Thanks for taking the time to read our privacy policy. We want it to be simple to understand and in plain English. If you have any questions or need additional information our contact details can be found at the end of this policy.
What information is being collected?
Information falls into these groups:
1/ For volunteers - standard sign up information, including your name, email address, post code
2/ For those we help, end service users - data on mobility and lifestyle gathered collected through a questionnaire that will be carried out over the phone.
3/ Messages between users which we will store and which you can retrieve at any time.
4/ Cookies to collect information to help us understand how you use our website or mobile application - you can opt out of this using your browser settings.
Certain missions with vulnerable members of the community may require a DBS check. These are entirely optional to complete. If you choose to do so, you will provide proof of identify, registered address for the last 5 years, and permission to run background checks. This data is not provided or held by OnHand but direct to a DBS provider, further details below.
Who is collecting it?
OnHand will ask you for data such as your name and contact details (email, postal addresses and phone number).
In addition, for volunteers: if you opt to complete a DBS check, we use uCheck who are a government DBS umbrella company to run these checks. We don’t actually store the data you provide for DBS clearance ourselves. uCheck’s data protection policy can be found here: https://hrplatform-cdn.s3.amazonaws.com/docs/Applicant%20Privacy%20Policy%20v1.0.pdf
For end service users: a member of the OnHand team will call you to conduct a basic risk assessment around your mobility and lifestyle.
For all users: We will be holding data relevant to tasks including how many requests you have had, how many missions you have completed and a history of any in-app messages. This data will be stored on Firebase and Intercom. Their privacy policies can be viewed here:
https://www.firebase.com/terms/privacy-policy.html https://www.intercom.com/terms-and-policies#privacy
How is it collected?
The vast majority of data is collected in our mobile app. Some minimal data may be collected through a webform. Risk assessments with end service users are carried out by a member of our team over the phone, the data is gathered verbally and inputted into our secure database. Data for DBS checks are input directly into the DBS service (therefore not stored by OnHand).
Why is it being collected?
There are three main reasons we need to collect your data:
1/ The data OnHand collect is needed to run the app service ie names, email and location details.
2/ Safety and Security: we are matching volunteers to help elderly and vulnerable people. We must use everything at our disposal to protect all our users. This may mean completing a DBS check where you choose a mission to help more vulnerable members of the community. Whilst completing a DBS check is entirely optional, it is necessary for certain mission types. We will from time to time read message threads to ensure we can spot the early signals of anything untoward and intervene to protect our users.
2/ Service Improvement: we will look at data on aggregate to understand if our app is working as well as it can, or if we need to change features or redesign the user experience to make it work better.
How will it be used?
Data will be used to protect our users, optimise our service, to deal with your enquiries & requests, to comply with our legal obligations, to cooperate with regulators and law enforcement if required, to contact you with content from us and to personalise the content you receive from us.
We don’t sell data. We don’t analyse data to find commercial uses including advertising or upselling of goods or services. We might use software to scan messages for signs of abuse.
The data we collect, store and use is entirely to facilitate the outcomes of OnHand as a service that connects volunteers, elderly people and their relatives to lend a helping hand, and in so doing raises donations for charity.
What are our legal grounds for using your data?
We must have a legal ground to process your data, in most cases this will be one of the following:
1/ to fulfil our contractual obligations to you
2/ to comply with our legal obligations
3/ to meet our legitimate interests - in order to operate and improve our services and keep you updated with our work
Where your data is stored
We utilise AWS for data storage, using data warehouses in Dublin, Ireland. It is possible your data might be transferred to a country that's not operating within the latest European Data Protection regulation, in the case of this happening we have put in place appropriate safeguards in accordance with applicable legal requirements to ensure that your data is adequately protected. For more information please contact us at hello@beonhand.co.uk
Retaining your data
We keep your data for as long as we have a relationship with you, once it has come to an end we retain it for a period of time which enables us to:
1/ maintain our business records
2/ comply with legal obligations
3/ defend or bring any existing or potential legal claims
4/ deal with any complaints about the service
We delete your data when it is no longer required for these purposes.
Your rights:
You have certain rights regarding your data, these include rights in certain circumstances to:
1/ access your data
2/ correct any inaccurate data
3/ delete your data
4/ restrict how we use your data
5/ object to our use of your data
6/ receive your data in a readable digital format
7/ to lodge a complaint with the ICO if you're not happy with how we use your data
If you'd like to discuss or exercise any of these rights then contact us here hello@beonhand.co.uk
Who will it be shared with?
If you are volunteering through your employer, we will share high level data such as your name, number of missions completed and CO2e reductions with them. This enables leaderboards and any competitions your employer may run. Other than the third party providers listed we won’t share your data with anyone else. Under such circumstances we will follow legal advice to ensure we are fully compliant. We have chosen industry best in class service providers with privacy and security front of mind. We won’t sell your data. The only time we will share your data is under a court order in the event our T&C’s, Safeguarding or other policies have been breached
We will from time to time send you newsletters. We use Intercom and Hubspot to send these. Their privacy policy can be found here: https://legal.hubspot.com/privacy-policy
How can an individual access/delete the data you hold on them?
If you notify OnHand that you would like to leave the service we will immediately delete your accounts and remove you from contact lists and third party services including Intercom and Hubspot.
How can an individual complain?
You can contact us at anytime at hello@beonhand.co.uk to complain or raise queries or concerns about this policy.