Last updated 26th June 2025.
This privacy policy is provided by Goodheart Animal Sanctuaries, based at The Nickless Farm, Milson, Kidderminster, Worcestershire, England, DY14 0BE, and relates to our website: www.goodheartanimalsanctuaries.com.
We’re dedicated to improving the lives of rescued animals – and we take the same care when it comes to handling your personal information. Your privacy matters to us, and we’re committed to keeping your data safe and using it responsibly.
This policy applies to all personal data collected from supporters, volunteers, visitors, enquirers, and anyone else who interacts with Goodheart Animal Sanctuaries. If you do not agree with any part of this policy, you may wish to stop using our website or avoid submitting personal information to us.
If you have any questions or would like more information about how we handle your data, please get in touch at info@goodheart.org.uk or refer to the contact details at the end of this policy.
Registered charity number: 1162923
The purpose of this privacy policy is to clearly explain how and why we collect, use, and protect your personal information when you engage with Goodheart Animal Sanctuaries.
Whether you’re browsing our website, signing up to support our work, visiting the sanctuary, or contacting us in any other way, this policy outlines what data we collect, how we use it, and what your rights are.
For the purposes of data protection law, the controller of your personal data is: Goodheart Animal Sanctuaries. As the controller, we are responsible for determining how and why your personal data is used, and for ensuring that it is handled in accordance with applicable data protection laws
If you have any questions about this privacy policy or our privacy practices, please contact us in the following ways:
Full name of legal entity: Goodheart Animal Sanctuaries
Email address: info@goodheart.org.uk
Postal address: The Nickless, Milson, Kidderminster, Worcestershire DY14 0BE, United Kingdom
ICO Registration Number: ZB209238
You are entitled to raise a complaint with your local data protection authority at any time. For individuals in the UK, this authority is the Information Commissioner’s Office (ICO), which oversees data protection matters (www.ico.org.uk). That said, we would value the opportunity to address any concerns you may have before you contact the ICO, so we encourage you to reach out to us directly in the first instance.
We review and update this privacy policy on a regular basis to ensure it remains accurate and up to date. The most recent revision date is shown at the top of the policy.
It is important that the personal data we hold about you is accurate and current. Please inform us if your personal information changes during the course of your relationship with us.
We may promote or operate shops, events, or fundraising activities through third-party websites such as Etsy, JustGiving, or Unity Lottery. These platforms are separate from our organisation and have their own privacy policies and terms of use.
If you follow a link to one of these platforms, you may allow third parties to collect or share data about you. We do not have control over these third-party websites and are not responsible for their privacy policies. When you leave our website, we recommend that you read the privacy policy of every website you visit.
When we say:
“We”, “us”, “our” – we’re referring to Goodheart Animal Sanctuaries.
“You”, “the user” – this means anyone using our website, contacting us by email or phone, visiting the sanctuary, or interacting with us on social media.
“Cookies” – these are small text files stored on your computer or device to help websites (including ours) work better and gather useful information about how they’re being used.
Personal data (or personal information) refers to any information about an individual that can be used to identify them. This does not include data where the individual’s identity has been removed (anonymous data).
We may collect, use, store, and share various types of personal data about you, which we have categorised as follows:
Identity Data: This includes your name and sometimes, title.
Contact Data: This includes your billing and delivery addresses, email address, and telephone numbers. If you take part in fundraising, events, or volunteering, you may be asked for next of kin or medical history data.
Transaction Data: This includes details of payments made to and by you, as well as other information about services you have purchased from us, or donations you have made.
Technical Data: This includes your internet protocol (IP) address, browser type and version, time zone and location, browser plug-ins and their versions, operating system and platform, cookies and other tracking technologies, and other technology on the devices you use to access our website.
Profile Data: This includes your order history and any interests or preferences you have expressed.
Usage Data: This includes information about how you use our website and services.
Marketing and Communications Data: This includes your preferences for receiving marketing communications from us and third parties, as well as your communication and consent preferences.
Visual Data: This includes photographs, video recordings, and other visual media collected at events or through other interactions which may identify you.
Volunteer Data: This may include information about your skills, qualifications, references, availability, and other relevant details if you volunteer with us.
Other Information: Any additional details you provide to us, including feedback, comments, or complaints.
In some cases, we are required by law or by the terms of a contract to collect certain personal data. If you do not provide this data when requested, we may not be able to carry out our obligations – for example, to process a donation, fulfil a membership, or allow you to participate in an event or volunteer role. If this affects a service you have with us, we will let you know at the time.
