Who we are
What personal data we collect and why we collect it
As a granting body, most of the information we collect focusses on organisations applying for funds and the projects they wish to fund. We also gather the contact details of individuals (name, address, email address and telephone number) applying on behalf of the organisation. This is for communication purposes as we will need to reach out to the prospective and successful organisations. We will also use it to monitor the delivery of the projects.
Individuals that have contacted the Isla Foundation for advice or guidance or for a general enquiry might have their name, address, email address and personal phone number collected.
How do we collect your information?
We collect information when our online application for funding is completed, or an individual has agreed to be named as a secondary contact or contributing third party donor for a project the applicant is involved in.
How do we use your data?
We may use personal information to:
- Contact you to discuss an application where you are an authorised named contact;
- Contact or inform you about the progress of an application where you are either the primary or secondary contact;
- Contact you about an enquiry you have made;
- Contact you about a contributing third party donation you have agreed to make;
- Send you communications or information you have requested;
If you use our Website, we understand that to mean that you consent to our use and placement of cookies for the purposes of collecting and processing Interests Information and Technical Information in the manner described here below:
We may use this analytics tool to monitor website traffic and which adverts you click on. We store this information for up to 2 Years.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We do not and will not knowingly collect information from any unsupervised child under the age of 13. If you are under the age of 13, you may not use the site unless your parent or guardian has provided us with their consent for use of the Website.
We respect your right to privacy and will only process personal information you provide to us in accordance with applicable data protection laws.
Who we share your data with
We may share Personal Data about you with the following service providers who we engage to process such Personal Data for the purposes described herein:
- Website Performance Service Providers
- Google Analytics;
- Data Storage Providers
- Mail Chimp
The Personal Data that we collect from you may be transferred to and stored at a destination outside the European Economic Area including but not limited to the USA. By submitting your Personal Data to us you agree to this transfer, storage or processing. We will take all steps reasonably necessary and available to us to safeguard and ensure that your Personal Data is treated securely and in accordance with applicable laws.
How long we retain your data
We store this information for up to 2 Years.
What rights you have over your data
We try to be as open as we reasonably can about the Personal Data that we process. If you would like specific information, just ask us at firstname.lastname@example.org
You have legal rights (i) to make a “subject access request” to access your Personal Data; (ii) to request and be given your Personal Data in machine readable format for the purposes of your passing such data to third parties; (iii) to request rectification or removal of your Personal Data; and (iv) to object to processing of your Personal Data and/or to have its processing restricted. You can withdraw your consent to receive marketing messages at any time. If you would like to use any of these rights, or otherwise have any questions about how we handle data, please contact us at, with details of your request. In the case of subject access requests please ensure that you add “subject access request” into the subject line of your email.
In certain circumstances we may not be able to stop using your personal information but, if that is the case, we will let you know and tell you why.
In relation to subject access requests, we will respond as soon as possible but no longer than one month after such request is received. We will not usually charge you an administration fee in relation to any such subject access request unless we feel that the request is unusually onerous or complex
We will store and process your Personal Data only for as long as is reasonably necessary for us to perform the services/activities we are undertaking and to comply with our legal obligations.
Please note that our Website may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
As you probably know, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data once transferred to us and any transmission is at your own risk. Once we have received your Personal Data, we will use strict procedures and security features to try to prevent unauthorised access.
If you have complaints relating to our processing of your Personal Data, you should contact us in the first instance at email@example.com. You may also raise complaints with the Information Commissioner who is the statutory regulator.
How we protect your data
We protect customer data with the following site features:
- We are entirely using SSL/HTTPS throughout all our sites. This encrypts our user communications with the servers so personal identifiable information is never captured by third parties without authorisation.
- We will make sure to anonymised any information that might be shared, unless agreed otherwise.
What data breach procedures we have in place
Breach Notification: In the event of a breach we will notify affected users within 72 hours of first having become aware of the breach.