Privacy Policy

We want everyone who supports us, or who comes to us for support, to feel confident and comfortable with how any personal information you share with us will be looked after or used. This Privacy Statement sets out how we collect, use and store your personal information (this means any information that identifies or could identify you).

Our Privacy Statement may change so please remember to check back from time to time. If you have any queries, please contact our team.

Who we are

Here at Suffolk Mind we are committed to protecting your personal information and making every effort to ensure that your personal information is processed in a fair, open and transparent manner.

We are a “data controller” for the purposes of the Data Protection Act 2018 which means that we are responsible for, and control the processing of, your personal information.

How we collect information about you

Everything we do, we do to ensure that we can help people experiencing a mental health problem get both support and respect. We want to make sure you receive the communications that are most relevant to you, be it through visiting our website or receiving emails, post or phone calls. We want to make sure you receive the best attention when you use our services, book on an event, become a Friend of Suffolk Mind or make a donation.

We collect information from you in the following ways:

When you interact with us directly: This could be if you ask us about our activities, register with us for training or an event either in person or online via one of our webinars, make a donation to us, ask a question about mental health, apply for a job or volunteering opportunity or otherwise provide us with your personal information. This includes when you phone us, contact us through our website, participate in a question and answer session or fill out an online evaluation form following attendance at one of mental health webinars, or get in touch through the post, by email or in person.

When you interact with us through third parties: This could be if you provide a donation through a third party such as Just Giving or one of the other third parties that we work with and provide your consent for your personal information to be shared with us.

Information we collect and why we use it

Personal Information

Personal information we collect includes details such as your name, date of birth, email address, postal address, telephone number and credit/debit card details (if you are making a purchase or donation), as well as information you provide in any communications between us.  You will have given us this information whilst making a donation, registering for a service or event or any of the other ways to interact with us.

We will mainly use this information:

If you do not provide this information, we will not be able to process your donation, sign you up for a particular event, provide services you have requested, or understand how we can improve the quality of our services.

We may also use your personal information to contact you about our work and how you can support Suffolk Mind.

Sensitive Personal Information

If you share your personal experience or the experiences of a friend or relative, we may also collect this health information (Sensitive Personal Information). If you provide us with any Sensitive Personal Information by telephone, email or by other means, we will treat that information with extra care and confidentiality and always in accordance with this Privacy Policy.

A special note about the Sensitive Personal Information we hold

Data Protection Law recognises that some categories of personal information are more sensitive. Sensitive Personal Information can include information about a person’s health, race, ethnic origin, political opinions, sex life, sexual orientation or religious beliefs.

If you contact us at Suffolk Mind through our phone lines, through participation in one of our mental health webinars, or through other more general communications with us such as blogs or emails, you may choose to provide details of a sensitive nature.

We will only use this information:

Legal basis for using your information

In some cases, we will only use your personal information where we have your consent or because we need to use it in order to fulfil a contract with you (for example, because you use one of our services or book onto one of our courses) or where we are obliged to do so for legal purposes (for example, dealing with complaints and claims), or for complying with guidance from the Charity Commission).

However, there are other lawful reasons that allow us to process your personal information and one of those is called ‘legitimate interests’. This means that the reason that we are processing information is because there is a legitimate interest for Suffolk Mind to process your information to help us to achieve our vision of making Suffolk the best place in the world for talking about and taking care of mental wellbeing.

Whenever we process your Personal Information under the ‘legitimate interest’ lawful basis we make sure that we take into account your rights and interests. Some examples of where we have a legitimate interest to process your personal information are where we respond to your request for information about our work or services; send out newsletters about our work; use your personal information for data analytics or contact you to ask for feedback to improve our services.

Marketing

We will only contact you about our work and how you can support Suffolk Mind by phone, email or text message if you have agreed for us to contact you in this manner.

However, if you have provided us with your postal address we may send you information about our work and how you can support Suffolk Mind by mail unless you have told us that you would prefer not to hear from us in that way.

You can update your choices or stop us sending you these communications at any time by contacting us directly or by emailing [email protected]

Sharing your Information

The personal information we collect about you will mainly be used by our staff (and volunteers) so that they can support you.

