Skip to content

Privacy policy – supporters, volunteers and trustees

This privacy policy was last updated on 16 December 2021.

At the Blind Veterans UK Group, we respect the privacy of our stakeholders and this version of our privacy policy is targeted to our supporters and volunteers. This policy explains how and why we collect, manage, use and protect your personal data. It also makes clear how you can exercise control over your personal data. It should be read in conjunction with our terms of use for this website and cookies policy.

Our privacy promise

We take our duties when processing your personal data very seriously. We promise that we will tell you what data we are collecting and why. We will make every reasonable effort to collect, process, store and share your data safely and securely. We will also make sure that our trusted partners do the same. We also promise that we will be open and clear with you about our use of your personal data and that you will be able to control your personal data with ease. Please also read our Supporter Promise.

Your data

We are very thankful that you are supporting us in providing life-changing assistance to blind veterans. In order to enable that support, we need to collect and keep a little data about you, like your name, contact details, preferred means of communication or, when appropriate, payment details. Some of this data we may need to share with 3rd parties such as payment agencies or HMRC or our trusted partners, such as event organisers or service providers. This is to provide you with the information, products or services you have requested.

We use your data to enable your support

We use the data you provide to keep you informed about how we are providing lifelong practical and emotional support to blind veterans. We also use it to identify your areas of interest and to draw your attention to how you may be able to provide specific support to our veterans. We also use it to help us to fundraise more efficiently; so that every penny we receive can be better used to directly support blind veterans.

You are in control

If you would like to make any changes to the way we are processing your data, if you believe it is inaccurate or incomplete, if you wish to stop receiving certain or all communications from us, you can amend your preferences at any time. Our communications with you offer the opportunity to amend your preferences. In any case whether a supporter or a volunteer you can contact us using the details in Section 9 of this policy “How to Contact Us”. If you prefer; or wish to discuss how your personal data is used or wish to make an individual rights request, you can e-mail our Data Protection Officer whose details are also in Section 9.

Changes to this policy

We may change this document from time to time to reflect the latest views of what we do with your data and legal and regulatory changes. Please check back frequently. You will be able to see changes have been made by the date it was last updated.

Our privacy policy in detail

1. Who we are

Our Privacy Policy applies to personal data collected and used by Blind Veterans UK Group. Under data protection law and regulation, we are a ‘data controller’ and are registered as such with the Information Commissioner’s Office (Registration Number: Z6040633).

Since 1915, the Blind Veterans UK Group has held to the belief that no-one who has served our country should battle blindness alone. That's why we're here to help with lifelong practical and emotional support for blind veterans, regardless of when they served or how they lost their sight. We help veterans recover their independence and discover a life beyond sight loss.

References to "Blind Veterans UK Group", ‘the charity’, “our’, ‘us’ and "we" mean Blind Veterans UK registered charity 216227 in England and Wales and SCO39411 in Scotland.

This also includes: our wholly owned subsidiary charitable trading company, Four Seasons NWMC Housing Limited (registered company No. 01882050); managing our properties and tenants; Bravo Victor Limited (registered company No.13144807) conducting Biomedical, Social & Welfare and Innovation research and the St Dunstan’s Retirement Benefits Plan (1973). For the purposes of the pension scheme we are Joint Controllers with St Dunstan’s Retirement Benefits Plan (1973).

2. What personal data we collect and why

What we need to collect

For data to be considered ‘personal’ it must relate to you as an identified or identifiable individual. An individual can be identifiable either directly (your name, address, assigned email address etc.) or indirectly (role, donations, ID number, location, phone number). Where there is insufficient data to identify you as an individual from a group that is not personal data. If your identifiable data is used but the use does not relate to you, then this processing would also not be considered use of personal data. We need personal data about our supporters, volunteers and trustees to allow us to provide you with the information and services that you ask us to provide or to allow you to support us in the ways that you want.

