HOPELINK

0800 068 41 41

Privacy Policy

Privacy Policy

Our Privacy Policy

PAPYRUS is the national charity dedicated to the prevention of young suicide. We are a registered charity (no.1070896) and a company limited by guarantee (no. 3555482). The registered charity address is Bankside 2, Crosfield Street, Warrington, Cheshire, WA1 1UP. ‘PAPYRUS Prevention of Young Suicide’ includes HOPELINE247 and six regional offices in the North West, West Midlands, Cardiff, Belfast, Glasgow and London.

We are a “data controller” for the purposes of the Data Protection Act 1998 and (from 25 May 2018) the EU General Data Protection Regulation 2016/679 (“Data Protection Law”). This means that we are responsible for, and control the processing of, your personal information.

We want to reassure you that we are committed protecting and respecting your privacy, to ensure that it is stored and processed in a fair and lawful way.

This policy explains when, why, and how we might use any personal data you provide to us, and how we keep it secure. Please read this carefully to understand our practices regarding your personal information.

If you have any questions about the way we store your data or about privacy practices you can talk to our Data Protection Officer.

You can contact us in the following ways:

Email: dataprotection@papyrus-uk.org
Phone:

    • 01925 572 444

Post:

    PAPYRUS Prevention of Young Suicide, Bankside 2, Crosfield Street, Warrington, Cheshire, WA1 1UP

When do we collect your information?

We may collect your information whenever you interact with us. This includes when you contact HOPELINE247, ask us about our activities and services, register your interest or sign up to an event or training; purchase something, apply to volunteer or otherwise provide us with your personal information.

It also includes when you phone us, visit our website, or get in touch via email, phone or post.

What information do we collect about you and why?

All the information we collect is to help young people, and those concerned about them, get the help they need when they are struggling with thoughts of suicide. We want to give you the best possible experience whether you contact HOPELINE247, donate, take part in our training, volunteer for us, or interact with us in any other way.

Personal information we collect depends on how you interact with us, you can read more about this below.

All the information we collect is to help young people, and those concerned about them, get the help they need when they are struggling with thoughts of suicide. We want to give you the best possible experience whether you contact HOPELINE247, donate, take part in our training, volunteer for us, or interact with us in any other way.

Personal information we collect depends on how you interact with us, you can read more about this below.

We want to protect the privacy of children aged 16 or under accessing our website and services. If you are aged 16 or under, please get your parent/guardian’s permission beforehand whenever possible before you provide us with your personal information.

Details of all individuals regardless of age will be treated with respect and stored securely as outlined within this policy.

When you contact HOPELINE247 you can choose to give your personal information or remain anonymous. If you provide us with any sensitive personal information by telephone, email, text, webchat or by other means, we will treat that information with extra care and confidentiality and always in accordance with this Privacy Policy.

If you are happy to share your personal details with staff members, or if you would like us to share your story with the media or other parties as part of our work telling people’s personal stories about suicide loss and prevention then please do let us know.

Our systems are designed so when you contact us via telephone, text or email your contact information is not directly visible to the advisor supporting you. This will only be accessed if we believe yourself or others close to you are at immediate risk of harm.

If you are contacting us via webchat we will be able to see your IP address, type of browser and the type of device being used.

When you contact us, we may ask for information such as:

  • Your name: this allows our advisors to access your notes if you call again preventing you from having to repeat your story several times, you can choose to use a fake name to maintain anonymity if you prefer.
  • Age: to assess the best signposting and resource options and to use appropriate language for you.
  • Location: knowing your local town or city can help us direct you to other local services in your area.
  • Gender: to ensure we use your preferred pronouns and allow signposting to appropriate organisations.

Please note, any of the above information is not required to access our services and is completely optional. If you provide us with any information it will be treated as confidential and only accessed by authorised staff members.

If you are at risk of immediate harm we may ask for your name, age, date of birth, phone number, address and current location and what you are wearing so we can contact the emergency services to get you support. More information about this can be found in our confidentiality policy.