We will never sell or share your personal information with organisations so that they can contact you for any marketing activities. Nor do we sell any information about your web browsing activity.

Suffolk Mind may however share your information with our trusted partners and suppliers who work with us on or on our behalf to deliver our services, but processing of this information is always carried out under our instruction. We make sure that they store the data securely, delete it when they no longer need it and never use it for any other purposes. Some examples of where we may share your information are with our fulfilment partners who help to create and send information to you to reduce our costs, with our partners who help us to process donations and claim Gift Aid and our partners who help us to manage our social media accounts.

We enter into contracts with these service providers that require them to comply with Data Protection Laws and ensure that they have appropriate controls in place to secure your information.

Legal disclosure

We may disclose your information if required to do so by law (for example, to comply with applicable laws, regulations and codes of practice or in response to a valid request from a competent authority); or, in order to enforce our conditions of sale and other agreements.

Keeping your information safe

We take looking after your information very seriously. We’ve implemented appropriate physical, technical and organisational measures to protect the personal information we have under our control, both on and off-line, from improper access, use, alteration, destruction and loss.

Unfortunately the transmission of information using the internet is not completely secure. Although we do our best to protect your personal information sent to us this way, we cannot guarantee the security of data transmitted to our site.

Our websites may contain links to other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices employed by other sites. Please be aware that advertisers or websites that have links on our site may collect personally identifiable information about you. This privacy statement does not cover the information practices of those websites or advertisers.

Any debit or credit card details which we receive on our website are passed securely to our payment processing partners, according to the Payment Card Industry Security Standards.

How long we hold your information for

We only keep it as long as is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations (for example, the collection of Gift Aid).  Our data retention policy is available on request.

Your rights

You have various rights in respect of the personal information we hold about you – these are set out in more detail below.  If you wish to exercise any of these rights or make a complaint, you can do so by contacting our team at Suffolk Mind; 26 High Road West, Felixstowe, IP11 9JB by email at [email protected] and by phone on 0300 111 6000.  You can also make a complaint to the data protection supervisory authority, the Information Commissioner’s Office, https://ico.org.uk/:

Please note, some of these rights only apply in certain circumstances and we may not be able to fulfill every request.

Cookies on our websites

‘Cookie’ is a name for a small file, usually of letters and numbers, which is downloaded onto your device, like your computer, mobile phone or tablet when you visit a website.

They let websites recognise your device, so that the sites can work more effectively, and also gather information about how you use the site. A cookie, by itself, can’t be used to identify you.

How do we use cookies?

We may use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you come to our website and also allows us to improve the user experience.

The cookies we use

We use the categorisation set out by the International Chamber of Commerce in their UK Cookie Guide.

We may use all four categories of cookies:

Cookies set by WordPress

Cookie NameDescriptionDuration
wordpress_<hash> **On login, wordpress uses the wordpress_[hash] cookie to store your authentication details. Its use is limited to the admin console area, /wp-admin/2 years
wordpress_logged_in_<hash>  **After login, wordpress sets the wordpress_logged_in_<hash> cookie, which indicates when you’re logged in, and who you are, for most interface use.Session
wp-settings-<time>-<UID>  **WordPress also sets a few wp-settings-<time>-<UID> cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.Session
WordPress_google_apps_login **This cookie is set by the plugin ‘Google Apps Login for WordPress’ and may be present for users who login to WordPress via their Google or GSuite account.Session
wordpress_test_cookieUsed to check whether your web browser is set to allow, or reject cookies.Session
wpe-auth

Cookies set by Google Analytics

Cookie NameDescriptionDuration
_gaUsed to distinguish users.2 years
_gidUsed to distinguish users.24 hours
_gatUsed to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.1 minute
AMP_TOKENContains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.30 seconds to 1 year
_gac_<property-id>Contains campaign related information for the user. If you have linked your Google Analytics and AdWords accounts, AdWords website conversion tags will read this cookie unless you opt-out. Learn more.90 days
_gaexpOptimize 360 – Used to determine a user’s inclusion in an experiment and the expiry of experiments a user has been included in.90 days

Cookies set by CloudFlare

Cookie NameDescriptionDuration
__cfduid **The __cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis.1 years

