Privacy policy and cookies

Privacy policy and cookies
Green Alliance is committed to protecting and respecting your privacy. We don't collect personal data and we don't use cookies to collect personally identifiable information about you.

Green Alliance privacy notice
The Green Alliance Trust (registered charity number 1045395 and company number 3037633) is committed to protecting your privacy. At all times we aim to respect any personal information you share with us, or that we receive from other organisations, and keep it safe. This Privacy Notice ('Notice') sets out our data processing practices when you interact with us and your rights and options regarding the ways in which your personal information is used.

This notice contains important information about your personal rights to privacy. Please read it carefully to understand how we use your personal information.

The provision of your personal information to us is voluntary. However, without providing us with your personal information, your use of our services may be impaired.

1. We collect information about you:

1.1 When you give it to us directly
For example, personal information that you give us by signing up for our email newsletter or contacting us by email, phone or letter.

1.2 When we obtain it indirectly
For example, your personal information may be shared with us by third parties including, for example, our business partners; analytics providers and search information providers. To the extent we have not done so already, we will notify you when we receive information about you from them and tell you how and why we intend to use that information.

1.3 When it is available publicly
Your personal information may be available to us from external publicly available sources. For example, depending on your privacy settings for social media services, we may access information from those accounts or services (for example when you choose to interact with us through platforms such as Facebook, LinkedIn or Twitter).

1.4 When you visit our website
When you visit our website, we automatically collect the following types of personal information:

a. Technical information, including the internet protocol (IP) address used to connect your device to the internet, browser type and version, time zone setting, browser plug-in types and versions and operating systems and platforms.

b. Information about your visit to the websites, including the uniform resource locator (URL) clickstream to, through and from the site (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, referral sources, page interaction information (such as scrolling and clicks) and methods used to browse away from the page.

c. We also collect and use your personal information by using cookies on our website – please see our Cookie Notice at the bottom of the page.

In general, we may combine your personal information from these different sources for the purposes set out in this notice.
 
2. What personal information do we process?

We may collect, store and otherwise process the following kinds of personal information:

a. your name and contact detail, including postal address, telephone number, email address and, where applicable, social media identity;

b. information about your computer/mobile device and your visits to and use of this website, including, for example, your IP address and geographical location;

c. information about our services which you use/which we consider may be of interest to you; and/or

d. any other information shared with us as per clause 1.

2.2 Do we process special categories of personal information?

The General Data Protection Regulation ('GDPR') recognises certain categories of personal information as sensitive and therefore requiring more protection, for example information about your health, ethnicity and political opinions.

In certain situations, Green Alliance may collect and/or use these special categories of your personal information. We will only process these special categories of your personal information if there is a valid reason for doing so and where the GDPR allows us to do so.

3. How and why will we use your personal information?

Your personal information, however provided to us, will be used for the purposes specified in this notice. In particular, we may use your personal information.

a. to provide you with services, products or information you have requested;

b. to enable you to participate in our projects / campaigns;

c. to process your membership application / administer your membership;

d. to provide further information about our work, services, activities or products (where necessary, only where you have provided your consent to receive such information);

e. to answer your questions/requests and communicate with you in general;

f. to allow you to make donations / support our projects;

g. to manage relationships with our supporters;

h. to achieve our aims as a charity and independent think tank focused on achieving ambitious leadership for the environment;

i. to analyse and improve our work, services, activities, products or information (including our website);

j. to report on the impact and effectiveness of our work

k. to run/administer our website, keep the website safe and secure and ensure that content is presented in the most effective manner for you and for your device;

l. to register, administer and personalise online accounts;

m. to register and administer your participation in events;

n. to process your application for a job or volunteer role with us;

o. to audit and/or administer our accounts;

p. to satisfy legal obligations which are binding on us, for example in relation to regulatory, government and/or law enforcement bodies with whom we may work (for example requirements relating to the payment of tax or anti-money laundering);

q. for the prevention of fraud or misuse of our services; and/or

r. for the establishment, defence and/or enforcement of legal claims.