As a supporter, for example if you make a donation, register to fundraise, sign up for an event or buy merchandise, we will usually collect personal data about you such as:

  • Postal address, telephone number, email address.
  • Date of birth.
  • Payment details (if you are supporting us financially).
  • Voluntary data to assist us in understanding our supporter base such as your reasons for supporting us or how you heard about the charity.

As a volunteer if you offer your time and will be engaging with our members it will be necessary for us to complete a basic Criminal Records Check (Disclosure and Baring Service or Disclosure Scotland). This is to assist us with the making of safer volunteering recruitment decisions. This is in addition to the above personal data the following may also be processed.

  • DBS / DS Reference number, type of disclosure, date of issue[1]
  • Volunteering placement confidential references
  • Next of Kin contact details in case of emergency.
  • Nationality.
  • Gender.
  • Your national insurance number.
  • Driving licence and or passport details and where necessary valid visa documentation.
  • Bank account details, salary, tax, pension status, pension entitlement and expenses details.
  • Profession and Job title.


As a trustee, in addition to the personal data above we need to collect the following additional personal data which is necessary to comply with UK Company and Charity legislation and required to be provided to the Charity Commission.

  • Home residential address
  • Place of birth (In addition to date of birth)
    Citizenship
  • Employment / Business Interest information including employed and voluntary position(s), any directorship(s), consultancy role(s).

It may be necessary to ask you for additional personal data for processing purposes specific to serving as a trustee, which you may not expect. If this occurs we will ask you directly for it and we will always explain why we need it.

We will be clear with you that we wish to collect such data, our reason for collecting such information and we will only do so when we have a lawful basis for processing the information. If you are under 16, we would love you to support us, but please ensure you have the permission of your parent or guardian before giving us your personal information. You retain the right to change your preferences at any time.

Special Category data. Data protection law and regulation recognises certain personal data as ‘special category’ data and as being particularly sensitive. This includes racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, certain biometric data, data concerning health or a person's sex life or sexual orientation. Sometimes we may need to collect or may indirectly obtain special category personal data. For example:

  • You may reveal personal or special category data if, you share photos, contribute to our Review magazine or, use our website or social media channels
  • If you have signed up to support an event that may be physically demanding, we may ask you to confirm any health conditions that we or the organisers need to be aware of.
  • We may gather this data for the purposes of monitoring and ensuring we provide equal opportunities to supporters and volunteers or to cater for your specific requirements when supporting us.
  • If you freely provide, either at our request or voluntarily, any ‘special category’ (sensitive) personal data, you explicitly agree that we may collect and use it in order to provide our services in accordance with this Privacy Policy.

Criminal Offence data. To assist us with the making of safer recruitment decisions, all volunteers will be required to participate in a Basic DBS check. This processing of criminal offence data for recruitment purposes is permitted within the DPA 2018 Schedule 1, Part 3. (See: Section 6 for more details).

If as a Volunteer or Trustee your role will include direct face-to-face engagement with a Blind Veterans UK Group beneficiary, such as a volunteering in a centre or participating in what is defined in the Protection of Freedoms Act 2012 as a “Regulated Activity” it is a legal requirement for us to complete a higher-level check known as an enhanced DBS/DS from the Criminal Records Check (Disclosure and Baring Service or Disclosure Scotland)

The accuracy of your personal data is really important to us. If you wish to update or correct any personal data we hold, please contact us using the contact details in Section 9 “How to Contact Us” at the end of this policy.

Why we need it

We need your personal data in order to perform functions such as:

