Note: the browser you are using is out of date and this website may not work properly. Please upgrade your web browser.

Privacy

Young Trustees Movement Privacy Notice For Our Website Visitors

We believe you have the right to privacy on the web. This policy sets out how we will treat your personal information.

1. Introduction

The Young Trustees Movement (YTM) is committed to protecting your personal data and upholding your privacy. This notice explains how we collect, use, store, and share personal information, and your rights in relation to that data.

 This notice applies to anyone who interacts with YTM outside an employment relationship - including funders, grantees, collective members or administrators, financial contributors, newsletter subscribers, platform users, and members of the public.

 We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are

The Young Trustees Movement

Registered address: ℅ Sedulo Office 605, Albert House, 256-260 Old Street, London, England, EC1V 9DD.

General enquiries: hello@youngtrusteesmovement.org

Report a concern: hello@youngtrusteesmovement.org

 3. What Data We Collect

Depending on how you interact with YTM, we may collect:

●       Name, contact details, job role, organisation

●       Financial data (e.g. payment details)

●      Communication preferences & survey responses

●       Website usage data (e.g. IP address, browser type, cookies)

●       Special category data (e.g. health, safeguarding) where necessary and lawful

●       Images & recordings from our online training sessions (kept for training purposes & only accessible by YTM staff)

 4. When We Collect Your Data

We collect your personal data when:

●       You register for and/or attend one of our online training sessions

●       You correspond with us directly via email

●       You complete a form, make a payment, submit an expense, or engage with us on Open Collective

●       You sign up to a newsletter or event

●       You visit our website (via cookies and analytics)

 5. Cookies 

Cookies are small text files that are placed onto a device when users first visit a website which monitors interactions with the site.

We use cookies to:

  • Recognise you when you return.
  • Embed content hosted by third parties like Typeform and video hosting platforms.
  • Improve your experience on our websites through monitoring content and feature usage.

There are categories of cookies we set:

  • Necessary cookies – these cookies are necessary for the website to function properly. Some of the following actions can be performed by using these cookies: keeping you logged in; serving video content we host through third parties; storing your cookie consent preferences.
  • Analytics cookies – these cookies are used to gather statistical information about the use of our websites, also called analytics cookies. We use this data for performance and website optimisation, through third party services like Google Analytics. 

The full list of cookies we use across our sites can be viewed via the cookie information panel in our consent banner. You can open this at any time by clicking the cookie icon in the bottom right-corner of the website.

 6. Why We Collect Your Data 

We only process your data when there is a lawful basis (under Article 6 of UK GDPR) to do so, such as:

●       Consent – for newsletters or optional communications

●       Contract – to manage contracts, collective services, or other agreements

●       Legal obligation – for regulatory, safeguarding or financial compliance

●        Vital interest / public task – in rare and exceptional circumstances, such as protecting someone from serious harm or fulfilling a safeguarding duty, we may process data without consent. This is only done when necessary and proportionate, and where seeking consent would be unsafe or cause harmful delay.

 7. Use of Platforms & Third Parties

We use a range of third-party tools and systems at Young Trustees Movement. We ensure all providers meet appropriate data protection standards. This tools include:

● Google Workspace

● HubSpot

● Typeform

● Zoom

● Eventbrite

● Stripe

8. Sharing Your Data

We do not sell or rent your data. We may share it with:

●       Trusted third-party service providers who help us operate (e.g. payment processors, platforms)

●       Regulators or auditors, where legally required

●       Legal or safeguarding authorities, where necessary

 We only share the minimum information needed and ensure all parties meet strong data protection standards.

9. Data Security and Retention

We store personal data securely, using:

●       Encrypted systems and two-factor authentication

●       Access controls and secure cloud platforms

●       Password managers for internal access (e.g. Dashlane)

 We keep data only for as long as needed. Typical retention periods last

●       Finance and grant records: at least 7 years (audit/legal requirements)

●       General enquiries/forms: 2 years

●   Contact data of clients: 7 years from the end of the financial year the relationship ended

●       Legal or safeguarding data: as required by law

●       Due diligence data: at least 7 years

 We delete or anonymise data when it is no longer needed.

10. Your Rights

You have the right to:

●       Access your personal data

●       Correct or delete it

●       Object to or restrict its processing

●       Withdraw consent (where relevant)

●       Complain to the Information Commissioner’s Office (www.ico.org.uk)

To exercise these rights, contact hello@youngtrusteesmovement.org.

Get involved

This movement is creating change - we need you to be part of it. Find out ways to get involved.