Grant Funding Data Privacy Notice
This privacy notice explains what personal data is collected by Consortium in relation to our grant making activities and how and why this data is used.
Collecting and using your personal data
If you contact Consortium or apply for a grant, we will collect personal data about you and other people connected to your organisation. This may be done through various means including one on one conversations, emails, phone calls or visits to your organisation.
If your organisation applies for funding, we will collect personal data on application forms. Sometimes our grant holders and partners also send us information about individuals who benefit from projects funded by our grants.
We will keep your personal data up to date and store it securely. We will put appropriate technical measures in place to protect it from loss, misuse, unauthorised access and disclosure, and not collect or retain excessive amounts of personal data.
When we have held your personal data for the maximum period of time allowed by data protection laws, we will destroy it securely.
We may keep in contact with you throughout the life of your grant and we will send you regular advice about your grant. These might include useful information on a things like publicising your grant, information on other funding available and project ideas and tips from other grant holders.
If you provide us with personal data of people who benefit from your project’s work, we will treat this in the same way. You must tell the individuals and if they have any questions about this, you must refer them to this notice.
The purpose and legal basis for storing and using your personal data
Consortium processes your personal data as a necessary part of exercising our due diligence requirements as a responsible grant funder.
We may use your personal data to help your organisation apply for grants and to assess its applications. We may carry out checks on your personal data as described below. If a grant is awarded, we use your personal data to manage and monitor the grant and to check the money is being used appropriately. If you don’t provide this personal data, we may not be able to process your application or award a grant to your organisation.
We may also use your personal data to evaluate and research the impact of our grants and to let you know about our grants and other activities. The results of our evaluations and research may be published but we won’t publish your personal data without your agreement.
Sharing your personal data
We may share your personal data with organisations which help us to carry out our grant making activities. For example, we share personal data with organisations which help evaluate the impact of our grants.
Fund applicant data may be shared with other funding organisations if Consortium cannot provide a grant directly to see if they can source alternative support. This will be made clear to applicants and Consortium cannot guarantee further support or funding will be sourced elsewhere. It may also be shared to review possible areas of duplicate funding.
We will only share personal data needed to carry out this work, and will do so subject to appropriate safety measures that are designed to ensure your personal data remains secure and is only used for the intended purpose.
Time limits on keeping your personal data
We keep your personal data for no longer than is necessary for the purposes described in this notice or otherwise allowed by law.
Fraud prevention and identity checks
If you apply for a grant or receive a grant from us, we may undertake checks for the purposes of preventing fraud and money laundering and to verify your identity. These checks require us to process personal data you have provided about you and your nominated representatives and data we have received from third parties.
We and fraud prevention agencies may also enable law enforcement agencies, regulators and other funders to access and use your personal data to detect, investigate and prevent crime.
Fraud prevention agencies can hold your personal data for different periods of time. If you are considered to pose a fraud or money laundering risk, your personal data can be held for up to six years.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to award a grant and we may withdraw existing grants.
A record of any fraud or money laundering risk will be retained by us and the fraud prevention agencies, and may result in others refusing to provide you with services, financing or employment. If you have any questions about this, please contact us on the details below.
Your rights around your personal data
Your personal data is protected by legal rights. These include the right in certain circumstances to:
- request a copy of your personal data held by Consortium;
- ask for your personal data to be erased, for example, if we no longer need it for the purpose we collected it;
- request that we suspend the processing of your personal data, for example if you want us to establish whether it is accurate or the reason for processing it;
- object to the processing of your personal data where we are processing it in the exercise of our official authority.
If our processing of your personal data relies on your consent, you also have the right to withdraw your consent at any time and the right to ask for your personal data to be transferred to another organisation (known as the right to data portability).
If you are unhappy about how your personal data has been used please refer to our complaints policy.
If you have any questions, queries or complaints, and to exercise your personal data rights, please in the first instance contact the Data Protection Officer, Consortium’s Chief Executive on: firstname.lastname@example.org