Privacy policy

Benefact Trust is committed to the privacy and confidentiality of information that you provide to us. This privacy notice describes our current policies and practices with regard to personal information collected and used by us. Please take your time to read this notice carefully. When using our website, this notice should be read alongside the website terms and conditions.

1. About us

2. Our processing of your personal information

3. What marketing activities do we carry out?

4. Automated Decision-Making

5. How long do we keep your personal information for?

6. What is our approach to sending your personal information overseas?

7. How do we protect your personal information?

8. Your rights

9. Contacting us

10. Updates to this Notice

1. About us

Benefact Trust Limited ("we", "us", "our") is a registered independent charity and one of the UK's largest grant-making Trusts. We grant funds to support the repair, restoration and wider community use of churches and cathedrals of all denominations and we support charities, schools and colleges. Our funds come from our ownership of the Benefact Group and we are the parent company of the Ecclesiastical group of companies.

In providing grants, we need to collect and process data so that we can review your application for a grant and to administer funding for any successful grants. This makes us a "data controller".

If you are unsure about who the data controller of your personal information is, you can also contact us at any time by e-mailing us at info@benefacttrust.co.uk or by writing to Data Protection Officer at Benefact Trust Limited, Benefact House, 2000, Pioneer Avenue, Gloucester Business Park, Brockworth, Gloucester, GL3 4AW, United Kingdom

2. Our processing of your personal information

Depending on our relationship with you (for example if you enquire about a grant or if you are a recipient of an existing grant with us or whether you are a user of our website) we will collect different types of personal information about you and use it for different purposes.

From time to time we may ask you to provide or we may receive information relating to your religious or philosophical beliefs as part of your grant application; this is known as your "sensitive personal information" otherwise known in data protection laws as "special categories of personal information".

Where you provide personal information to us about other individuals we will also be data controller of and responsible for their personal information. You should refer them to this notice.

Enquirer about grants

If you have contacted us to enquire about the grants we offer, this section will be applicable to you and will provide key information about how we use your personal information.

What personal information will we collect?

Your name and title, address, telephone numbers and email addresses
Your IP address
Information which is related to your enquiry such as your position, the organisation you work for and circumstances behind a grant application

What special category personal information will we collect?

We may also collect information because it is relevant to your enquiry, which reveals or is likely to reveal your religious or philosophical beliefs, for example you are a member of an Anglican Church and are enquiring about grants for your Church.

How will we collect your personal information?

Directly from you:

when you have approached us because you are enquiring about a grant;
during any communications we have, such as by telephone or email.
We will also collect your personal information from:

Public sources such as internet search engines, and directories of Anglican ministers; and
Information obtained through our use of cookies. You can find more information about this in our cookies policy

What will we use your personal information for?

We use your information in a number of different ways, depending on your particular circumstances. For every use, we must be able to demonstrate that there is a "legal ground" to do so. When using your "personal information", we will rely on the "legal ground" set out below:

We have a business need to use your personal information. Such needs will include keeping business records, maintaining management information, responding to individuals who are interested in our services, information, introductions and the grants we offer, developing and testing our systems, analysing our business and improving the services and products we offer, carrying out strategic reviews of our business models and will cover all activities which are needed to carry out everyday business activities. When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your information unless we can demonstrate a legitimate business need.

When we use your "special categories of personal information" (such as information about your religious beliefs), we need to have an additional "legal ground". When using your "special categories of personal information ", we will rely on the "legal ground" set out below:

You have clearly made your special categories of personal information public. For example where you are a Bishop of an Anglican Church and you have made your religious beliefs common knowledge.