  • To comply with the law. To comply with the law as a data controller and employer there are data processing purposes which must be completed. These include but are not limited to company, charity, employment, social security, social protection law and due diligence processes. Personal data collected specifically for this purpose cannot be further processed.
  • Manage your support relationship with us. To keep a record of your relationship with us and any direction you give on how we are to comply with your data rights. To administer any donations or support your fundraising, including processing Gift Aid.
  • Communicate with you. To know how you prefer to be contacted and to make adjustments as you specify. To provide you with specific and, where appropriate, personalised services, information, products, updates, newsletters, feedback, competitions. To assist with technical problems related to our websites or apps.
  • Operational requirements. If you are serving as a trustee, we will make use of your collected personal data for the purposes of administering and facilitating your duties and responsibilities as a member of the Board. There may be occasions when we need to make use of your personal data because of your status as a trustee to authenticate operational requirements and executive decisions of the charity, such as providing your home address for financial due diligence validation processes. The operational use of your personal data will be compatible with the original purpose of use. If an unexpected or new purpose of use for your personal data is necessary, we will inform you and / or seek your consent to make use of your personal data for this new purpose.
  • Marketing. If you provide us with your email address or telephone number, we may contact you for marketing purposes. We may use your email or SMS text number for both marketing and targeted advertising, but only where we have your opt-in consent to do so. If you provide us with your postal address or telephone number, we may send you direct mail or telephone you about our work. We will not do so if you have told us you would prefer not to hear from us by these means. We check telephone numbers against the Telephone Preference Service (TPS) and if you are registered, we will only contact you if you have specifically consented to us making such calls. We make it easy for you to tell us how you want us to communicate, in a way that suits you. Our forms have clear marketing preference questions and we include clear information on how to opt-out or opt-in when we send you marketing information.
  • Fundraising. The lifeblood of serving our blind veterans is fundraising. We are always grateful when people donate. If a donation is made we will acknowledge the gift and say thank you by email, tis will be in simple accessible language and will not include any marketing content. We endeavour to tailor our fundraising activity to ensure that we are as efficient with our resources as possible, keeping as much money available to support our beneficiaries as possible, which donors tell us is a priority for them. It also provides you with the most relevant and timely information and opportunities.
  • Profiling. To help us achieve this tailored approach, we may use profiling or wealth screening techniques to target our fundraising campaign audiences. To achieve this we may process the personal data ourselves or use a trusted third-parties. We use existing data that you have supplied to us and combine this with information from publicly available sources such as charity and corporate websites and Companies House. We only use reputable sources, where someone would expect their information may be read by the public. By doing this, we can understand our supporters better and ensure we only make appropriate requests from each of you. It may help those of you who have the means, and the desire, to give a bit more. For more detail about how and why we build profiles of our supporters please <click here>
  • To personalise and improve your supporter experience. We may use your personal data in order to tailor our information and services to your specific needs and preferences to ensure a personalised supporter experience. To understand how we can improve our services, products or information. To provide personalised direct marketing and communication in a way that you control and that suits you.
  • To improve our services and administration. To ensure the most efficient and appropriate use of the resources we have. To drive efficiency through statistical and market analysis.

If you choose to withhold certain personal data, we may not be able to provide you with the information, products or services you would like.

If you don’t want to hear from us, or do not want us to use your data for direct marketing or profiled fundraising purposes please call us using the details at Section 9 “How to Contact Us”. We will retain your details on a suppression list to ensure that we respect your preferences.

3. How we collect your personal data

We collect data about you in a variety of ways. We will collect the personal data you provide directly to us as well as data we collect indirectly available from other sources. The data we get from other organisations may depend on your various account privacy settings, or the preferences you have selected with them, such as opting in to sharing data with third parties. You should regularly check T&C’s and privacy settings them to fully understand how they will process and share your personal data.

Direct from you

You may give us personal data directly yourself. Examples include registering as a supporter or a volunteer. When you use our websites or application or portal. Additionally if you sign up for one of our events. If you make a donation or purchase one of our products (such as tickets, raffles, merchandise). When you communicate directly with us. Sometimes when you support us, your data is collected by an organisation working for us (e.g. a professional fundraising agency). If you choose to support us via a 3rd party organisation, website or application your personal data will be collected on our behalf. (e.g. an event organiser or agency contractor).

