Protecting your rights

Porchlight processes personal and sensitive personal data on a range of stakeholders (data subjects). Our Privacy Statement sets out how this data is processed.

We also have summarised the privacy statement into separate documents depending on the nature of your relationship with Porchlight. If you are a donor, you can refer to our Supporter Care Charter. If you are someone we support, you can refer to our privacy promise.

Data Subject Access Rights

If you would like to contact us regarding the data we hold on you please refer to our Subject Access Rights procedure which outlines your rights under GDPR and how to get in touch with us. Please click here for the procedure.

Gift Acceptance and Ethical Fundraising Practice

Porchlight ensures that those in a vulnerable position are able to make informed decisions about their donations, this procedure also enables us to express our values and ethos and how these are relevant to certain types of donations which may not be aligned with our work. Please click here for the procedure.

Information Security best practice

Porchlight is certified with ISO 27001:2013 Information Security Management which is the international standard that describes best practice for an ISMS (information security management system). We have been certified by external independent auditors as following best practice with regards to information security management. For further information please see this page on our ISO Standards.