4. Supporter research

We may also analyse your personal information to create a record of your interests and preferences. This allows us to ensure communications are relevant and timely, to contact you in the most appropriate and relevant way and in general to provide you with an improved user experience. It also helps us to understand the backgrounds of our supporters.

5. Communications for marketing/ fundraising

We may use your contact details to provide you with information about our work, events, services and/ or products which we consider may be of interest to you (for example, about services you previously used, or updates about fundraising appeals and/or volunteering opportunities via our newsletter).

Where we do this via email, SMS or telephone (if you are registered with the Telephone Preference Service), we will not do so without your prior consent.

You can opt out of receiving emails from Green Alliance at any time by clicking the 'unsubscribe' link at the bottom of our emails.

6. Donations

When you use our secure online donation function you will be directed to a specialist payment services provider who will receive your financial information to process the transaction. We will provide your personal information to the payment services provider only to the extent necessary for the purpose of processing your donation.

7. How long do we keep your personal information?

In general, unless still required in connection with the purpose(s) for which it was collected and/or processed, we remove your personal information from our records six years after the date it was collected. However, if before that date (i) your personal information is no longer required in connection with such purpose(s), (ii) we are no longer lawfully entitled to process it or (iii) you validly exercise your right of erasure (please see section 12 below), we will remove it from our records at the relevant time.

If you request to receive no further contact from us, we will keep some basic information about you on our suppression list in order to comply with your request and avoid sending you unwanted materials in the future.

8. Lawful bases

The GDPR requires us to rely on one or more lawful bases to process your personal information. We consider the grounds listed below to be relevant:

a. Where you have provided your consent for us to use your personal information in a certain way (for example, we will ask for your consent to use your personal information to send you promotional or fundraising material by email, and we may ask for your explicit consent to collect special categories of your personal information).

b. Where necessary so that we can comply with a legal obligation to which we are subject (for example, where we are obliged to share your personal information with regulatory bodies which govern our work and services).

c. Where necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering a contract (for example, if you apply to work for/ volunteer with us).

d. Where it is in your/someone else’s vital interests (for example, in case of a medical emergency).

e. Where there is a 'legitimate interest' in us doing so.

8.2 Legitimate interests

The GDPR allows us to collect and process your personal information if it is reasonably necessary to achieve our or others’ legitimate interests (as long as that processing is fair, balanced and does not unduly impact your rights).

In broad terms, our 'legitimate interests' means the interests of running Green Alliance as a charitable entity and pursuing our aims and ideals; for example providing information about our projects, involving you in our campaigns, processing donations, administering events and advertising our services. However, 'legitimate interests' can also include your interests, such as when you have requested information or certain goods/ services from us, and those of third parties (for example, beneficiaries of our work and services).

When we process your personal information to achieve such legitimate interests, we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. We will not use your personal information for activities where our interests are overridden by the impact on you, for example where use would be excessively intrusive (unless, for instance, we are otherwise required or permitted to by law).
 
9. Will we share your personal information?

Occasionally we share your personal information with third parties in order to deliver services, such as mailing houses (Park Lane Press), booking systems (Eventbrite) or enews providers (Mailchimp). We undertake regular due diligence checks on third party processors to ensure they are acting within the GDPR.

We do not share personal information for any other purpose than to carry out communications about our charitable activities.

We may need to disclose your personal information upon request to regulatory and government bodies as well as law enforcement agencies. We may also merge or partner with other organisations and, in so doing, acquire or transfer personal information but your personal information would continue to be used for the purposes set out above.

10. Security/ storage of and access to your personal information

10.1 Green Alliance is committed to keeping your personal information safe and secure and we have appropriate and proportionate security policies and organisational and technical measures in place to help protect your information. For example, your personal information is only accessible by appropriately trained staff, volunteers and contractors, and stored on secure servers with features enacted to prevent unauthorised access.

10.2 In general, the personal information that we collect from you will be stored at a destination within the UK or European Economic Area ('EEA'). However, your personal information may sometimes be transferred or stored outside the EEA.

10.3 Please note that some countries outside of the EEA may have a lower standard of protection for personal information, including lower security requirements and fewer rights for individuals. Where your personal information is transferred, stored and/or otherwise processed outside the EEA in a country that does not offer an equivalent standard of protection to the EEA, we will take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards (such as by entering into standard contractual clauses) designed to protect your personal information and to ensure that your personal information is treated securely and in accordance with this Notice.

