CATCH and Bounce are operated by Parents And Children Together (PACT). This privacy notice gives you information about the personal data that we collect and process when you sign up as a user to one of our digital hubs. We take your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on:
PACT is a registered charity, providing adoption and adoption support services as a Voluntary Adoption Agency registered with Ofsted and community projects supporting and empowering women facing multiple disadvantages and the recovery of children affected by domestic abuse.
Our registered address is PACT Head Office, 7 Southern Court, South Street, Reading RG1 4QS. While providing our services and running the charity, we gather information about individuals which means we need to comply with data protection legislation: the UK GDPR and the Data Protection Act 2018.
Our Role as a DATA Controller
If you are registering as a user with one of our digital hubs we will be acting as the ‘data controller’. This means we decide how your personal data is processed and for what purposes.
Our Role as Data Processor
If your Local Authority, or an organisation you are working for or receiving support from, has provided us with your details to provide you with a login for one of our digital hubs, we will be acting as a data processor. This means we are processing your data to deliver a service on behalf of a data controller (this may include but not be restricted to a Local Authority, Regional Adoption Agency, Voluntary Adoption Agency, virtual school and fostering service) and can only process it in accordance with their instructions. We cannot use your personal data for our own purposes.
Personal data is any information that can be used to identify you. It covers obvious information such as your name and contact details, but also less obvious information such as identification numbers, electronic location data, and other online identifiers.
PACT only collects personal data relevant to the involvement you have with us. For example, if you request a login, complete a survey, or contact us by telephone, email, social media, post, or text message, we will collect and process the personal information you have provided to ensure we can respond to your request. When collecting your personal data, we will explain to you what data is needed and why we need it. Further details about the information we collect when you sign up to one of our digital hubs, are below.
Data Protection Law recognises that some categories of personal information are more sensitive. Special categories of personal data include information about ethnic origin, sexual orientation, and religious beliefs. We will only collect these special categories of personal data about you when you give us your explicit consent to do so.
The data we gather is held in accordance with Data Protection Law, including the UK General Data Protection Regulation (the ‘UK GDPR’), the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) 2003. PACT complies with its obligations under data protection law by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access, and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
Registering your account
We need to collect and hold personal data about you to register you as a user on our digital hubs. This may include:
This information may be provided to us either directly by you, or indirectly by a third-party.
Personal information provided by you
Dependent on which digital hub you are accessing, as you progress through registration process, you will have to provide us with the personal data we need to give you access to the specific platform.
Personal information provided by third parties
If you are not an individual registering directly with one of our digital hubs, our partners (e.g., Local Authorities, Regional Adoption Agencies and Voluntary Adoption Agencies) will share your information with us to set up an account for you.
Personal information about other individuals
You may be providing information on behalf of another person who wishes to or requires access to one of PACT’s digital hubs. If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on their behalf and has agreed that you can give consent on their behalf to the processing of their personal data for the purposes outlined in this privacy notice.
Using PACT’s digital hubs
As you use one of PACT’s digital hubs, we will collect information about how you use and access the system so that we can improve our service, and where necessary or required, provide feedback to the agency/organisation funding your access, if you do not pay us directly. We will also include your usage information in aggregated data for analysis and reporting purposes.
We will also process communication data sent to you and sent by you, for example if you have access to the forum and post messages.
We collect information about you so that we can:
Data Protection Legislation requires that we process your personal data lawfully, which includes choosing an appropriate legal basis linked to the purposes we have identified. One of the following legal bases typically applies:
The table below details the legal basis we rely on for each of the purposes we have identified:
| Purpose | Legal Basis |
|---|---|
| Set up and manage your account | Performance of a contract |
| Send you payment instructions for your subscription (if applicable) | Performance of a contract |
| Manage any concerns that arise relating to safeguarding, confidentiality, behaviour, or usage | Performance of a contract Legal Obligation (Safeguarding) |
| Notify you of changes and associated services that may affect you | Performance of a contract |
| Share usage and access data with the agency that is funding your access (if applicable) | Performance of a contract / Legitimate Interests |
| Inform you of other services we provide that may be applicable to you | Consent |
| Conduct research, statistical analysis, and behavioural analysis | Consent (cookies) Explicit Consent (ethnicity, diversity and inclusion data) |
| Improve our services | Legitimate interests / Consent (cookies) |
Account management
We will send you emails related to your account usage. For example, we may notify you about new content being released, scheduled maintenance or the status of your account.
