This privacy notice tells you what to expect when Happy City collects personal information. It applies to information we collect about:
- Visitors to our website
- Supporters and donors
- Individuals who make enquiries or raise complaints
- Visitors to our projects
- Individuals we work with and to whom we provide products and services
- People who support our online campaigns
- People who take our online Happiness Pulse survey
- Any other means by which Happy City gathers personal information
Happy City is dedicated to protecting your personal data and using it in accordance with your wishes and the new GDPR EU Directive, which enters into law on 25th May 2018.
Visitors to our website
When you visit www.happycity.org.uk we use two third party services Google Analytics and HotJar to collect standard internet log information and details of visitor behaviour patterns. We do this to track interest on specific pages, see how the site is being used and look at how we can make improvements to the site. The information is only processed in a way that does not identify anyone. We do not make, and do not allow Google Analytics or Hotjar to make, any attempts to find out the identities of those visiting the Happy City website. Should we ever have good reason to link our cookies and tracking information, we will be upfront about it, explaining why and what we intend to do with it.
We invite you to sign up and to unsubscribe to our newsletter via our website.
We use a third party provider, Constant Contact, to deliver our monthly e-newsletter. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see the Constant Contact privacy notice.
We send our newsletter so that you can find out more about our work, our products and services, our campaigns. and how you can support us. We will never sell or share your details to any third party for their marketing purposes. You can Unsubscribe at any time by clicking on the unsubscribe link on our newsletter or by completing this form. Upon completing this form we will undertake to remove any personal data we store on you in 3 working days.
The Happy City website is built with WordPress, and is hosted by Digital Ocean. The site uses standard WordPress services to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site and how long they spend on a given page. We do this to monitor and report on the effectiveness of the site and help us improve it.
Contact us form
The Contact Us form on our website, does not store email addresses, instead it forwards enquiries to our general Happy City email inbox. We will respond within a week and will not store any personal information without consent.
When and how we will get in touch
When you give us your personal details – for example when you sign up to receive email updates, register for an event, take part in a campaign, or make a donation – you may receive follow up information from us directly relevant to this activity, including how your support is helping. Newsletter sign-ups are asked to confirm their continued consent every nine months. People attending events and following campaigns which may have a bounded time period, are given the option to continue contact by signing up for our newsletter – if you tell us you want to stay in touch to find out about our ongoing activities then we will treat this consent as lasting for twelve months.
We always act on your instructions, and aim to put you in control of your relationship with us. Our aim is to communicate with you in a way that makes you want to stay involved with us for as long as possible, as you see the value and impact of your support.
In the event of a security breach, we will notify all those who may be affected at the earliest possible opportunity. Allowing for immediate remedial action, we will be in touch with precautionary advice as soon as possible.
What details we ask for and why
There are minimum levels of information we need to obtain for different purposes – if you are signing up for an event or a campaign or to receive our newsletter then we will ask you for an email address and for the two former activities also a contact phone number and postcode.
We ask for your house number and postcode so that we hold a valid postal address for you. We need this information for the following reasons:
- To set up Direct Debits and one-off card payments
- To claim Gift Aid
- To deliver items to you (items you have purchased or event materials for example)
- If you have agreed to receive post from us, we will use your postcode and address to send you relevant information.
How to stop or change how we can communicate with you
If at any time you wish to stop or change how we communicate with you, or update the information we hold, please do get in touch, using one of the following options:
- Visit: https://www.happycity.org.uk/your-contact-preferences
- Write to us at : firstname.lastname@example.org
- Email: email@example.com
- Call: 07474 408024 (Mon-Fri 0900-1700)
We undertake to act on your instructions within three working days.
You can opt out of our emails at any time by clicking on the unsubscribe link at the bottom of our messages.
The Happiness Pulse survey data – security, information collected and data sharing
All data from the Happiness Pulse survey both our generic version at www.happinesspulse.org or if you complete it via a client url, is held on a secure server. In order to maintain server security Happy City makes automatic updates to both our OS and CMS via Elastic Beanstalk. We are auto-notified of updates and a manual check is also made. Our Lavarel 3 platform is safe from common SQl injection and XSS attacks. We pen test every six months. We conduct regular Nessus scans to check for vulnerabilities.
The survey data we collect does not enable individuals to be identified. Survey data is analysed by postcode sector which does not identify individual houses or streets, and we do not collect any personal contact information from respondents. If there is any theoretical likelihood that individuals could be identified by age or gender then we follow the data protection guidelines which govern data sharing.
When sending survey results data to our partners the following process is followed:
- Send our Data Protection Policy to the partner(s) for signature
- Enter into a Data Protection Agreement with them.
- Send the data by sharing an encrypted file via Google Drive. Once we get confirmation from our partner of a direct contact number we will then provide a unique password via telephone to access the encrypted file
By responding in full to the Happiness Pulse survey online you grant us a non-exclusive, royalty free, transferable, perpetual licence to use the anonymous data submitted for research purposes.
For more information on our data security, storage and sharing processes and systems click here.