10.4 Unfortunately, no transmission of your personal information over the internet can be guaranteed to be 100% secure – however, once we have received your personal information, we will use strict procedures and security features to try and prevent unauthorised access.

11. Exercising your Rights

a. Right of access – you can write to us to ask for confirmation of what personal information we hold about you and to request a copy of that information. Provided we are satisfied that you are entitled to see the information requested and we have successfully confirmed your identity, we will provide you with your personal information subject to any exemptions that apply.

b. Right of erasure – at your request and where you are entitled to, we will delete your personal information from our records as far as we are required to do so. In many cases we would propose to suppress further communications with you, rather than delete it.

c. Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated. You can also ask us to check the personal information we hold about you if you are unsure whether it is accurate/ up to date.

d. Right to restrict processing – you have the right to ask for processing of your personal information to be restricted if there is disagreement about its accuracy or legitimate usage.

e. Right to object – you have the right to object to processing where we are (i) processing your personal information on the basis of the legitimate interests ground, (ii) using your personal information for direct marketing or (iii) using your information for research or statistical purposes.

f. Right to data portability – to the extent required by the GDPR, where we are processing your personal information by automated means and either (i) because we have obtained your consent, or (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contact, you may ask us to provide your personal information to you – or another service provider – in a machine-readable format.

g. Rights related to automated decision-making – you have the right not to be subject to a decision based solely on automated processing of your personal information which produces legal or similarly significant effects on you, unless such a decision (i) is necessary to enter into/ perform a contract between you and us/ another data controller; (ii) is authorised by EU or Member State law to which Green Alliance is subject (as long as that law offers you sufficient protection); or (iii) is based on your explicit consent. We may ask you for additional information to confirm your identity and for security purposes, before disclosing personal information requested to you. 

Please note that some of these rights only apply in limited circumstances. For more information, we suggest that you contact us using the details in section 15 below.

You are further entitled to make a complaint about us or the way we have processed your data to the data protection supervisory authority in your home country. In the UK this is the Information Commissioner’s Office. For further information on how to exercise this right, please contact us using the details below.

12. Changes to this notice

We may update this Notice from time to time so please check back periodically. We will notify you of significant changes by contacting you directly and by placing a notice on our website. This notice was last updated on 17 May 2018.

13. Links and third parties

We link our website directly to other sites. This notice does not cover external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy notices of any external websites you visit via links on our website.

14. How to contact us

Please let us know if you have any questions or concerns about this notice or about the way in which Green Alliance processes your personal information by contacting us at the following channels:

Email: ga@green-alliance.org.uk

Telephone: +44 (0)20 7233 7433

Post: Green Alliance Trust, 4th Floor, 11 Belgrave Road, London SW1V 1RB

Please mark the message for the attention of / ask for the Data Privacy Manager.

If you would like to learn more about cookies, please visit the ICO website: https://ico.org.uk/for-the-public/online/cookies

If you wish to restrict or block the cookies which are set by our website or, indeed, any other website, you can do this through your browser settings. The 'help' function within your browser should tell you how. Alternatively, you may wish to visit www.aboutcookies.org which contains comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your machine as well as more general information about cookies. Please be aware that restricting cookies may have an impact on the functionality of our website.

Types of cookies
 
Strictly necessary cookies 
These cookies are essential to enable you to move around the website and use its features.
 
Performance cookies 
These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works. 
 
Functional cookies 
These cookies allow a website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites. 
 
Targeting cookies 
These cookies are used to deliver adverts more relevant to you and your interests They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisation.
 