What is the purpose for using your personal information

Legal grounds for using your personal information
Legal grounds for using your special categories of personal information
To generally communicate with you and to respond to any queries about grants
We have a business need (to respond to all communications).
You have made this information public knowledge.
For business purposes such as systems development, migration of systems and live testing, diagnosing any problems with our servers and website and improving the content and design of our website.
We have a business need (to run an efficient business.
You have made this information public knowledge.
For business purposes such as maintaining management information, accounting purposes, internal audits, and carrying out statistical and strategic analysis.
We have a business need (to run an efficient business and improve our business)
You have made this information public knowledge.
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys).
We have a business need (to develop and improve the services we offer).
You have made this information public knowledge.
Who will we share your personal information with?
We do not share or distribute your personal information other than to the following third parties and only under the limited circumstances we have set out above
Other companies in the Benefact Group (but not for marketing purposes).
Service providers we have contracted with including our subcontractors and agents, auditors, our solicitors, actuaries, IT providers and database providers including Gallery Partnership who provide our Benefactor database on which grant applications are logged and processed, marketing mailing providers and business suppliers.
Our business partners such as corporate partners and third parties who assist with marketing, and photographers.
Other applicants for grants, and other grant funders in circumstances where we consider it in the applicant’s interest to be recommended for grants from other relevant grant providers or to facilitate knowledge transfer and key learnings for applicants working in the same field.
Any third parties in the event of a sale, merger, reorganisation, transfer or dissolution of our business. The Charity Commission who is our regulator.

Applicants who have not been successful with their grant application

If you have applied for a grant but have not been successful, this section will be applicable to you and will provide key information about how we use your personal information.

What personal information will we collect?

Your name and title, address, telephone numbers and email addresses
Your IP address
Information which is related to your grant application including:
- your position
- details about the organisation you work for
- the circumstances behind a grant application
- Information which is available publically such as internet search engines, social media and on your organisation's website

What special categories of personal information will we collect?

We may also collect information because it is relevant to your application, which reveals or is likely to reveal your religious or philosophical beliefs, for example you are a member of an Anglican Church and are applying for a grant for your Church.

How will we collect your personal information?

Directly from you:

when you have approached us.
from your application form and any other documents you have submitted as part of your application.
during any communications we have, such as by telephone or email or when you make a general enquiry.
We will also collect your personal information from:
Public sources such as internet search engines, social media and your organisation's website.
Information obtained through our use of cookies. You can find more information about this in our cookies policy.
The Charity Commission who is our regulator.

What will we use your personal information for?

We need to use your personal information to enter into or perform our contract with you. We will rely on this legal ground for all activities that we undertake in order to fulfil our contractual obligations and without using your personal information we would be unable to do, such as assessing your grant application.

We have a legal or regulatory obligation to use your personal information. For example, our regulator requires us to maintain records of charitable giving and to comply with our regulatory reporting requirements we may need to send your personal information to our regulator, the Charity Commission.

We have a business need to use your personal information. Such needs will include keeping business and accounting records, maintaining management information, statistical analysis, developing and testing our systems, analysing our business and improving the services we offer, carrying out strategic reviews of our business model and will cover all activities which are needed to carry out everyday business activities. When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your information unless we can demonstrate a legitimate business need.

You have clearly made your special categories of personal information public. For example where you are a Bishop of an Anglican Church and you have made your religious beliefs common knowledge.

What is the purpose for using your personal information

Legal grounds for using your personal information
Legal grounds for using your special categories of personal information
To assess your grant application
We have a business need (to assess all grant applications)
It is necessary to enter into or perform our contract with you
You have made this information public knowledge.
To generally communicate with you and to respond to any queries about grants
We have a business need (to respond to all communications).
You have made this information public knowledge.
For business purposes such as systems development, migration of systems and live testing, diagnosing any problems with our servers and website and improving the content and design of our website.
We have a business need (to run an efficient business)
You have made this information public knowledge.
For business purposes such as maintaining management information, accounting purposes, internal audits, and carrying out statistical and strategic analysis.
We have a business need (to run an efficient business and improve our business)
You have made this information public knowledge.
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys).
We have a business need (to develop and improve the services we offer).
You have made this information public knowledge.
To contact you to inform you about services we think you might be interested in.
We have a business need (to inform you about other services we offer).
You have provided your consent.

Who will we share your personal information with?

