Snow Camp's Privacy Policy

Snow Camp is run by the national youth charity Switch180.

Switch180 rely on the generosity and support of individuals like you to carry out our vital work with young people. That is why we want to be transparent about why we need the personal details we request when you engage with us and how we will use them. We take your privacy seriously and your information will be used in accordance with the General Data Protection Policy (GDPR).

GDPR serves one purpose: To protect individuals’ rights regarding personal data balanced against the rights of the organisation holding their personal data. Switch180 is committed to protecting the personal data that we collect and process about you. We aim to be clear and transparent and not do anything you wouldn’t reasonably expect. We collect and use personal data to ensure that we can manage our relationships with our stakeholders. This allows us to fundraise more efficiently and effectively to ultimately help us reach our goal of providing more opportunities to turn young people’s lives around.

Please read this policy carefully to understand how we collect, use and store your personal information.

The privacy policy covers the following:
– Who we are
– Where Switch180 collects its information from
– What information Switch180 could collect about you
– How Switch180 will use the information we collect
– Where Switch180 will disclose your details
– How to access, correct or delete your information
– How we keep your data safe
– How long we store your data for
– Links to other websites
– Further information

By providing us with personal information, you consent to the collection and use of this information in accordance with this Privacy Policy. We will communicate any changes to this policy via email with a copy of the updated version. If you have any questions about this Privacy Policy please contact hello@switch180.org.uk.

Who we are

Switch180 is a national youth charity providing life changing services to young people. Our mission is to turn young lives around through delivering innovative services focusing on physical and mental health support.

To achieve this, we run two services called Snow Camp and Stop.Breathe.Think, which support young people in the UK’s most disadvantaged areas.
Switch180 is registered as a charity in England and Wales (registered number 1101030) and Scotland (registered OSCR SC043344).

The Head Office address is 306a Portland Road, Hove, BN3 5LP.

How do we collect information from you?

Switch180 obtain personal information from you when you complete an online form, register for a newsletter, take part in an event or make a donation.

We also receive information about you from independent third parties, including Just Giving and youth organisations. We will only receive data from third parties in this way if you have given your consent for your data to be passed on to us. You should check their Privacy Policy when you provide your information to understand how they will process your data.

We may collect information about the digital channels you use and how you use them, for example, like when you watch a video about the charity on social media, visit our websites or view and interact with our ads and content digitally. This is so that we can create relevant, interesting content for you and those who are interested in the charity.

We obtain some information from publicly available sources such as Companies House, newspaper articles or open postings on social media such as Facebook and LinkedIn.

What type of information is collected from you?

Users will have to actively opt in to receive communications from Switch180 and our programmes Snow Camp and Stop.Breathe.Think, boxes are not pre-ticked.
Users can opt-in through newsletter sign-ups and online forms. Users can unsubscribe at any time, by clicking unsubscribe or by contacting Switch180 via email.

The types of personal information that Switch180 collects may include:
– Your title, name, gender and date of birth
– Your contact details (address, email, phone number)
– Family and spouse/partner details, relationships to other supporters;
– Your professional activities and employment details;
– Current interests and activities
– Gift aid status and records of donations;
– Contact preferences;
– Your IP address, location, browser type and information on how you interact on our website
– In some limited circumstances, the personal information that Switch180 collects may include information that is considered “sensitive data”. This may include personal information regarding racial or ethnic origins, religious beliefs, health and also information concerning criminal offences.

If you make a donation online your card information is not held by us, it is collected by our third-party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions.

Where appropriate we may also ask your interests and motivation for supporting Switch80 we will never make this question mandatory, and only want to know the answer if you are comfortable providing us with that information.

17 or under

We are concerned to protect the privacy of children aged 17 or under. If you are aged 17 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information or sending sensitive information to anyone online.

How is your information used?

If you are accessing one of our programmes, Switch180 will use your information to run, fund, develop and evaluate them. If you support us, for example by making a donation, volunteer, register to fundraise or sign up for an event we will mainly use your data to:
– Send you communications through our newsletter
– Provide you with the services, or information that you asked for; as well as information about other services, or information we think might interest you where you have consented to being contacted
– Administer your donation or support your fundraising, including processing Gift Aid
– Send you surveys, and for market research
– Invite you to events
– Keep a record of your relationship with us and record the contact we have with you
– Ensure we know how you prefer to be contacted

Tools may be used to improve the effectiveness of Switch180 communications with you, including tracking whether you open the emails we send you and which links you click within a message. We may also use personal information to carry out due diligence so that we are fundraising in accordance within the law, and our internal policies and procedures.