Cookies set by Hotjar

Cookie NameDescriptionDuration
_hjClosedSurveyInvitesHotjar cookie. This cookie is set once a visitor interacts with a Survey invitation modal popup. It is used to ensure that the same invite does not reappear if it has already been shown.365 days
_hjDonePollsHotjar cookie. This cookie is set once a visitor completes a poll using the Feedback Poll widget. It is used to ensure that the same poll does not reappear if it has already been filled in.365 days
_hjMinimizedPollsHotjar cookie. This cookie is set once a visitor minimizes a Feedback Poll widget. It is used to ensure that the widget stays minimizes when the visitor navigates through your site.365 days
_hjDoneTestersWidgetsHotjar cookie. This cookie is set once a visitor submits their information in the Recruit User Testers widget. It is used to ensure that the same form does not re-appear if it has already been filled in.365 days
_hjMinimizedTestersWidgetsHotjar cookie. This cookie is set once a visitor minimizes a Recruit User Testers widget. It is used to ensure that the widget stays minimizes when the visitor navigates through your site.365 days
_hjIncludedInSampleHotjar cookie. This session cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels.365 days
_hjShownFeedbackMessageThis cookie is set when a visitor minimizes or completes Incoming Feedback. This is done so that the Incoming Feedback will load as minimized immediately if they navigate to another page where it is set to show.365 days
_hjidHotjar cookie. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.365 days

Cookies set by Hubspot

Cookie NameDescriptionDuration
_hs_opt_outThis cookie is used by the opt-in privacy policy to remember not to ask the user to accept cookies again. This cookie is set when you give users the choice to opt out of cookies. 2 years
__hs_do_not_trackThis cookie can be set to prevent the tracking code from sending any information to HubSpot. Setting this cookie is different from opting out of cookies, which still allows anonymized information to be sent to HubSpot.2 years
__hs_testcookieThis cookie is used to test whether the visitor has support for cookies enabled. Session cookie
hs_ab_testThis cookie is used to consistently serve visitors the same version of an A/B test page that they’ve seen before.Session cookie
hs_lang_switcher_choice
This cookie is used to consistently redirect visitors to the language version of a page in the language they’ve selected on this top-level private domain in the past (if such a language version exists).
<id>_keyWhen visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login. The cookie name is unique for each password-protected page.   
Hs-messages-is-openhs-messages-hide-welcome-messageThis cookie is used on the visitor UI side so HubSpot can determine/save whether the chat widget is open for future visits. It resets after 30 minutes to re-close the widget after 30 minutes of inactivity(TTL 30 minutes)
__hstcThe main cookie for tracking visitors. It contains the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).2 years
hubspotutkThis cookie is used for to keep track of a visitor’s identity. This cookie is passed to HubSpot on form submission and used when de-duplicating contacts.10 years
__hsscThis cookie keeps track of sessions. This is used to determine if we should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. 30 min
__hssrcWhenever HubSpot changes the session cookie, this cookie is also set. We set it to 1 and use it to determine if the user has restarted their browser. If this cookie does not exist when we manage cookies, we assume it is a new session.None. Session cookie
messagesUtkThis cookie is used to recognize visitors who chat with you via the messages tool. If the visitor leaves your site before they’re added as a contact, they will have this cookie associated with their browser. If you have a history of chatting with a visitor and they return to your site later in the same cookied browser, the messages tool will load your conversation history with that visitor.

Miscellaneous Cookies

Cookie NameDescriptionDuration
complianceCookieUsed to distinguish your acknowledgement of our website’s Cookie Banner and subsequent policy (this document).14 days

No cookies, please

You can opt out of all our cookies (except the strictly necessary ones).  But, if you choose to refuse all cookies, our website may not function for you as we would like it to.

If you have any questions about how we use cookies, please contact us.

Monitoring

Your communications with our teams (including by telephone or email) may be monitored and/or recorded for training, quality control and compliance purposes to ensure that we continuously improve our customer service standards.

To find out more about this policy and how we look after your personal information, contact our team.

Squiggle Icon
Phone Icon Need help now? Click here for crisis support
1 of 2
Who do you want to support?
Self Referral Form
What do you need support with?

How are you feeling?