We collect personal data about you using various methods, including through:
Some information we may get directly from you, for example, you may provide us with your Identity, Contact, and Financial Data by completing forms or communicating with us by post, phone, email, or other means. This includes any personal information you give us when you:
request or download our publications;
sign up for our emails;
register to attend or participate in events or fundraising activities;
contact our team by phone, email, or in writing;
visit our sanctuary, attend events we organise, or visit our stall at events we attend;
request marketing materials or communications from us; or
provide feedback, raise concerns, or get in touch with us.
As you interact with our website, we automatically collect Technical Data about your device, browsing actions, and patterns. We gather this information using cookies and similar technologies. This data may include your IP address, browser type, operating system, pages visited, and time spent on our site.
We use tools such as Google Analytics and sometimes Facebook Pixels to understand how people use our website and to improve your experience. These tools also help us learn about our supporters’ journeys so we can reach more people who care about our cause.
To collect this information, we use cookies on our website. Our cookie banner asks for your consent before placing any cookies that are not strictly necessary. By accepting cookies via the banner, you agree to their use as described in our cookie policy. If you choose not to accept cookies, you can manage or delete cookies through your browser settings or use your browser’s private or anonymous mode. Please note that disabling or refusing cookies may affect your experience and some parts of our website may not function properly. For more details, please see our cookie policy.
We work with third-party service providers to help us operate our charity, deliver services, and communicate with supporters. These providers may process your personal data on our behalf, but only in accordance with our instructions and applicable data protection laws.
The types of third-party services we use include:
Customer relationship management (CRM) systems – such as Beacon CRM, which we use to securely manage supporter records, donations, event registrations, and online forms.
E-commerce platforms – such as Shopify, which we use to operate our online shop, process orders, and manage delivery information.
Email marketing platforms – such as Mailchimp, which we use to send newsletters and updates to supporters who have opted in to receive them.
Payment processors – such as Stripe, who help us process donations, event fees, or purchases securely.
Analytics and tracking tools – such as Google Analytics and Facebook Pixel, which help us understand how visitors use our website and improve our reach.
IT and cloud service providers – who support the secure hosting and maintenance of our systems and website.
Professional advisors and auditors – including legal, financial, and fundraising consultants where needed.
Fundraising and event platforms – which we may use to manage event sign-ups, ticketing, or third-party fundraising activity.
Some of these providers may be located outside the UK or European Economic Area (EEA). Where these third parties are located outside the UK/EEA, we ensure appropriate safeguards are in place – such as UK-approved Standard Contractual Clauses – to protect your data in compliance with UK GDPR.
Embedded content from other websites
Some pages on our website may include embedded content (such as videos, images, articles, or social media feeds). Embedded content from other websites behaves in the same way as if the visitor had accessed the content directly on the external website.
These third-party sites (for example, YouTube) may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with the embedded content – including tracking if you are logged into an account on that platform.
We recommend reviewing the privacy policies of those platforms before engaging with embedded content.
We only process personal data where we have a valid legal reason (or ‘lawful basis’), such as fulfilling our contract with you, complying with legal obligations (e.g. Gift Aid), your consent (e.g. marketing), or our legitimate interests (e.g. website improvements).
We use the personal information we collect for a variety of purposes, including:
To provide our services and fulfil your requests
Sending your membership pack or other goods you have purchased
Processing your donations, including handling Gift Aid claims
Contacting you about a competition or prize draw entry
Communicating with you about an animal you have surrendered into our care
Keeping a record of your relationship with us
Legal basis: Contract performance / Legitimate interest
To process payments and donations
Handling payments, for example donations, membership fees, and purchases
Legal basis: Contract performance / Legitimate interests
To communicate with you
Sending our latest news, updates, and information if you’ve asked to receive them
Managing your communication and marketing preferences
Sending you details of products available from our online shop
Contacting you with tailored communications, marketing materials, and advertising we think may interest you, including fundraising, events, and campaigns
Inviting you to events, advocacy campaigns, and opportunities to support our work
Legal basis: Consent (for marketing communications) / Legitimate interests (for updates)
To improve our services and communications
Using data analytics to improve our website, products, marketing, and supporter experience
Using your feedback to improve our products, services, or communications
Analysing supporter data (on a grouped or anonymous basis) to ensure our communications are relevant and cost-effective
Legal basis: Legitimate interests
To manage our relationship with you
Notifying you about changes to our terms or privacy policy
Asking you to leave reviews or take surveys
To verify identity and prevent fraud
Verifying identity of donors, volunteers, or adopters
Preventing fraud or misuse of services
To manage volunteers and staff
Collecting and processing data for volunteer roles, DBS checks, training, and compliance
Legal basis: Contract performance / Legal obligation
To provide personalised support or care
Handling sensitive data relating to health or welfare, for example in relation to animal adopters or beneficiaries
Legal basis: Consent / Contract performance / Legal obligation
To handle complaints and feedback
Investigating and resolving complaints or concerns
To conduct research and reporting
Analysing data for impact reports, grant applications, or charitable objectives
To maintain security and prevent abuse
Monitoring for security breaches, safeguarding concerns, or preventing cyberattacks
To comply with legal and regulatory obligations
Processing Gift Aid declarations and maintaining necessary records
Legal basis: Legal obligation
We do not sell or share your personal details with third parties for their own marketing purposes.