We do not share or distribute your personal information other than to the following third parties and only under the limited circumstances we have set out above:

Our trustees who review all grant applications
Grant officers who visit organisations as part of the decision making process
Other third parties we consult when assessing applications, administering the programme and monitoring grants and evaluating funding processes such as accountants, external evaluators and other organisations involved in delivering the grant
Other companies in the Benefact Group.
Service providers we have contracted with including our subcontractors and agents, auditors, our solicitors, actuaries, IT providers and database providers including the Gallery Partnership who provide our Benefactor database on which grant applications are logged and processed, marketing mailing providers and business suppliers
Our business partners such as corporate partners and third parties who assist with marketing, and photographers.
Other applicants for grants, and other grant funders in circumstances where we consider it in the applicant’s interest to be recommended for grants from other relevant grant providers or to facilitate knowledge transfer and key learnings for applicants working in the same field.
Any third parties in the event of a sale, merger, reorganisation, transfer or dissolution of our business.
The Charity Commission who is our regulator.
Our own insurers and companies who we have appointed to assist with arranging our insurance.

Individuals who have successfully applied for and received a grant on behalf of their organisation

If you have applied and received a grant from us on behalf of your organisation, this section will be applicable to you and will provide key information about how we use your personal information.

What personal information will we collect?

Your name and title, address, telephone numbers and email addresses
Your IP address
Photographs which showcase your organisation and which may feature you
Information which is related to your grant including:
your position
details about the organisation you work for
the circumstances behind a grant application
Information which is available publically such as internet search engines, social media and your organisation's website

What special categories of personal information will we collect?

We may also collect information because it is relevant to your grant, which reveals or is likely to reveal your religious or philosophical beliefs, for example you are a member of an Anglican Church and are applying for a grant for your Church.

How will we collect your personal information?

Directly from you:

when you have approached us
from your application form and any other documents you have submitted as part of your application and during the grant process
during any communications we have, such as by telephone or email
We will also collect your personal information from:
Public sources such as internet search engines, social media and your organisation's website.
Information obtained through our use of cookies. You can find more information about this in our cookies policy
The Charity Commission who is our regulator.

What will we use your personal information for?

We have your consent. We will obtain your consent to post any photographs and written narrative of you on our website to showcase grant funded organisations.

You have clearly made your special categories of personal information public. For example where you are a Bishop of an Anglican Church and you have made your religious beliefs common knowledge.

We have obtained your explicit consent. We will obtain your consent to post any photographs and written narrative of you on our website to showcase grant funded organisations which may inadvertently reveal your religious beliefs if for example it states that the organisation is a Church.

What is the purpose for using your personal information

Legal grounds for using your personal information
Legal grounds for using your special categories of personal information
To assess your grant application
We have a business need (to assess all grant applications)
It is necessary to enter into or perform our contract with you
You have made this information public knowledge.
To administer your grant, carry out evaluation reviews of the funded project and monitor progress of how grant funds are used
It is necessary to enter into or perform our contract with you
We have a business need (to ensure that grant monies are used for the purposes agreed)
We have a legal obligation (for example reporting on grants to our regulator)
You have made this information public knowledge.
To showcase grant funded projects including posting photographs on our website, Facebook page, Twitter and Instagram feeds.
We have a business need (to showcase the organisations that we have funded and the success of such projects)
We have your consent
We have your explicit consent
To generally communicate with you and to respond to any queries about grants
We have a business need (to respond to all communications).
You have made this information public knowledge.
For business purposes such as systems development, migration of systems and live testing, diagnosing any problems with our servers and website and improving the content and design of our website.
We have a business need (to run an efficient business)
You have made this information public knowledge.
For business purposes such as maintaining management information, accounting purposes, internal audits, and carrying out statistical and strategic analysis.
We have a business need (to run an efficient business and improve our business)
You have made this information public knowledge.
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys).
We have a business need (to develop and improve the services we offer).
You have made this information public knowledge.
To introduce you to organisations you may be interested in, and provide relevant information.
We have a business need (to inform you about other services we offer).
You have provided your consent.
To apply for and claim on our own insurance.
We have a business need (to have our own insurance cover in place)

Who will we share your personal information with?