We are legally required to hold some types of information to fulfil our statutory obligations (for example the collection of Gift Aid). We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

Who might we share your information with

We will not share your information with third parties for marketing purposes. We are committed to protecting your data and therefore it will never be disclosed or sold to external organisations other than those acting as agents and data processors carrying out work on our behalf. Where we enter a relationship with an external party, any such arrangements will be subject to a formal agreement between Switch180 and that organisation to protect the security of your data. They only act under our instructions and we maintain full responsibility for your data.

Third Parties Switch180 work with:
– Data processors which are compliant with GDPR: Stripe, Microsoft 365, Donorfy, Iaptus, Just Giving, Wufoo, Upshot and Mailchimp.
– When you are using our secure online donation pages, your donation is processed by a third-party payment processor called Stripe, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.
– Suppliers, outside caterers (for dietary requirements) venues etc for Switch180 events.
– Our delivery partners within the UK or abroad to enable is to deliver our programmes effectively.

How you can access and update your information

We continuously review records of supporters to ensure your data is as accurate as possible and always appreciate it if you let us know if your contact details change. If you change email address, or any of the other information we hold is inaccurate or out of date, please email us at hello@switch180.org.uk
You have the right to ask for a copy of the information we hold about you.

How will we store your information and keep it safe?

Prior to the deadline of the GDPR policy on 25th May 2018 a data review has been carried out. During the audit all existing data was reviewed and updated or deleted as appropriate. Existing users were contacted and given the option to opt in to future communications.

Switch180 store personal details on Donorfy, Upshot and Iaptus database systems which can only be accessed by Switch180 staff. Iaptus is also accessed by our Stop.Breathe.Think service provider JHD Counselling Services Limited. Many systems have two-step authentication and Iaptus has a token access security system.

The information provided will be securely stored within our database and our third party email communication tools. Your data will only be accessed by authorised personnel and authorised parties who are responsible for the maintenance and security of our digital systems. Within our offices all of our staff receive training on handling data securely. In the event of staff leaving the company user accounts will be removed and passwords changed. An up to date anti-virus software is installed on all devices with access to personal information. Passwords are changed every 6 months.

Switch180 sometimes store personal details in password protected Excel files on Microsoft 365, accessible by relevant staff only. Password protected Excel files are only saved on the desktop of a password protected device with up to data anti–virus protection for the duration that they are needed. Data is only printed if absolutely necessary and shredded immediately after use.

Anonymised data will be used to create statistics.

In case of breach Switch180 will notify both users and the ICO within 72 hours. Despite all of our precautions no data transmission over the internet can be guaranteed to be 100% secure. So, whilst we will always strive to protect your personal information, we cannot guarantee the security of any information which you disclose to us and so wish to draw your attention that you do so at your own risk.

How long we store your data for

You have a choice about whether or not you wish to receive information from us. We will hold your personal information on our systems for 15 years. If you do not want to receive direct marketing communications from us about the vital work we do and our exciting services, then you can opt out by emailing us hello@switch180.org.uk or by ticking the relevant boxes to opt out box situated on the form on which we collect your information.

If a user requests to opt out of communications their account will be made ‘dormant’ and they data will still be visible for reference but they will no longer be contacted. If a user requests for their data to be deleted the implications will be explained (if they have bought a ticket for an event that has not yet taken place) and their data will be deleted from all systems.

If you request that we stop sending you marketing materials we will keep a record of your contact details and appropriate information to enable us to comply with your request not to be contacted by us, we won’t keep any information that we don’t need.

Links to other websites

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access those using links from our website.

In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.

Further information

The laws governing how your personal data can be used are:

– The General Data Protection Law (GDPR) 25th May 2018
– The Privacy and Electronic Communications Regulations 2003
– We also follow the best practice code set out by the Fundraising Regulator: Code of Fundraising Practice.

Review of the Privacy Policy

We keep the Privacy Policy under regular review. This Policy was last updated: 1st April 2022.

Cookie	Duration	Description
__stripe_mid	1 year	This cookie is set by Stripe payment gateway. This cookie is used to enable payment on the website without storing any patment information on a server.
__stripe_sid	30 minutes	This cookie is set by Stripe payment gateway. This cookie is used to enable payment on the website without storing any patment information on a server.
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_UA-30856754-1	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gcl_au	3 months	This cookie is used by Google Analytics to understand user interaction with the website.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_hjAbsoluteSessionInProgress	30 minutes	No description available.
_hjFirstSeen	30 minutes	This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_hjid	1 year	This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjIncludedInPageviewSample	2 minutes	No description available.
_hjTLDTest	session	No description available.
CONSENT	16 years 4 months 7 days 14 hours	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
fr	3 months	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.
yt-remote-connected-devices	never	These cookies are set via embedded youtube-videos.
yt-remote-device-id	never	These cookies are set via embedded youtube-videos.
yt.innertube::nextId	never	These cookies are set via embedded youtube-videos.
yt.innertube::requests	never	These cookies are set via embedded youtube-videos.