Indirectly from other sources

We may obtain your personal data indirectly when you give consent to other organisations to share it. We may purchase your personal data in a commercial transaction from a third-party organisation or alternatively make use of personal data where it is publicly available:

  • Independent event organisers. Your information may be shared with us by independent event organisers, for example the London Marathon or fundraising sites like Just Giving or Virgin Money Giving. These independent third parties will only pass on your data when you have indicated that you wish to support the Blind Veterans UK Group with your explicit consent.
  • Third party organisations. We may obtain personal data from third parties, if you have agreed we can approach them. For example, where we need to obtain a reference or when we need a DBS/DS from the Disclosure and Barring Service. You may have provided your consent by agreeing to terms and conditions to allow a company or other organisation to share or sell your data with/to third parties, including charities. This can occur when you buy a product or service, register for an online competition or complete a survey, when install an application on your mobile phone, or signing-up with a comparison site. On occasions Blind Veterans UK will purchase direct marketing data from these third-party brokers. We only purchase direct mailing lists, that include a name and a postal address. This allows us to send postal marketing materials to individuals that have opted in to receive such material. We will always perform due diligence on any purchased data and will supress the use of an individuals’ personal data on request. Note: We can only use this data where we have been either named as a recipient of the data or the third party has named/indicated a charity subsection into which we fit. We may also be provided with details of whether you are a taxpayer for Gift Aid purposes.
  • Digital, Online and social media. Like all companies, through our website and mobile apps, we may collect data about what browser you are using, your IP address and computer operating system and may use this data to improve the services we offer. Depending on your settings or the privacy policies for social media and messaging services like Facebook or Twitter, you might give us permission to access information from those accounts or services.
  • Publicly available sources. Public information may include data from places such as Companies House, the electoral register and information that has been published in articles / newspapers. Additionally, the Post Office’s National Change of Address database allows us to keep your information up to date.

4. The lawful basis for processing

UK Data protection law and regulation requires us to have a lawful basis for processing your personal information. These include:

  • Where you have given consent to do so for specific purpose(s). This may include marketing material via e-mail or SMS or to provide you with a product, service or information that you have requested or require. Where we need your consent, it will be clearly identifiable as a consent for a specific purpose. You are able to withdraw consent at any time by contacting us. If you make this choice it may affect our continuing relationship as some services may no longer be able to be supplied if consent to process data is withdrawn.
  • To comply with a legal obligation. For example, where we are required to process personal data to comply with, a court, regulatory authority the police or security services or we are legally required to, such as to comply with social security or social protection law, such as Health and Safety, a criminal record check or in order to comply with HMRC requirements to process Gift Aid.
  • The performance of a contract. If we are setting up or have a contract with you we will process your data to comply with the obligations of the contract.
  • Where we as a charity have a legitimate interest. Where we have a legitimate interest, we must ensure that we are not harming any of your interests or rights and only use it in a manner that you would reasonably expect us to. For example, we have a legitimate interest in using our supporters’ data, contacts and preferences for the purposes you would expect; in marketing to supporters; and research to better understand who our supporters are and to better target our fundraising activity. We also have a legitimate interest in fraud prevention and informing authorities about possible criminal acts or security threats.
  • Special category. Where we process ‘special category’ personal data (such as health) we will ensure we do so in accordance with a lawful basis under Art. 6 and the required additional “condition” for processing special category data under Art. 9 of UK-GDPR. An example is, where a data subject has provided explicit consent or where the data has been made public by yourself.
  • To protect the vital interests of yourself or another person. If we believe that the vital interests of you or a third party is at risk, we have a duty to protect an individual and this is a lawful basis permitting us to process personal data.

5. Protecting and sharing your personal data

How we protect your personal data.

We ensure there are reasonable and appropriate technical and organisational controls in place to protect your personal data against unauthorised or unlawful processing and against accidental loss, corruption, destruction or damage. If we believe if it is likely processing will pose a risk of harm to individuals we will complete a risk assessment process known as a DPIA to identify and minimise these risks. For example, our IT architecture is actively protected and routinely monitored. We have policies and procedures in place which staff and volunteers are expected to comply with and for which they receive training. A data back-up and recovery process to prevent permanent loss of in the event of corruption, damage or accidental loss, is in place across our IT network.

