The Leap is responsible for collecting, processing, storing and safe-keeping personal and other information as part of our business activities. We manage personal information in accordance with the Data Protection Act 1998.
This policy sets out our approach to safeguarding the privacy of the personal information we hold.
This policy applies to all personal information collected by The Leap and our worldwide affiliates acting on our behalf.
Personal information means any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.
We collect, use, disclose, transfer, and store personal information when needed to provide our Services and for our operational and business purposes as described in this Statement. We want to be clear about our privacy practices so that you can make informed choices about the use of your information, and we encourage you to contact us with any questions or concerns to: Data Protection Officer, The Leap, 121 High Street, Marlborough, SN8 1LZ.
About the personal information we collect
We collect and process what may be considered sensitive personal information.
Sensitive personal information is a subset of personal information and is generally defined as any information related to racial/ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health, other medical information including biometric and genetic data, or sexual life or preferences. In some instances, sensitive personal information may also include criminal allegations or convictions, precise geolocation information, financial and bank account numbers, or unique identifiers such as government-issued social security numbers, driver’s license, and passport numbers
The information we may collect about you could include, but is not limited to:
Date of birth
Contact details (phone/mobile/email)
Racial or ethnic origin
Physical or mental health or condition
We will not collect information about you that we do not need and we will ensure that the personal information we collect is updated to our systems in a timely and accurate manner.
How we use your personal information
We use your information to respond to your enquiries, provide you with services and manage your relationship with us. We may also use your personal information for technical administration, research and development, customer administration, marketing and to identify areas where we can improve the services we provide.
We will regularly review the personal information we hold about you and make changes to any service or information-handling processes when data protection law requires such changes.
Visiting our websites
When you visit one of our websites, we collect standard internet log information for statistical purposes.
We do not make any attempt to identify visitors to our websites. We do not associate information gathered from our sites with personally identifying information from any source.
When we collect personal information, for example via an online form, we will explain what we intend to do with it.
Our websites contain links to various third-party websites. We are not responsible for the content or privacy practices of any external websites that are linked from our sites.
Marketing and events
We use personal information to deliver marketing and event communications to you across various platforms, such as email, telephone, text messaging, direct mail, and online. If we send you a marketing email, it will include instructions on how to opt out of receiving these emails in the future.
Surveys and polls
If you choose to participate in a survey or poll, any personal information you provide may be used for marketing or market research purposes.
How we share your personal information
We will not normally share your information without your consent unless we are required to by law. We may seek your consent directly, or may obtain it by telling you about how your information may be used at the time you provide information or enter into a contract (e.g. filling out the booking form) with us.
Our legal obligations
We will share specific and relevant information with law enforcement and government agencies or public bodies where we are legally required to do so. Examples may include:
The prevention or detection of crime and fraud
The assessment or collection of tax or duty owed to customs and excise
Sharing in connection with legal proceedings
Sharing in relation to the physical or mental health of an individual, where disclosure is required to protect them or others from serious harm
Research and statistical purposes
We may also share your information with emergency services where this is necessary to help them respond to an emergency situation that affects you.
Sharing information with our partners
In some areas we may enter into partnerships with other organisations such as DigitalNRG. For example, we may join a partnership to provide marketing insights. We will enter into a data sharing agreement to ensure your personal information is adequately protected before any sharing of personal information takes place with a partner organisation.
Sharing information with our worldwide affiliates
There are some cases when we will share your information to support legitimate business purposes with our partners and affiliates outside of your home country. The areas in which these recipients are located will vary from time to time, but may include Costa Rica, Cuba, Guatemala, Ecuador, Peru, Tanzania, Namibia, Madagascar, South Africa, Bali, Cambodia and Borneo, and other countries where The Leap has a presence or uses contractors.
When we transfer personal information from the European Economic Area (EEA) to other countries in which applicable laws do not offer the same level of data privacy protection as in your home country, we take measures to provide an appropriate level of data privacy protection. In other words, your rights and protections remain with your data. For example, we use approved contractual clauses to ensure that the recipients of your personal information protect it.
Disclosure to information societal services
In some circumstances we may share your details with information societal services such as Facebook and Google. We will only ever pass through hashed data and will enter into a data sharing agreement to ensure your personal information is adequately protected before any sharing of personal information takes place.
Keeping your information secure
We store personal information both electronically and in paper form.
We implement security policies, processes and technical security solutions to protect the personal information we hold from:
Improper use or disclosure
Unlawful destruction or accidental loss
When you contact us, we may ask you to provide us with some information so that we can confirm your identity. If other people (e.g. family members) act on your behalf we will take steps to ensure that you have agreed for them to do so. This may include asking them to provide us with supporting information to indicate your consent. We do this to protect your privacy.
Employees and third parties who have access to, or are associated with the processing of, your personal information are obliged to make reasonable efforts to safeguard it.
How we use your telephone number
Text messages and contact via telephone provide a direct way to contact and share information with you about the services we can deliver to you. It can also help you receive important promotional/marketing messages which may interest or help you.
We may use your telephone number that you have provided us to keep in contact with you by text.
Promotional and marketing SMS/text messaging and calls
Our promotional or marketing SMS/text messages can benefit you by giving you information about our own services and those provided by approved third parties (such as companies or groups we work with).
Representative examples of the promotional or marketing text messages which we may send you include:
Promoting services that may interest you, including other volunteering, travel and gap year related opportunities.
When you supply your telephone contact details, you can ask us to either send or not send promotional and marketing SMS/text messages. You can opt-out of receiving these types of SMS/text messages by responding to messages by emailing us at : firstname.lastname@example.org
Sharing your telephone number with third parties
We may pass your telephone number to third parties so that we can meet our contractual obligations with you. We may also share your telephone numbers if we are required to by law. In doing so we will comply with the Data Protection Act 1998.
We may supply the details to our approved marketing or third party contractors who are delivering or performing services on our behalf, and these companies must not use your information for any other purpose. We never share or sell your telephone numbers telesales/marketing companies.
Contacting us about your personal information
We will be as open as possible with you about the personal information we hold about you, and if something is wrong we want to work with you to put it right.
How long we keep personal information
We retain personal information for as long as we reasonably require it for legal or business purposes. In determining data retention periods, we take into consideration local laws, contractual obligations, and the expectations and requirements of our customers. When we no longer need personal information, we securely delete or destroy it.
Your right to access and correct your personal information
We respect your right to access and control your information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your personal information.
Access to personal information
If you request access to your personal information, we will gladly comply, subject to any relevant legal requirements and exemptions, including identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data. We may also charge you a fee for providing you with a copy of your data (except where this is not permissible under local law).
Correction and deletion
In some jurisdictions, you have the right to correct or amend your personal information if it is inaccurate or requires updating. You may also have the right to request deletion of your personal information; however, this is not always possible due to legal requirements and other obligations and factors. Remember that you can update your account information by using the “My Leap” option within the Web site.
Filing a complaint
If you are not satisfied with how we manage your personal data, you have the right to make a complaint to a data protection regulator. A list of National Data Protection Authorities can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you would like to contact us specifically about the privacy of your personal information, please contact:
Data Protection Officer
121 High Street
Keeping this policy updated