Privacy Notice 

 

Introduction 
We at the Access Group understand the importance of protecting your personal data. This Privacy Notice explains how we collect and process your personal data as a candidate for hiring at the Access Group. 
 
About Us 
The “Access Group” is a group of legal entities that are wholly owned subsidiaries of The Access Technology Group Limited (company registration 05575609).  

The Access Group includes Access UK Ltd (company registration 2343760), with registered address at The Armstrong Building, 10 Oakwood Drive, Loughborough, LE11 3QF, United Kingdom.  

Access UK Ltd is the primary trading entity and the controller of your personal data for processing described in this privacy notice. 
 
Our Group Data Protection Officer is Danielle Hefford. To contact us regarding our use of personal data, you may email us at [email protected].  

We have appointed Core Computer Consultants Ltd (registration number: 91755) as our EU representative under Article 27, EU GDPR. Our representative can be contacted by email at [email protected]. 
 
Why We Have Your Information 
We process personal data for the purpose of: 

• facilitating and securely processing your donation to the relevant charity of the year;  
• keeping in touch with you (e.g., to keep you posted about our news, activities and how you can help in other ways); and 
• analysis (e.g., donor relationship management, fundraising effectiveness, impact assessments etc.,). 

 

We obtain your personal data directly from you when you choose to make a donation through out charity of the year website. 

The following describes the information we seek to collect from you to process your donation: 

Reason for donation, full name, email address, card number, expiry date, security code, billing address, gift aid eligibility. 

We also collect some of your personal data through the use of cookies. More about cookies can be found here. 

If you’re making a donation to our charities in the following regions, you will be directed to the charities own sites to make a contribution directly: 

• Malaysia 
• Romania 
• Singapore 
• Sri Lanka 
• USA 
• Vietnam 

In these cases, we will not seek to collect your card number, expiry date, security code or billing address (as this is not needed). 

 
On What Legal Basis We Have Your Information 
To process your donation, our lawful basis is performance of a contract.  

To process your information for the purposes of keeping in touch and or analysis, our lawful basis is legitimate interests.  

The legitimate interests pursued are to keep you informed about our news, activities, and how you can help the charity in other ways; it’s also to effectively manage the relationship with you as a donor. 

Sharing Your Personal Data 
We do not share your personal data with any third party, except for: 

1) our service providers (table 1) who process your personal data on our behalf. We have appropriate contracts in place with these service providers to protect your personal data;  

2) other legal entities within the Access Group, as appropriate (e.g., when they may have a need to know); 

3) the relevant charity or charities you have made a donation to. 
 
Storage and Disposal of Your Personal Data 
We will delete your personal data within 12 months of the last donation you make. Unless we have a lawful reason to retain the information for longer. 
 
Your Rights 
You have the right to access, rectify, erase, restrict processing, object to processing, data portability of your personal data and rights relating to automated decision making (of which there are none).  

You may also withdraw your consent at any time if we rely on consent as a lawful basis of processing. To exercise any of these rights, please contact [email protected]. 
 
If you feel we have not processed your data in accordance with GDPR, please contact [email protected] (or our EU representative, [email protected]) for our complaints procedure, or you may raise a complaint with the Information Commissioners Office (or other relevant supervisory authority) but we would like the opportunity to resolve any issues first. 

 

Service Providers 

Provider	Purpose	Safeguards
Microsoft Azure	Cloud Hosting Services	Contract inclusive of Standard Contractual Clauses
Access Workspace Malaysia	Support, Technical Support	Intra-group data processing agreement
Stripe	Payment Card Processing	Standard Contractual Clauses