When you fundraise or donate to PAPYRUS we need to collect certain pieces of information in order to best process this. Examples of this data include your name, address, contact details, tax payer status or date of birth.

We use this information to enable us to claim gift aid on eligible donations, or ensure you meet the necessary criteria for events like skydives.

When you donate to us via our website your data will be processed and protected by our secure payment provider Blackbaud Merchant Services to keep your data safe.

Our text to donate platform is operated by Donr who ensure your data is secure.

If you use third party fundraising platforms like JustGiving, Virgin Money Giving or Facebook your information will be securely processed by them and passed onto us to record and acknowledge your donation. It is advisable to check the privacy policy of the relevant platform you use to see how they use your data for their own purposes. Many of these sites also enable donors to donate anonymously, in which case your details will not be shared with PAPYRUS and we will be unable to acknowledge your donation.

When making an order through our shop we will also collect information necessary to fulfil your order such as your delivery and billing information. Payments for these orders are processed through PayPal.

When you sign up for a PAPYRUS training session we ask for information about yourself in order to process your booking and deliver the session.

Examples of this information include:

  • Your emergency contact details
  • Your employer and type of organisation
  • Your name, address and contact details
  • Any additional learning or dietary needs

We do this to ensure we can ensure appropriate safeguarding controls are in place whilst discussing sensitive topics, and to allow us review who is attending our training to ensure it is the best possible experience and accessible for all participants.

We also ask for feedback on our sessions, this is collected anonymously via SurveyMonkey and cannot be used to identify yourself. We use this data for quality assurance and development of our training products.

Some of our training sessions are provided to you free of charge due to funding provided by some of our organizational partners, these could be your local authority or employer. In these cases you will be made aware of this in advance and during the registration form you will be asked for your consent to share funding partners for recording and reporting purposes. Your details will not be shared for any marketing purposes, or shared with any other organisations other than those listed at the time of registration.

If you’re interested in becoming a PAPYRUS volunteer we will collect some information about yourself, your availability and interests to ensure you are suitable for the role.

Examples of this information include:

  • Your name, address, age and contact information
  • Your interests and hobbies
  • Your availability for volunteering
  • Your skills or qualifications

For certain volunteering opportunities, we may also require a DBS check and references, this will be made clear during the application process if necessary.

We utilise VolunteerHub to process this information, this ensures all of your data is protected and is only accessible to your regional volunteering team.

If you apply to work for us, then we collect and process personal data as part of the recruitment process, you can find further details on the data we collect and how we use it here.

When you visit www.papyrus-uk.org, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out such things as the number of visitors to the various parts of the site. This information is only processed in a way that does not directly identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

Our website, like most websites, also makes use of ‘cookies’, these can collect information about your computer, including where available; your IP address, operating system and browser type. This ensures our website is configured to display correctly on your device and software.

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website, so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites, even if you access those using links from our website.

In addition, if you have been linked to our website from a third-party site we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.

We aim to only use your personal information where we have your consent or because we need to use it in order to fulfil a contract with you, for example, because you have placed a shop order on our website.

However, there are other lawful reasons that allow us to process your personal information and one of those is called ‘legitimate interests’. This means we may use your information if there is a legitimate interest for PAPYRUS to do so in order to help us to achieve our vision of ensuring that all young people experiencing thoughts of suicide get both support and respect.

Whenever we process your Personal Information under the ‘legitimate interest’ lawful basis we make sure that we consider your rights and interests. You also have the right to object to your data being used in this manner, for example you can opt-out of all communications from PAPYRUS.

Some examples of where we have a legitimate interest to process your Personal information are where we contact you about our work via post, use your personal information for data analytics, conducting research to better understand who our supporters are, improving our services, for legal purposes (for example, dealing with complaints and claims), or for complying with guidance from the Charity Commission.

