Porchlight processes personal and sensitive personal data on a range of stakeholders (data subjects), our Privacy Statement sets out how this data is processed.
We also have summarised the privacy statement into separate documents depending on the nature of your relationship with Porchlight. If you are a donor you can refer to our Supporter Care Charter, if you are a service user you can refer to our Privacy Promise.
Data Subject Access Rights
If you would like to contact us regarding the data we hold on you please refer to our Subject Access Rights procedure which outlines your rights under GDPR and how to get in touch with us. Please click here for the procedure.
Gift Acceptance and Ethical Fundraising Practice
Porchlight ensures that those in a vulnerable position are able to make informed decisions about their donations, this procedure also enables us to express our values and ethos and how these are relevant to certain types of donations which may not be aligned with our work.
Information Security best practice
Porchlight is certified with ISO 27001:2013 Information Security Management which is the international standard that describes best practice for an ISMS (information security management system). We have been certified by external independent auditors as following best practice with regards to information security management. For further information please see this page on our ISO Standards.