We do not share or distribute your personal information other than to the following third parties and only under the limited circumstances we have set out below:

Our trustees who review all grant applications
Grant officers who visit organisations as part of the decision making process
Other third parties we consult when assessing applications, administering the programme and monitoring grants and evaluating funding processes such as accountants, external evaluators and other organisations involved in delivering the grant
Other companies in the Benefact Group.
Service providers we have contracted with including our subcontractors and agents, auditors, our solicitors, actuaries, IT providers and database providers including the Gallery Partnership who provide our Benefactor database on which grant applications are logged and processed, marketing mailing providers and business suppliers
Our business partners such as corporate partners and third parties who assist with marketing, and photographers.
Other applicants for grants, and other grant funders in circumstances where we consider it in the applicant’s interest to be recommended for grants from other relevant grant providers or to facilitate knowledge transfer and key learnings for applicants working in the same field.
Any third parties in the event of a sale, merger, reorganisation, transfer or dissolution of our business.
The Charity Commission who is our regulator.
Our own insurers and companies who we have appointed to assist with arranging our insurance.
Business partners including our corporate partners, marketing professionals and photographers
If you are a corporate partner who we liaise with to assist with marketing, marketing professional, photographer or another type of business party such as a supplier or subcontractor that we do business with, this section will be applicable to you and will provide key information about how we use your personal information.

What personal information will we collect?

Your name and title, address, telephone numbers and email addresses.
Employment status and related information such as job title, employment history and education.
Bank and payment details.
Financial information obtained from checking sanctions lists and credit checks such as bankruptcy orders, individual voluntary arrangements, office disqualifications or county court judgments.
Information which is available publically such as internet search engines and social media sites such as LinkedIn.

What special categories of personal information will we collect?

In limited circumstances, information about any criminal offences you have been convicted for and any related information including about any offences or alleged offences you have committed or any court sentences which you are subject to.

How will we collect your information?

Directly from you.
Third parties who provide credit or sanctions checking services.
Public sources such as court judgments, insolvency registers, internet search engines, social media.
From other corporate partners we work with.
What will we use your personal information for?
We use your information in a number of different ways, depending on your particular circumstances. For every use, we must be able to demonstrate that there is a "legal ground" to do so. When using your "personal information", we will rely on the "legal grounds" set out below:
We need to use your personal information to enter into a services contract with you.
We have a legal or regulatory obligation to use your personal information. For example, we have obligations to carry out due diligence checks on parties we engage with.
We have a business need to use your personal information. Such needs will include keeping business and accounting records, maintaining management information, statistical analysis, developing and testing our systems, analysing our business and improving the services we offer, carrying out strategic reviews of our business models and will cover all activities which are needed to carry out everyday business activities. When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your information unless we can demonstrate a legitimate business need.

When we use your criminal convictions data which is "special categories of personal information", we need to have an additional "legal ground" and we will rely on the following "legal ground":

We have your explicit consent to use your criminal convictions data.

What is the purpose for using your personal information

Legal grounds for using your personal information
Legal grounds for using your special categories of personal information
To comply with our legal or regulatory obligations.
We have a legal obligation.
To carry out due diligence and safeguarding checks
We have a business need (to prevent fraud).
We have your explicit consent
To carry out fraud, credit and anti-money laundering checks on you.
It is necessary to enter into or perform your services contract.
We have a legal obligation.
We have a business need (to prevent fraud).
To engage with you and obtain your services and generally communicate with you.
It is necessary to enter into or perform your services contract.
We have a business need (to respond to all communications and complaints and investigate and resolve complaints).
For business purposes such as systems development, migration of systems and live testing, diagnosing any problems with our servers and website and improving the content and design of our website.
We have a business need (to run an efficient business)
For business purposes such as maintaining management information, internal audits and carrying out statistical and strategic analysis
We have a business need (to run an efficient business and improve our business)
For financial purposes such as maintaining management information and accounting records and carrying out audits
We have a business need (to maintain appropriate financial records)

Who will we share your personal information with?