Examples of how we may use your information include:

  • to ensure our website content is presented in the best for you and your device
  • allow you to use interactive features of our services, when you choose to do so
  • process a donation or payment that you have made, including Gift Aid
  • process an order that you have submitted, or fulfil another contract of this nature
  • keep a record of your relationship with us
  • view or process your form submissions
  • notify you of changes to our services
  • send communications which you have requested or that may be of interest to you
  • allow you to sign up for events e.g. London Marathon or Skydive.

You have various rights in respect of the personal information we hold about you – these are set out in more detail below. If you wish to exercise any of these rights or make a complaint, you can do so by contacting our Data Protection Officer:

Email:

    • dataprotection@papyrus-uk.org

Post:

    • PAPYRUS Prevention of Young Suicide, Bankside 2, Crosfield Street, Warrington, Cheshire, WA1 1UP

Phone:

    • 01925 572 444

You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office via their website or by calling 0303 123 1113

Access to your personal information: You have the right to request access to a copy of the personal information that we hold about you, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and if it has been used for any automated decision making. You can make a request for access free of charge. Requests can be made verbally and in writing, and you should provide us with evidence of your identity. We can provide the data electronically or verbally if requested.

Right to object: You can object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party). You also have the right to object where we are processing your personal information for direct marketing purposes. Please contact us as noted above, providing details of your objection.

Consent: If you have given us your consent to use personal information (for example, for marketing), you can withdraw your consent at any time.

Rectification: You can ask us to change or complete any inaccurate or incomplete personal information held about you.

Erasure: You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it.

Portability: You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.

Restriction: You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.

No automated-decision making: Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. You have the right not to be subject to automated decisions that will create legal effects or have a similar significant impact on you, unless you have given us your consent, it is necessary for a contract between you and us or is otherwise permitted by law. You also have certain rights to challenge decisions made about you. We do not currently carry out any automated decision-making.

Who has access to your information?

We undertake regular reviews of who has access to the information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors who require access for the fulfilment of their duties.

We will never sell or rent your information to third parties or share your information with third parties for marketing and advertising purposes.

We may pass your information to our third-party services providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. For example, in order to claim Gift Aid, we need to disclose information about you and your gifts to HMRC.

When we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have contracts in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.

Please be reassured that we do not release your information to third parties beyond the PAPYRUS Prevention of Young Suicide network for them use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law. This may include a court order, or for the prevention of fraud or other crime.

When you are using our secure online donation pages, your donation is processed by third-party processors such as PayPal and Blackbaud Merchant Services that specialise in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.

When you give us personal information, we take steps to ensure that it is treated securely.

Any sensitive information, such as credit or debit card details, are encrypted and protected by our third-party providers, we do not store any payment details on our own systems.

Non-sensitive details, such as your email addresses, if transmitted normally over the internet or in the post, can never be guaranteed to be 100% secure. As a result, while we strive to protect your security, we cannot guarantee the security of any information you transmit to us and you do at your own risk.

Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given, or where you have chosen, a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Security precautions are in place to protect the loss, misuse or alteration of your information.

Some of our premises operate CCTV systems, so you may be recorded when you visit them. CCTV is installed for the security of PAPYRUS staff, volunteers and visitors, and to prevent the loss or damage of charity property.

At our Head Office in Warrington this is controlled and operated by PAPYRUS, but across our regional offices this is not operated by us, so we are not the controller. It will be under the control of the relevant building landlord.

CCTV footage will only be viewed when necessary, for example to detect or prevent a crime; and is only stored on a temporary basis, unless required for evidence, with access restrictions in place.

As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside of the United Kingdom (‘UK’) and the European Union (‘EU’). This may happen if any of our servers are from time to time located in a country outside the UK or EU. Countries outside the UK or EU which hold information must also adhere to the General Data Protection Regulation. By submitting your personal data, you are agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.

If you use our services while you are outside the UK or EU, your information may be transferred outside the EU in order to provide you with those services.

We keep this Policy under regular review, this policy was last updated in March 2023.

This Policy might change or be updated from time to time, so please check this page occasionally to ensure that you are happy with any changes. If it changes, we will let you know on our website.

Need Help?
Suggest Feedback
X