The Catholic Grandparents Association
Data Protection Privacy Statement
The Catholic Grandparents Association (CGA) is a registered Charity No: 20074104
The Association is managed by a body of trustees. The Founder of the Association, Catherine Wiley, is an ex-officio member of this body, from which are chosen also the President and Vice-President. The Association has a permanent office. It is staffed by volunteers and handles correspondence, publications, and other administrative details. It also maintains this website.
Address: 21 Oak St, Fakenham NR21 9DX
This Privacy Statement should be read carefully to
understand how the Catholic Grandparents Association (CGA) collects,
uses and stores personal data (meaning any information
relating to an identifiable person who can be directly or
indirectly identified in particular by reference to an identifier).
The CGA is committed to protecting the privacy of its members, guests, supporters
and all other parties whose details it is from time to time made privy to (“Affiliates”).
When Affiliates interact with the CGA by phone, mail, in person or online, the CGA
receives personal information.
This Privacy Statement tells Affiliates about how the CGA
collects, uses and stores Affiliates’ personal information.
If Affiliates have any queries about this Privacy
Statement, the CGA should be contacted at
How the CGA collects information about Affiliates
The CGA may collect and store information about
Affiliates whenever there is interaction with
For example, when an Affiliate:
• becomes a member of the CGA
• makes a donation
• becomes a volunteer
• purchases goods
• signs up for information on the CGA website
• gives the CGA any other personal information.
What information the CGA may collect
When there is interaction with the CGA, it may ask
Affiliates to provide their names, addresses, email
addresses, telephone numbers and other personal
information. The CGA may also ask for details relating to
residential stays, donations, gift aid and other payments
where these details are necessary.
How the CGA uses Affiliates’ information
The CGA will collect data from Affiliates for the
• Administration of membership(s)
• Management of Affiliates’ participation as
volunteers or guests during its activities
• Fulfilment of orders for goods and services
• Administration of donations and legacies
• Research and statistical analysis
• Communication about membership, events,
fundraising and other activities that the CGA
think may be of interest to Affiliates
• Compliance with its administrative duties,
financial regulations and the law
Personal details collected in this way will only be used to
provide the CGA with information it would reasonably
expect, or to which Affiliates have agreed to, in
accordance with this Privacy Statement.
The CGA promises to comply with its duties under the
legislation to keep Affiliates’ details secure. The CGA will
only share them with suppliers or professional agents
working on its behalf, who comply with GDPR.
When the CGA receives Affiliates’ data, the CGA will store
them in its database. This database may only be
accessed by certain employees and always via a secure
password. Employees may be given access to Affiliates’
data on the database, as necessary, to enable Affiliates’
participation in the activities of the CGA.
The CGA may use the details that Affiliates give it
in order to contact them, unless they ask it not to. The CGA
will contact Affiliates to provide information about
future activities in which they could participate,
development plans or about fundraising
opportunities. If Affiliates have given the CGA their
postal addresses, email addresses or phone numbers and
would prefer not to be contacted by these means, they
can email the CGA at
The legal basis on which the CGA relies for processing
Affiliates’ data will be at least one of the following:
• Affiliates have provided their consent for the CGA
to use their data in a certain way.
• It is necessary for the CGA to store and process
Affiliates’ data to comply with a legal obligation to which
the CGA is subject.
• It is in the CGA’s legitimate interests to process
Affiliates’ data, e.g. in order to administer
Affiliates’ membership, process donations and
administer the charity, provided this is not
unwarranted by reason of prejudice to them.
(The CGA’s legitimate interest in such cases is to raise
funds in pursuance of its charitable purposes.
When the CGA processes personal information
for its legitimate interests, the CGA makes sure
that it considers and balances any potential
impact on Affiliates, both positive and negative,
and their rights under data protection laws. The
CGA will not use Affiliates’ personal data for
activities where its interests are overridden by the
impact on them, unless the CGA has their consent
or is otherwise required or permitted to by law.)
The CGA will only send Affiliates marketing information
by e-mail, SMS/text, post or phone if they have given it
specific consent. The CGA will contact Affiliates for the
following purposes: to give them information about
forthcoming events and activities, or to support the
work of the CGA. If Affiliates withdraw their consent and
then subsequently opt in, then their most recent
preference may supersede such withdrawal.
Affiliates can opt out of the CGA using their personal
details for marketing at any time by emailing
How the CGA protects Affiliates’ personal information
The CGA aims to take appropriate physical, electronic
and managerial measures to ensure that it keeps
Affiliates’ information secure, accurate and up-to-date
and that the CGA only keeps it as long as is reasonable
Although the CGA uses appropriate security measures,
once the CGA has received Affiliates’ personal
information, the transmission of information over the
internet is never completely secure. The CGA does its
best to protect personal information. The CGA cannot,
however, guarantee the security of information
transmitted from the CGA website. Therefore,
any transmission is at the user’s own risk.
How long the CGA keeps Affiliates’ data
The CGA will keep Affiliates’ personal data for no longer
than is necessary for the purposes for which it is
If Affiliates ask the CGA not to contact them any more,
the CGA will keep some basic information about them
on its suppression list, in order to avoid sending them
unwanted materials in the future.
Affiliates’ credit card information
If Affiliates use their credit cards to donate
to the CGA, buy something from the CGA or make a booking via the
CGA website, the CGA may pass Affiliates’ credit
card details securely to its payment processing partner as
part of the payment process. The CGA does this in accordance with the Payment Card Industry Security
Standards. The CGA does not store any credit card details on the website.
The CGA will continue to hold, where relevant, personal
information for the duration of Affiliates’ membership
of the CGA, and following their death, resignation or expulsion such data will be securely
How to find out what personal information the CGA holds about Affiliates
Affiliates can request details of the personal information
the CGA holds about them under the GDPR. If Affiliates
would like a copy of the information the CGA holds on
them, in the first instance they should email the CGA
or write to 21 Oak St, Fakenham NR21 9DX, England.
How to change the personal information the CGA hold about Affiliates.
If Affiliates want to update the information the CGA holds for them, or if they think any information the CGA
holds about them is incorrect or incomplete, or if they
wish the CGA to delete the information that it holds
about them, they should get in touch as soon as possible.
Affiliates should let the CGA know if they have any
queries or concerns about the way that their data is
being processed, by contacting the CGA as above. They are also
entitled to make a complaint to the Information
Commissioner’s Office. For further information see the
Information Commissioner’s guidance at