We do not share or distribute your personal information other than to the following third parties and only under the limited circumstances we have set out below:

Other third parties we consult when assessing applications, administering the programme and monitoring grants and evaluating funding processes such as accountants, external evaluators and other organisations involved in delivering the grant.
Organisations who have received grants from us
Other companies in the Benefact Group.
Service providers we have contracted with including our subcontractors and agents, auditors, our solicitors, actuaries, IT providers and database providers including the Gallery Partnership who provide our Benefactor database on which grant applications are logged and processed, marketing mailing providers and business suppliers
Other business partners such as corporate partners and third parties who assist with marketing, and photographers.
Other applicants for grants, and other grant funders in circumstances where we consider it in the applicant’s interest to be recommended for grants from other relevant grant providers or to facilitate knowledge transfer and key learnings for applicants working in the same field.
Any third parties in the event of a sale, merger, reorganisation, transfer or dissolution of our business.
The Charity Commission who is our regulator.
Our own insurers and companies who we have appointed to assist with arranging our insurance.

Users of the Benefact Trust website

If you use or access the Benefact website, this section will be applicable to you and will provide key information about how we use your personal information.

What personal information will we collect?

Name, contact details, postcode and IP address

Information obtained through our use of cookies. You can find more information about this in our cookies policy

How will we collect your personal information?

We collect your information directly from our website and where you have submitted any information on our website.

What will we use your personal information for?

We have a business need to use your personal information, such as developing and testing our systems, analysing our business and improving the services we offer, diagnosing any problems with our website and assessing usage of our website. When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your information unless we can demonstrate a legitimate business need.

What is the purpose for using your personal information?

Legal grounds for using your personal information
Legal grounds for using your special categories of personal information
To respond to any enquiries you make.
We have a business need (to respond to all enquiries made on our website).
To provide marketing materials about products and services we think you might be interested in.
We have a business need (to inform you about other services we offer).

Who will we share your personal information with?

We do not share or distribute your personal information other than to the following third parties and only under the limited circumstances we have set out above:

Other companies in the Benefact Group.

Service providers we have contracted with relating to the website such as our subcontractors and agents and website providers.

3. What marketing activities do we carry out?

Our outbound marketing include our website, e-Newsletter, Christmas card, Benefact Trust activity updates, social media, and hosting special interest group meetings to which we may invite you if we think they are of interest to you.

We may use your personal information to provide you with information about our services which may be of interest to you where you are an existing contact or where you have provided your consent for us to do so.

We are committed to only sending you marketing communications that you have clearly expressed an interest in receiving. If you no longer wish to receive information from us and want to be removed from our standard mailing list you can "unsubscribe" by clicking the link that appears in all emails or post by contacting using the details set out in section 9.

Please note that, even if you opt out of receiving marketing messages, we may still send you communications which are relevant to any grant application you have made or grant you have received.

4. Automated Decision-Making

We do not carry out any automated decision-making. If this changes in the future, we will notify you.

5. How long do we keep personal information for?

We will only keep your personal information for as long as reasonably necessary to fulfil the purposes set out in section 2 above and to comply with our legal and regulatory obligations.

Any information that we gather for marketing purposes is held until our email bounces back undeliverable, or we receive a request to unsubscribe or remove you from our database. We then cleanse the database on a regular basis.

Business partner information is retained as long as we have a commercial relationship with the business partner, and for a period of seven years for tax, contract and audit purposes, as is standard practice.

Information about applicants for grants are retained for seven years. Personal information is then removed but general, non-identifiable information is retained on an anonymous, aggregated basis for trend analysis and reporting.

If you would like further information about how long we will keep your personal information for, please contact us using the details set out in section 9.

6. What is our approach to sending your personal information overseas

We do not transfer your personal information outside the European Economic Area (EEA). In the event that this changes, we will notify you.

7. How do we protect your information?

We strive to maintain the reliability, accuracy, completeness and currency of Personal Data in our databases and to protect the privacy and security of our databases. The security measures in place on our Website and computer systems, aim to protect the loss, misuse or alteration of the information you provide to us. We keep your Personal Data only for as long as reasonably necessary for the purposes for which it was collected or to comply with any applicable legal or regulatory requirements.