Notifications
Some of PACT’s digital hubs have forums, if you have access to one or more of these forums, you can choose whether you receive notifications about activity (e.g., replies to your posts or threads you are following). You can manage this in your profile.
We limit access to your personal data to those employees, contractors, and third-party processors (see below) who have a legitimate need to know and ensure that they are aware of their duty of confidentiality.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
Otherwise, we will only share your data with parties outside of the organisation with your consent. For users who were registered with us via a partner agency, we share usage data of the accounts that our partners are funding with them, for their own reporting purposes.
We may pass your information on to third party service providers, agents, or subcontractors for the purposes of completing a task or providing services to you on our behalf (e.g., hosting CATCH platform). However, we disclose only the personal information necessary to deliver that service and have a contract in place that requires them to keep your information secure and not to use it for other purposes.
Third party service providers who act as data processors on our behalf in relation to this website:
| Service Provider | Activity Carried Out | Sector | Location |
|---|---|---|---|
| Video hosting, sharing and services platform provider. | Hosting video materials | Video Hosting | United States |
| Web Design Agency (data processor) | Design and maintenance | Marketing & Design | UK |
We will use technical and organisational measures to safeguard your personal data, for example:
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any concerns about your information, please contact us (see ‘How can you contact us?’ below).
We store some of your personal data in countries outside of the UK. These are known as “third countries”. We will take additional steps to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation as follows:
PACT will retain your personal information for the period you are accessing one of our digital hubs as a user (whether funded or as a paying user) and for a period of up to 2 years after your funded/ paid for access has concluded. This is for the purpose of monitoring and reporting or to offer the opportunity to renew or resubscribe individually. After this point your personal data will be removed from our databases.
Unless subject to an exemption (under the GDPR), you will have the following rights with respect to your personal data:
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the contact details provided at the end of this policy.
It is important that your personal data are kept accurate and up to date. If any of the personal data we hold about you change, please keep us informed for as long as we have the data.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice charity.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first using the contact details provided at the end of this policy.
What are cookies?
A cookie is a small text file which is placed onto your computer (or another electronic device) when you use our website. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. We use cookies on this website.
How do we use cookies?
Cookies provide information about individuals’ usage of the website, which may identify you as the same individual even if we do not know your name, we can identify location, IP address and device information. As such, we make sure you have a choice about the cookies that are placed on your device for our statistical purposes by Google Analytics, which help us to understand more about the ways in which people use our website. We would appreciate it if you opt-in to accept these cookies when the website asks you, as it will help us to improve it over time. In addition, marketing cookies help to understand the interests of our visitors so that we can better target our marketing activities.
What Cookies do we use?
We use first-party cookies (Cookies set by PACT) and third-party cookies (cookies set by other providers, e.g., analytics providers such as Google).
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies. No consent is required for Necessary cookies.