We only share financial information with banks and payment processors to securely handle your payments.
In other circumstances, we will only disclose your personal data:
In line with this privacy policy;
With your explicit consent; or
When required by law or to protect the rights, property, or safety of Goodheart Animal Sanctuaries, our supporters, staff, or others.
This may include sharing information with the police, regulatory authorities, or legal advisers when necessary.
We take your privacy seriously and implement a range of technical and organisational measures to protect your personal data from unauthorised access, misuse, loss, or disclosure.
Some of the steps we take include:
Using Beacon CRM to securely manage supporter data, donations, and event records. Beacon is certified to ISO 27001:2022 – the internationally recognised standard for information security – and is audited by UKAS-accredited bodies. This ensures a robust framework is in place to protect your data to the highest standard.
Restricting access to your personal data within the organisation to staff who need it to carry out their roles
Requiring all staff with access to data to complete regular data protection training
Protecting our systems and devices with secure passwords, anti-virus software, and firewall technology
Using multi-factor authentication where available to access key systems
Working only with trusted third-party providers who process data securely and in accordance with their own robust privacy policies
Performing regular backups and audits to ensure data accuracy and availability
Reviewing our security measures periodically to keep them up to date with current best practices
To help us stay in touch with you effectively, it’s important that the personal information you provide remains accurate and current.
If your contact details change, for example, if you move house or change your email address, please let us know. This is particularly important if you’ve signed up for a rolling membership, subscribed to our mailing list, or requested to receive updates from us, as we want to make sure you continue to receive the information you’ve asked for.
You can update your details at any time by contacting us using the information provided at the end of this policy.
We only retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including to meet any legal, accounting, or regulatory obligations.
We never keep personal data longer than is needed for those purposes.
In some cases, such as photographs or video recordings taken at events or during your interactions with us, we may retain this content indefinitely for use in marketing and communications — unless you ask us not to.
If you ask us not to contact you in future, we will retain a minimal record of your contact details (such as your name and email address) to ensure we respect your request and do not contact you again.
Under UK data protection law, you have a number of rights in relation to your personal data. If you wish to exercise any of these rights, please contact us using the details at the bottom of this policy.
You have the right to:
You can request a copy of the personal data we hold about you. This is known as a ‘subject access request’.
If any of the personal information we hold is inaccurate or incomplete, you can ask us to correct it. We may need to verify the accuracy of the new data before updating our records.
In certain circumstances, you can ask us to delete your personal data. Please note that we may need to retain some information to comply with legal obligations or to resolve disputes.
If we are processing your data based on our legitimate interests, you can object to this processing if you believe it impacts your fundamental rights and freedoms. You may also ask us to restrict the use of your personal data.
There may be cases where we are legally permitted or required to continue processing your data despite your request.
In limited circumstances, you may request that your data be transferred to you or another service provider in a structured, commonly used, and machine-readable format.
Where we rely on your consent to process your data (for example, for sending marketing communications), you can withdraw this at any time.
You can unsubscribe from marketing emails by clicking the link in any message we send.
You can also contact us at info@goodheart.org.uk to update your preferences or request that we no longer contact you by post, phone, or email.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we have not handled your personal data in accordance with the law. You can contact the ICO at www.ico.org.uk, but we would always appreciate the opportunity to resolve any concerns directly first.
Please note that we may retain a minimal record of your details to ensure we respect your preferences going forward. Also, due to mailing schedules, you may continue to receive communications for a short period after withdrawing consent.
If you would like to exercise any of these rights or have questions about how we use your data, please contact us using the details at the end of this policy.
If you have any queries, please contact us using the details below, and we will be more than happy to help.
Phone: 01584 891 143
Email: info@goodheart.org.uk
Post: Goodheart Animal Sanctuaries, The Nickless Farm, Milson, Kidderminster, Worcestershire, England, DY14 0BE
