We do not sell or share personal data to third parties for the purposes of marketing.

We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary to perform or maintain our services. They will only use the data in accordance with this Privacy Policy and wider GDPR laws. They do not use any of this data for their own interests.

For instance, when you give consent to receive our e-communications, we use MailChimp to send email newsletters. We occasionally use other service providers to send surveys (eg: SurveyMonkey) or invitations (eg: EventBrite). These agents store your data to the extent that it is necessary to perform these functions, in using their service you agree to their T&Cs.

Our website host RaisingIT will have access to your data only for the reasons of administering our website and support. They do not use this information in any other way.

As per Data Protection law, Glass Door is required to ensure that all information held on you is accurate. Therefore, we undertake a yearly data cleanse/check of our donations database using the third party provider BRG Direct Ltd (www.brgdirect.co.uk). They are instructed to handle any data in accordance to Glass Door’s Data Protection policy and remove all supporter data from their systems once the cleanse is complete.

All our website financial transactions are handled through our payment services provider, Stripe. You can review the provider's privacy policy at https://stripe.com/gb/privacy. Direct Debits are handled through GoCardless. You can review the provider's privacy policy at https://gocardless.com/legal/privacy/ . We will share information with our payment services provider only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.    

If you would like to see a full list of Glass Door subcontractors please contact our Data Manager, Abbas Bandali (see ‘contact’ section). We have ensured that all our partner organisations who store data on our behalf agree to a Data Processing Addendum, and we have verified their own data security complies with our own. Therefore, they cannot give, sell or rent your information to others for any marketing purposes and they are required to protect your information to the same degree that we do.

We may disclose some information to our partners (drop-in centres or volunteer coordinators at our partner churches) insofar as it is reasonably necessary for the running of our services and for the purposes set out in this policy.

We may share anonymised data on volunteers and guests of our services with organisations who are supportive of our aims, for example funders, partners, volunteers and supporters. No individual is able to be identified from this data. 

We may disclose data where it is necessary to protect the vital interests of an individual.

Police or Social Services: there are exemptions within data protection regulations that mean we are under legal obligations to share limited data.  This includes the prevention and detection of crime or to prevent benefit fraud.