacy and protection of personal information in accordance with the requirements of the Data Protection Act 1998.

Certain activities with respect to employee records are exempt from this regulation.

Any organisation or person licensed to administer, manage or coordinate the Award throughout the world (including without limitation National Award Authorities, National Award Operators, Registered Operators, assessors, volunteers or Award Leaders) must comply with this policy.

Purpose of the privacy policy

This policy sets out how The Duke of Edinburgh’s International Award Foundation handles the personal information of the Award participants, operators and supporters.

Definitions

Award

“Award” means The Duke of Edinburgh’s International Award.

The Duke of Edinburgh’s International Award Foundation

“The Duke of Edinburgh’s International Award Foundation”, hereafter referred to as "the Foundation" means the charity, and the employees that are employed therein, registered in England and Wales number 1072453 and a company limited by guarantee number 3666389.

Personal information

Personal information is any information or opinion (including information or opinion forming part of a database), whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. An individual’s name, age, photograph, gender, contact details and financial/fundraising information are examples of personal information.

Sensitive information

Sensitive information is a special type of personal information, being any information or opinion about an individual’s health, racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices or criminal record. There are additional restrictions on the collection, use and disclosure of sensitive information in the Privacy Laws.

Privacy policy

1. Collection of personal information

1.1 The Foundation only collects personal information that is necessary for one or more of its functions or activities. Personal information is only collected lawfully and fairly, and not in an unreasonably intrusive way. We do not store credit card details nor do we share customer details with any 3rd parties.

1.2 The Foundation generally collects personal information in order to manage, administer, record and support participation in the Award. Information is also collected to keep employees, volunteers, supporters and participants informed about Award activities and events. When collecting relevant personal information, the identity of the collecting organisation, contact details the purposes for which the information is required and to whom it will be provided will be clearly identified, together with any other matters required by the Data Protection Act 1998.

1.3 The Foundation generally collects personal information directly from the relevant individual or their authorised intermediaries. The Foundation will take reasonable steps to ensure that when information is collected from a third party the subject of the information has been made aware of this action.

1.4 In certain circumstances, the Foundation may collect sensitive information about individuals. For example, an individual may provide information on their health or racial origin in the online record book. The Foundation only collects, uses and discloses sensitive information with consent or otherwise in accordance with law.

2. Use and disclosure of personal information

2.1 The Foundation generally limits its use and disclosure of personal information to the purpose for which it was collected and other related purposes that would be expected by the individual.

2.2 In special circumstances, the Foundation may also use and disclose personal information where it is otherwise allowed under the Data Projection Act 1998 (for example, disclosure to government regulatory and law enforcement agencies or in emergency situations).

2.3 If the Foundation wishes to use or disclose personal information in other circumstances, it will obtain the individual’s consent to do so.

2.4 Personal information may also be used to inform operators, volunteers, supporters and participants of Award programme news, activities and events. Individuals who no longer wish to receive such promotional information may advise the Foundation using the contact details below. The Foundation’s records will normally be amended in five working days.

2.5 Personal information may be shared between the various Foundation organisations and persons responsible for administering the Award in country. Each of these organisations and persons agree to comply with this policy. The Foundation may also transfer personal information (including sensitive information) to the relevant Award Operator (for example delegate details including health information for local training or events). Once this personal information is held outside of the United Kingdom it may not receive the level of privacy protection required by the Data Protection Act 1998 in the United Kingdom. Individuals who object to the overseas transfer of their personal information may advise the Foundation organisation using the contact details below.

2.6 The Foundation may also disclose personal information to its contractors and service providers that assist in the operation or administration of the Award from time to time (for example, the Foundation’s mailing house or internet services provider).

3. Access to and correction of personal information

3.1 An individual may request access to the personal information that the Foundation holds about them or request the Foundation to correct their personal information using the contact details below. Requests to provide access to personal information will be dealt with in a reasonable time.

3.2 In some circumstances, the Foundation may not be required by law to provide an individual with access or to correct their personal information. In these circumstances, the Foundation will provide the individual with the reason(s) for refusal.

4. Data quality

4.1 The Foundation will take reasonable steps to ensure that personal information it collects, uses or discloses is accurate, complete and up-to-date.

5. Security of personal information

5.1 The Foundation will take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.

5.2 The Foundation will take reasonable steps to destroy or permanently de-identify personal information collected which is no longer required.

6. Online privacy policy

6.1 The Foundation recognises and appreciates the importance of responsible handling of personal information collected through electronic means. This section outlines the way the Foundation handles personal information collected when an individual uses the Foundation website under the domain name www.intaward.org.

6.1.1 Collection of personal information

6.1.1.1 An individual may visit the website without providing any personal information.

6.1.1.2 If an individual emails the Foundation through the website, the email may contain personal information about that individual (such as their name, mailing address or email address). Except as specifically provided below, the Foundation will treat personal information collected on the website in accordance with the general personal information management practices in this privacy policy.

6.1.2 Disclosure of personal information

6.1.2.1 The Foundation outsources the development, maintenance and hosting of the website to third party service providers. The Foundation may disclose personal information collected on the website to its third party service providers so that they can effectively provide these services.

6.1.3 Links

6.1.3.1 The Duke of Edinburgh’s International Award Foundation may, from time to time, include links on the website to the websites of other organisations. The Duke of Edinburgh’s International Award Foundation is not responsible for the privacy practices of these websites.

6.1.4 Website security

6.1.4.1 As with any internet transaction, the transmission of data over the internet is not completely secure. While the Foundation takes reasonable steps to protect all the personal information in its possession that it has collected via the website in accordance with its general personal information management practices, the Foundation cannot guarantee the security of all data submitted to it over the internet.

7. Complaints

7.1 Any individual who believes that the Foundation has not complied with this privacy policy with respect to the handling of their personal information should write to the Foundation using the contact details below. The letter should describe in detail the nature of the enquiry or the ways in which the individual believes that this policy has not been complied with.

7.5 If a privacy complaint cannot be resolved between the Foundation and the individual, the individual may contact the Information Commissioner’s Office.

8. Contact details

8.1 Any individual who has a question or complaint about how the Foundation handles their personal information or who wishes to access or correct the personal information that the Foundation holds about them should contact:

The Duke of Edinburgh’s International Award Foundation
Award House
7–11 St Matthew Street
London
SW1P 2JT
United Kingdom