  • Online security. The Blind Veterans UK Group will ensure that when collecting personal information over the internet that this is done securely. Our online forms are always encrypted and our network is protected and routinely monitored. Our Microsoft 365 network enables us to send point to point encrypted emails. If you use a credit or debit card to donate to us, buy something or make a booking online, we pass the card details securely to our payment processing partners. We are Payment Card Industry (PCI) Data Security Standard (DSS) compliant (for more information go to Security Standards) and use external compliant providers to collect this data on our behalf. We and our partners use TLS (Transport Level Security) to encrypt data sent between you and us or our partners. We do not use cookies to store this type of information nor do we store credit or debit card details following completion of your transaction. To protect yourself when sending us sensitive information, please ensure that you use devices running supported operating systems that are regularly updated / patched and have malware protection. Only connect your devices to networks that you trust. We cannot guarantee the security of data disclosed or transmitted over public networks.
  • Password security. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping the password confidential. You agree not to share that password with anyone else. You will never be asked to provide it by any of our IT or support staff. If you are asked, decline and report the request.
  • Third party website links. Our website and apps may include links to other third-party websites, not owned or managed by Blind Veterans UK Group. Whilst we try our best to only link to reputable websites we cannot be held responsible for the privacy of data collected by sites not managed by Blind Veterans UK Group, nor can we accept responsibility or liability for the implications to you of those policies. For this reason, you should consult the privacy policy on any external website you link to before you submit any personal data.
    You should be aware that the use of the Internet is not entirely secure and although we will do our best to protect your personal data we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet. Any transmission is at your own risk.

Managing access and the sharing your personal data

We undertake reviews of who has access to the personal data that we hold to ensure that your data is accessible only by necessary and appropriately trained staff and trusted third parties. We require all third parties that process personal data on our behalf to have appropriate and technical and organisational measures in place to protect your data at the same standard that we apply ourselves. If we share your data with a third party or require you to directly share your personal data with a third party your data will be secure to the best of our knowledge.

We treat all volunteer placement references, either received by us or provided to others by us, as confidential references. Confidentiality is applied to all references because when a referee knows the content will not be shared with the individual to which it refers or with a third party, this allows a referee to provide a candid reference. This is important to us as a charity, as we have a particular focus on safeguarding potentially vulnerable beneficiaries. Confidential references allow us to make good volunteer placement decisions and prevent applicants who may have a detrimental effect on our charitable activities and beneficiaries from joining us.

There are circumstances when we may be compelled by law or where we voluntarily agree to disclose your personal data to third-parties. Examples Include, law enforcement agencies, Solicitors acting in our interest, the UK courts, government bodies or regulators Where we are required to share personal data with non-governmental organisations or sector regulators such as, The Charity Commission, the Information Commissioner’s Office, the Health and Safety Executive, the Care Quality Commission. We have limited control over how it is processed by these parties, we therefore recommend that you consult their own privacy policies.

Examples of when we will consider sharing your personal data voluntarily, without your consent but within the law include the following. Where we believe a crime has been committed or, to assist with the apprehension of an offender. Where we need to respond to an individual Right of Access Request (known as DSAR) and may share 3rd party data on a case-by-case process.

There are circumstances when a Trustee’s personal data may be shared to comply with industry standard financial and due diligence processes. Examples include fraud and anti-money laundering checks, or when the charity engages in financial credit services or if we need services to enable the electronic transfer of funds. This sharing is limited to the minimum quantity of data necessary to fulfil the task.

We may in certain circumstances share your personal data without your consent for the purpose of fulfilling our safeguarding responsibilities. This doesn’t happen often, but we may share your personal data:

  • If we believe there is a serious risk to the public, beneficiaries, our staff or to other professionals,
  • To protect a vulnerable person, (child or adult) who we believe may be at risk, for example if they are frail, confused or cannot understand what is happening to them.