| Cookie | Name | Purpose | More information |
|---|---|---|---|
| AEC | Google (Functional) | Fraud prevention. | Click here for an overview of privacy at Google. |
| HSID | Google Ads Optimization (Functional) | Fraud prevention. | Click here for an overview of privacy at Google. |
| SIDCC | Google Maps (Functional) | To provide identification of trusted traffic. | Click here for an overview of privacy at Google. |
| _GRECAPTCHA | Google reCAPTCHA (Functional) | To provide spam protection. | Click here for an overview of privacy at Google. |
| CONSENT | Google Ads Optimization (Functional) | To store cookie consent preferences. | Click here for an overview of privacy at Google. |
| Cmplz_banner-status | Complianz (functional) | To store if the cookie banner has been dismissed. | Click here for an overview of privacy at Complianz |
| Cmplz_consented_services Cmplz_statistics Cmplz_functional Cmplz_preferences Cmplz_marketing Cmplz_policy_id | Complianz (functional) | To store consent preferences. | Click here for an overview of privacy at Complianz |
| SEARCH_SAMESITE | Google (Functional) | To prevent the browser from sending this cookie with cross-site requests. | Click here for an overview of privacy at Google. |
| wordpress_logged_in | WordPress (Functional) | To store logged in users. | Click here for an overview of privacy at WordPress. |
| WordPress_sec_ | WordPress (Functional) | To provide protection against hackers, store account details. | Click here for an overview of privacy at WordPress. |
| wordpress_test_cookie | WordPress (Functional) | To read if cookies can be placed. | Click here for an overview of privacy at WordPress. |
| Sc_anonymous_id | SoundCloud (Functional) | To provide functions across pages. | Click here for an overview of privacy at SoundCloud |
Non-essential cookies have a range of functions, from allowing the website owner to understand how users are moving around and using their website (Statistical) to third-party cookies which look to build a profile of individuals that can inform their online marketing decisions (Marketing). Non-essential cookies require a user to ‘opt-in’ to accept the cookie onto their device.
| Cookie | Name | Purpose | More information |
|---|---|---|---|
| _ga | Google Analytics (Statistical) | To collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information, including IP address, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. | Click here for an overview of privacy at Google. |
| _gat_UA-* | Google Analytics (Statistical) | A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to. | Click here for an overview of privacy at Google. |
| _gid | Google Analytics (Statistical) | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website’s performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. | Click here for an overview of privacy at Google. |
| SAPISID SSID APISID | Google Ads Optimization (Marketing) | To provide ad delivery or retargeting, collect user information for videos hosted by YouTube and Vimeo. | Click here for an overview of privacy at Google. |
| SID | Google Ads Optimization (Marketing/Tracking) | To provide ad delivery or retargeting, provide fraud prevention. | Click here for an overview of privacy at Google. |
| NID | Google Ads Optimization (Marketing/Targeting) | To provide ad delivery or retargeting, store user preferences. | Click here for an overview of privacy at Google. |
| 1p_jar | Google Ads Optimization (Marketing/Tracking | To provide ad delivery or retargeting. | Click here for an overview of privacy at Google. |
| _gcl_au | Google Adsense (Marketing/Tracking) | To store and track conversions. | Click here for an overview of privacy at Google. |
| Vuid | Vimeo (statistics) | To store the user’s usage history. | Click here for an overview of privacy at Vimeo. |
| _fbp | Facebook (Marketing) | This cookie is set by Facebook to display advertisements when on Facebook or on a digital platform powered by Facebook advertising, after visiting the website. | Click here for an overview of privacy at Meta. |
| _fr | Facebook (Marketing) | Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin. | Click here for an overview of privacy at Meta. |
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. To find out more about specific cookies, who places them and their purposes, visit www.cookiedatabase.org. We have used this resource to populate the table above.
You can easily access (and update) the information we have described above via your Account Profile on each digital hub.
If you want to know what additional personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests can be made in writing, either via email or via the postal address which should be sent to PACT’s Data Protection Lead.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data, within that time. In some cases, however, particularly if your request is more complex, more time may be required, up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress. We may not need to provide all the information to you if there are exemptions we can rely on.
You also have the right to lodge a complaint about our processing of your personal data with the UK’s Information Commissioner’s Office.
To exercise all relevant rights, to raise a query or complaint with us, please contact the Data Protection Lead in the first instance. We are also happy to answer any questions you may have about this privacy notice or the information we hold about you.
If you wish to contact us, please use the details below:
e-mail: dataprotection@pactcharity.org
Postal address: PACT Head Office, 7 Southern Court, South Street, Reading RG1 4QS
Telephone: 0300 456 4800
You can contact the Information Commissioners Office on 0303 123 1113, through their online contact form or at the following address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
We may change this privacy policy from time to time. You should check this statement occasionally to ensure you are aware of the most recent version that will apply each time you access this website.
If you would like this policy in another format (for example: audio, large print, braille) please contact us (see ‘How can you contact us? above)
Last updated: July 2023