Cookies used on our site:
 
We do not provide shopping and e-billing services and do not collect personal data. We do not feature personally targeted features, such as customisation and advertising. On our site, third party services we use, like Issuu (for reading publications) and Slideshare (for viewing presentations), may use functional and targeting cookies (see above). The table below lists the cookies found on our site:
 
Cookie Name Purpose Category
EKTGUID 3rd Party: Ektron. This user ID cookie is used to track visitors to the site. A unique identifier for the current visitor is generated for all visitors, including anonymous visitors, and assigned to the visitor at the time they first arrive on the site. 
We use this information to uniquely identify the user when they perform unauthenticated actions on the site, such as commenting on content, and also to compile reports on visitor usage. 
This cookie may also be used when performing anonymous ecommerce shopping cart functions in which case it is "Strictly necessary" This cookie expires after 1 year.
Performance
EkAnalytics 3rd Party: Ektron. Built-in analytics tracking (not Google) Performance
ecm 3rd Party: Ektron.This cookie is used by the Ektron application to store information about the anonymous and logged in visitor, including language, currency, user culture, and site information. For authenticated users, the user id and a unique ID are stored, and compared with the values on the server to determine valid authentication.
The cookie will expire at the end of the session (when you close your browser).
Strictly necessary
RadEditorGlobal
SerializeCookie
3rd Party: Ektron. This cookie is s Ektron text editor et by the ewededit400 editor to store the size, position and visibility of its toolbars and modules on the client. It is set to be a site wide cookie available to all pages so as all editors on a site to retain the same user settings, rather than having the user reset them for each page with an editor. Performance
ASP.NET_SessionId ASPNET. This cookie is the default one used by the site to uniquely identify the user's session on the site and relates the visitor's unique session to server side data. Our application uses the session to track the user's progress in wizards or for passing data which cannot be stored locally.
The cookie will expire at the end of the session (when you close your browser).
Strictly necessary
_utma 
_utmb 
_utmc 
_utmz
3rd Party: Google Analytics. Multiple expiry dates (session, 1 day, 6 months, 2 years) depending on cookie name/function. Data is only used in aggregate. 

_utma: Determines unique visitors and is updated with each page view. Also provides an unique ID that is used to ensure the validity and accessibility of the cookie as an extra security feature. 

_utmb: Establishes and continues an user session on our site

_utmc: This cookie is no longer used by tracking code to determine session status. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether or not to establish a new session for the user. For backwards compatibility purposes this cookie will continue to be written and will expire when the user exits the browser. 

_utmz: Stores the type of referral used by the visitor to reach our site: a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, advertisement campaigns and page navigation. 

More information on Google cookies.
Performance
_utma 
_utmb 
_utmc 
_utmz 
Imsc / itrack / _qca /_qads
3rd Party: ISSUU. Cookies created by ISSUU when Green Alliance embeds publications into site pages and a user interacts with embedded object. __qca / __qads: These cookies have a persistent life span. 

More information on ISSUU's privacy policy.
Functionality and Sharing / Targeting
_utma 
_utmz 
/ v6f / uid / _qca
3rd Party: Vimeo. Cookies created by Vimeo when Green Alliance embeds publications into site pages and a user interacts with embedded object. These cookies maintain your login state and auto log you into your Vimeo account should you have one and choose to auto log-in. Vimeo account login information is encrypted in the cookie. Functionality and Sharing / Targeting
__atuvc / uit / di / dt / uid / uvc / psc / sshs /ssh / ssc / loc / atgotcode / user_segment 3rd Party: AddThis. Social media sharing functions used on home page, blog and news. 

Some of these session based cookie expire at the end of the session (when you close your browser). 

The remainder persistent Cookies (which stay on your computer until you delete them) provide you with a more personal interactive experience. 

More information on AddThis's opt out etc.
 
_utmv 
_utma 
_utmb 
_utmc 
_utmz 
/ _qca /_qads 
mp_super_properties
3rd Party: SlideShare. Cookies created by SlideShare when Green Alliance embeds slideshows into site pages and a user interacts with embedded object. 

SlideShare use cookies for two purposes: 1. Persistent cookies to save your registration ID and login password for future logins to SlideShare. 2. Session ID cookies to enable certain features of the Site, to better understand how you interact with the Site and to monitor aggregate usage by Visitors and web traffic routing on the Site. Unlike persistent cookies, session cookies are deleted from your computer when you log off from the Site and Service and then close your browser. 

More information on on SlideShare's privacy policy.
Functionality and Sharing/Targeting