Occasions, other than by law, when we may share your data include:

  • If you have agreed that we may do so.
  • When we use external service providers to collect or process personal data on our behalf, (a list of processors is included the end of this policy).
  • With our subsidiaries within the Blind Veterans UK Group.
  • A data sharing agreement process has been completed between Blind Veterans UK and Bravo Victor Limited. Bravo Victor performs the Group’s research activities as a separate charity while remaining within the Blind Veterans UK Group. This allows us to continue to have a collaborative relationship while being separate legal entities.
  • If we receive a complaint about any inappropriate content you have posted or transmitted to or from one of our sites, forums, social media pages or apps we may share your personal data with your internet provider or law enforcement agencies.
  • To enforce or apply the Terms of Use for our website or other agreements or if we believe that we need to protect the rights, property or personal safety of the Blind Veterans’ UK Group, our supporters, members, visitors or websites and for other lawful purposes.
  • We may disclose aggregate statistics about our supporters, volunteers, site visitors, customers and sales to describe our services and operations to prospective supporters, partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics won’t include any personally identifying information without your explicit consent.
  • In some instances, the third parties that we work with might also retain your information for their own purposes and in these circumstances they are also the Data Controller. Where this is the case, it will be made clear when your information is initially gathered and we recommend you look at their privacy policy for more information on how your data will be used.
  • If we run an event in partnership with other named organisations your details may need to be shared. We will be very clear what will happen to your data when you register.
  • If we merge with, or diversify, forming a separate/new organisation with its own legal identity, information including your personal data may be transferred to the new entity. (NB. If employees are transferred to the new entity, TUPE regulations apply)

We will never rent or sell your personal information. We will not share or swap it with other organisations for their own purposes or to make money out of your data without your consent.

Where we store your personal data

The personal data you provide to us whether in paper or electronic format will be stored securely meeting the requirements of this policy. Where we store your information may differ depending on the purpose for which we are processing it for, as indicated above. Your personal data may be held within in our Microsoft 365 Cloud Environment or within a number of bespoke databases or specialist applications. Your data may also be stored within a number of systems of trusted third-party processors who process your personal data on our behalf. (Details of these can be found in the third-party processors list at the end of this document)

Cross Boarder Transfers of Personal Data

We may need to use the services or provide access and processing to service providers and other organisations located outside of the UK. If this is required we will conduct an appropriate risk assessment and put in to place appropriate “additional measures” to safeguard your personal data and your data rights, Examples of such measures include the of Standard Contractual Clauses (SCC). Note, if the transfer is a one off or infrequent we may ask for your explicit consent to conduct the transfer.

The UK has recognised some countries and all of the EEA states as possessing data protection “adequacy” for the purposes of data transfers to these countries. The UK Government has decided no additional safeguards are needed to conduct data transfers to the EEA as these states have equivalent standards of data protection as the UK-GDPR 2020.

The EU has recognised the UK as possessing data protection “adequacy” for the purposes of personal data transfers of EU subject’s personal data into the UK. No additional safeguards are needed as the UK has an equivalent level of protection to that guaranteed under EU law. (EU-GDPR 2016).

In cases when we use external websites provided by other organisations such as Twitter or Facebook, then we would ask you to consult their privacy policies to determine how your personal data will be processed by these controllers.

6. Retaining and sharing your personal data

The law requires we hold your personal data for only as long as is necessary. This is to fulfil the purposes for which the data was collected and our legitimate interests or in order to comply with legal or regulatory rules and requirements.

At the Blind Veterans UK Group we manage the retention of personal data with the use of a Retention and Disposal Policy. The policy uses a 2-step process to determine how long we retain documents which may contain personal data. The criteria we use for this process is to identify the “Business Function” the document was used for, then to apply a “Purpose of Retention” (from the list below). Identifying the business function allows us to group similar documents together and assign corporate ownership to proactively manage data retention. Applying a retention purpose ensures we only retain personal data for a transparent period of time necessary to meet statutory, contractual or best practice requirements.

