"This project is going to make Winchester proud and help a lot of people."
Steve Brine, Chair of Trustees
19th August 2025
2 July 2025
Winchester Cancer Sanctuary is a registered charity in England and Wales. Winchester Cancer Sanctuary is creating a service that will provide free holistic care and support to people affected by cancer in the Winchester area and surrounds. This policy applies when you interact with us directly or through platforms such as JustGiving.
Contact Details:
Winchester Cancer Sanctuary
Address: Winchester Business Hub 32 St Thomas Street Winchester, Hampshire SO23 9HJ, United Kingdom
Email: hello@winchestercancersanctuary.org
We may collect and process the following personal data:
- Full name, contact details (email, phone, address)
- Donation details (amount, method, Gift Aid status)
- JustGiving fundraising activity, where applicable
- Communication preferences
- Website usage (IP address, cookies)
- Volunteer and event data
- Children's data (with appropriate safeguards)
We collect data when you:
- Donate via our website or JustGiving
- Register for events or volunteering
- Subscribe to our communications
- Contact us via phone, email, or post
- Interact with our website or social media
When using JustGiving:
We may receive personal data from JustGiving, including:
- Your name, donation amount, email address, and message
- Whether you chose to remain anonymous
- Your communication preferences as selected on JustGiving
This data helps us thank you, claim Gift Aid (if applicable), and keep you informed—if you have opted in.
You can manage your privacy settings via JustGiving’s privacy centre: https://www.justgiving.com/about/info/privacy-policy.
We use your data to:
- Process donations, including Gift Aid
- Thank and update supporters
- Manage events, volunteers, and fundraising campaigns
- Analyse engagement and improve our services
- Fulfil legal obligations
We process your personal data under the following legal bases:
- Consent – for marketing or newsletters
- Contractual necessity – e.g. managing event participation
- Legal obligation – e.g. Gift Aid and tax requirements
- Legitimate interest – e.g. thanking donors, safeguarding, fundraising operations
- Recognised legitimate interests – crime prevention, fraud detection, IT security
We receive data from JustGiving when:
- You make a donation or set up a fundraising page
- You opt to share your details with us (you control this via your JustGiving settings)
We keep this data only for as long as needed, typically:
- Donation records – 7 years for legal purposes
- Fundraising and supporter info – 2 years of inactivity or until opt-out
We do not use solely automated decision-making to make decisions that significantly affect individuals. If we begin to do so, we will inform you, explain the logic involved, and offer the right to challenge or seek human review.
If we work with children (e.g., in youth programmes or education), we:
- Use age-appropriate forms and language
- Limit data collection to essentials
- Require parental or guardian consent when needed
- Implement additional safeguards in line with the 2025 Act
We may contact supporters under the “soft opt-in” basis (e.g., after a prior donation), unless you object. We always include an unsubscribe link in our emails.
You can update your preferences or opt out at any time by contacting us or adjusting your settings in JustGiving.
We use cookies for:
- Website functionality
- Basic analytics
- Security monitoring
Under the Data (Use and Access) Act 2025, some cookies (e.g., for security and analytics) no longer require consent. You can manage cookies in your browser or read more in our Cookie Policy.
Where appropriate, we may process anonymised data for research purposes to measure our impact. Where personal data is used:
- We may request broad consent
- We apply ethical governance and data minimisation
We do not sell your personal data. We only share it with:
- Trusted service providers (e.g., email services, payment processors, JustGiving)
- HMRC (for Gift Aid)
- Legal or regulatory authorities (if required)
All third-party providers are bound by contracts to keep your data secure.
Some service providers may transfer data outside the UK. In such cases, we use appropriate safeguards including:
- UK adequacy decisions
- Standard contractual clauses
- Lawful safeguards under the Data (Use and Access) Act 2025
Type of Data | Retention Period
-------------|------------------
Donation and Gift Aid info | 7 years
JustGiving supporter data | 2 years after inactivity or until request for deletion
Email preferences | Until opt-out
Volunteer/event info | 2 years post-engagement
Under the UK GDPR and the 2025 Act, you have the right to:
- Access your personal data
- Request correction or deletion
- Restrict or object to processing
- Withdraw consent
- Data portability (in certain cases)
- Lodge a complaint with the ICO: www.ico.org.uk
We may pause the 1-month response period for Subject Access Requests (SARs) while we verify your identity or clarify the request.
To raise concerns or make a complaint:
- Email: hello@winchestercancersanctuary.org
We aim to acknowledge complaints within 30 days and respond promptly and fairly.
We may update this Privacy Policy from time to time to reflect changes in law or practices. The latest version will always be posted on our website with the “last updated” date.
2 July 2025
2 July 2026