We adopt a framework of information security controls operating at different levels within the company to restrict access and safeguard systems, in accordance with a ‘defence in depth’ methodology (which is the coordinated use of multiple security controls to protect the integrity of the information and assets in our IT network);

We have an established documented information security and data protection policy framework which is regularly reviewed to consider changes in technology, regulations and threats;

We maintain encryption technologies to encrypt data stored on portable computers and portable media, and ensure security when data is transferred;

We maintain awareness and education on information security and data protection;

We conduct risk based due diligence on our suppliers;

We operate a programme of testing the effectiveness of our information security measures.

8. Your rights

You have several data protection rights which entitle you to request information about your personal information, to dictate what we do with it or to stop us using it in certain ways.

If you wish to exercise the rights set out below, please contact us at any time using the details set out in section 9. There will not normally be a charge for this.

We respect your rights in relation to personal information we hold about you, however we cannot always comply with your requests, for example:

we may not be able to delete your information if we are required by law to keep it for a longer period of time; or
if we delete your information we would not have the necessary information we need to assess your grant application or communicate with you in respect of a grant.

In some circumstances, complying with your request may result in your grant being suspended or your application not being considered. Please refer to the grant terms and conditions which will explain what will happen in the event that we cannot provide your grant. However, we will always inform you why we cannot comply with your request.

The right to access your personal information

You can request a copy of the personal information we hold about you and certain details of how we use it.

Your personal information will normally be provided to you in writing unless you request otherwise or where you have made a request by electronic means such as email, we will provide such information in electronic form where possible.

The right to withdraw your consent

Where we rely on consent as the legal ground to use your personal information, you are entitled to withdraw that original consent. We will inform you of these consequences when you withdraw your consent.

The right to rectification

We make reasonable efforts to keep your personal information where necessary up to date, complete and accurate. We encourage you to ensure that your personal information is accurate so please regularly let us know if you believe that the information we hold about you may be inaccurate or not complete. We will correct and amend any such personal information and notify any third party recipients of necessary changes.

The right to restriction of processing

Subject to the circumstances in which you exercise this right, you can request that we stop using your personal information, such as where you believe that we no longer need to use your personal information.

The right to data portability

Subject to the circumstances in which you exercise this right, you can request that we port across personal information you have provided to us to a third party in a commonly used and machine-readable format.

The right to erasure

You can request that we delete your personal information. For example, where we no longer need your personal information for the original purpose we collected it for or where you have exercised your right to withdrawn consent.

Whilst we will assess every request, this request is subject to legal and regulatory requirements that we are required to comply with.

The right to object to direct marketing

You can request that we stop sending you marketing messages at any time by clicking on the "unsubscribe" button in any emails that we send to you or by contacting us using the details set out in section 9.

Please note that even if you exercise this right because you do not want to receive marketing messages, we may still send you service related communications where necessary.

Rights relating to automated decision-making

We do not currently carry out any automated decision-making. In the event that this changes, we will notify you and inform you about your rights relating to automated decision-making.

The right to make a complaint with the ICO

Where you believe that we have breached data protection laws when using your personal information, you can complain to the Information Commissioner's Office (ICO). For more information visit the ICO's website at https://ico.org.uk/. Please note that exercising this right and lodging a complaint will not affect any other legal rights or remedies that you have.

9. Contacting us

If you would like further information about the ways we use your personal information, further clarity on how we use your personal information or anything referred to in this notice, please contact our Data Protection Officer at info@benefacttrust.co.uk or by writing to Data Protection Officer at Benefact Trust, Benefact House, 2000, Pioneer Avenue, Gloucester Business Park, Brockworth, Gloucester, GL3 4AW, United Kingdom

10. Updates to this notice

We are continually improving our methods of communication and alongside with changes in the law and the changing nature of technology, our data practices and how we use your data will change from time to time. If and when our data practices change, we will notify you and we will provide you with the most up-to-date notice.

This notice was last updated on 16 Feb 2022.