  • Retained as Live data only……………….………. No retention
  • Record(s) of Activity and or a Process………….. 3 years
  • Evidence or Compliance………………………….. 6 years
  • Governance Purposes……………………………. 7 years
  • Legal (Pensions, Property, Safeguarding)…..… 12 years
  • Permanent retention (subject to review)…….… (Life of charity)

The Data Protection Act 2018 prohibits a data controller from processing and retaining (an individual’s) criminal offence data. However, an exception within part 3 of schedule 1 of the DPA 2018 allows a controller to process criminal offence data for the specific purposes of volunteer and employee recruitment. At Blind Veterans UK we will only process criminal offence data within a requested DBS/DS report as “live data” during the recruitment process. Once a recruitment process has been completed for a role, we as a controller, will not retain a copy of the DBS /DS report or any of the Criminal offence data from within the report. However, we will retain the following information as evidence of the completion of the DBS: (Note this retained information is personal data not criminal offence data)

  • The date of issue of a disclosure
  • The name of the subject
  • The type of disclosure requested
  • The position for which the disclosure was requested
  • The unique reference number of the disclosure
  • The details of the recruitment decision taken


While processing “Live” criminal offence data for this purpose, we will store this data separately and securely. It will not be kept with an applicant's personnel file and access is strictly controlled and limited to only staff entitled to see it as part of their recruitment duties. DBS/DS content information will be securely destroyed after a period of six months (This period allows resolution of any related disputes or complaints) ensuring the Live data is retained for only as long as is necessary.

Where we have contracted with a 3rd party provider to process your personal data on our behalf these organisations will also retain some basic information in order to meet their own legal requirements, e.g. records of financial transactions and will only retain it for as long as is necessary.

If you decide to end or change your relationship with us as a supporter, volunteer or trustee or request that we have no further contact with you, we will need to retain some basic personal information to comply with our legal and regulatory obligations. We will also retain minimal data to maintain a suppression list to ensure we can comply with your request to receive no further contact from us. Suppression as opposed to deletion of data to prevent further contact once an individual has opted out is the accepted methodology of the UK data protection regulator the ICO.

7. Your details on the internet and website

Like most organisations, our website and apps use “cookies” and other tracking software to help us make our site and the way you use it better and more relevant to you. We will not be able to personally identify you from the data gathered but it may help us improve our online services.

  • Cookies mean that a website will remember you. They’re small text files that are transferred to your computer (or phone or tablet). They make interacting with a website faster and easier, for example by automatically filling your name and address in text fields. Please read our cookies policy for more information. You can change your cookie preferences whenever you wish.
  • When visiting our website or apps we may collect information about the type of device you’re using to access them and the settings on that device. This might also include the IP address and your operating system and certain device settings as well as diagnostic information.

8. What are your rights?

UK data protection legislation includes the UK General Data Protection Regulations 2020 (UK-GDPR) and the Data Protection Act 2018, these two authorities are to be jointly considered as the authority of UK data protection law. This legislation gives everyone a number of very important rights. In abbreviated form these are:

  • The right to be informed. Transparency over how we use your personal data. This Privacy Policy falls under this right.
  • The right of access. Request confirmation of processing and to be provided with copies of personal data we hold about you.
  • The right of rectification. Update or amend the information we hold about you if it is incomplete or inaccurate.
  • The right to erase or ‘right to be forgotten'. Ask us to remove your personal data from our records where there is no compelling reason for its continued processing, subject to a number of conditions.
  • The right to restrict processing. Ask us to supress the processing of your data, subject to a number of conditions.
  • The right to data portability. Obtain and reuse your personal data for your own purposes, subject to a number of conditions.
  • The right to object. Object to the processing of your data for certain purposes (such as marketing, research, statistics or our legitimate interests).
  • Rights in relation to automated decision making and profiling.

If you would like to know more about your rights under the data protection law see the Information Commissioner’s Office (ICO) website.

Remember, you can exercise your rights in relation to your personal information and change the way you hear from us or withdraw your permission for us to process your personal data at any time by:

  • Using the ‘Contact Preferences Form’ on our 'Contact Us' web page;
  • Through the contact details set out in the ‘How to contact us’ section of this policy.


If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law and your rights, you can complain directly to the Information Commissioner’s Office.

9. How to contact us

If you would like to raise any comments or questions regarding this privacy policy or you would like to change your preferences for how we process your information, you can do so by contacting the appropriate department:

If you are a supporter of the charity:

Write to us

Supporter Services
Blind Veterans UK
126 Fairlie Road
Slough
SL1 4PY

Call us

0300 111 2233

Email us

If you are a volunteer:

Write to us 

Volunteer Department
Blind Veterans UK
126 Fairlie Road
Slough
SL1 4PY

Call us

020 7616 8373

Email us

If you wish to enquire further about how your personal data is processed, wish to make an individual rights request, ask for information to be provided, or to raise a data protection related complaint, please contact our Data Protection Officer.

Write to us

Data Protection Officer
Blind Veterans UK
126 Fairlie Road
Slough
SL1 4PY

Call us

020 4534 1127 (direct dial)

Email us 

Appendix-List of data processors

Data Processor’s Name  |  Purpose / service provided  |  Link to privacy policy

Assemble  |  Managing volunteer data  |  Privacy Policy: Assemble

iLearn  |  On-line training provision  |  Privacy Policy: iLearn

GB Group PLC Solutions  |  DBS/PVG Provider  |  Privacy Policy: GB Group

Access Dimensions / Focal Point  |  Processing of Financial Accounting  |  Privacy Policy: Access Group

Fleetcheck  |  Volunteer Driver/vehicle Validation  |  Privacy Policy: Fleetcheck

Licence Check  |  Volunteer Licence Validation  |  Privacy Policy: Licence-check

Crowe UK LLP  |  Charity’s Accountant & Auditor  |  Privacy Policy: Crowe UK

Reliance Hitech  |  CCTV - Privacy policy  |  Reliance Hightech

MSi Security  |  CCTV  |  Privacy Policy: MSI

Consortio Security  |  CCTV  |  Data Protection Policy: Consortio Security

SurveyGizmo  |  Survey microsite  |  Privacy Policy: SmartSurvey

Woods Valldata  |  Response Handling  |  Privacy Policy: Woods Walldata

Brace Digital  |  Website and microsites  |  Privacy Policy:Brace Digital

GoInspire  |  Mailing house  |  Privacy Policy: Go Inspire

First Class  |  Legacy data management  |  Privacy Policy: Clear-software

Adroit (data and Insight)  |  Marketing selections and insight  |  Privacy Policy: adroitinsight

SMILE Fundraising Ltd  |  F2F RG recruitment  |  Privacy Policy: Smile Fundraising

Ethicall  |  TM recruitment  |  Privacy Policy: ethicall

Reason Digital MK3 |  Online donations  |  PENDING

Edit  |  Media planning and buying  |  Privacy Policy: Edit

Much Loved  |  Tribute fund site  |  Privacy Policy: Muchloved.com

Experian  |  Data Cleaning  |  Privacy Policy: Experian

Hootsuite  |  Social Media Post management  |  Privacy Policy: Hootsuite

Facebook  |  Social Media Channel  |  Privacy Policy: Facebook

Instagram  |  Social Media Channel  |  Privacy Policy: Instagram

JustGiving  |  Donation platform  |  Privacy Policy v3.0: JustGiving

Zapier  |  Social Media Management  |  Privacy Policy: Zapier

Dot Digital  |  Marketing Platfrom  |  Privacy Policy: dotdigital

Google Analytics  |  Analytical statistics  |   Privacy Policy: Google Analytics

Twitter  |  Social media Channel  |  Privacy Policy: Twitter

LinkedIn  |  Social media Channel  |  Privacy Policy: LinkedIn

Newnorth  |  Print and Mailing Service  |  Privacy Policy: Newnorth

MRA  |  Audio Mailing service  |  Privacy Policy: MRA

Linney  |  Print Service  |   Privacy Policy: Linney

N2  |  Print Service  |  Privacy Policy: N2 Digital Media

Read more