DNRC and Black Stork Charity website privacy policy

In this privacy policy we explain how we collect and use your personal information. ‘We’ means the Black Stork Charity (also known as the Defence and National Rehabilitation Centre, “DNRC”) (registered charity number 1141934, company number 07619703) of 70 Grosvenor Street, London, W1K 3JP). We are the data controller for the purposes of the Data Protection Act and the EU General Data Protection Regulation.

You can use our Contact Form, or the contact details on our website, to contactdus with any questions you may have about privacy or data protection.

Please note that links from our website may take you to external websites not covered by this policy. We may also provide the contact details for individuals or organisations not covered by this policy. We recommend that you check their privacy policies yourself before submitting any personal information. We will not be responsible for the content, function or information collection policies of these external websites, individuals or organisations. 

What information do we collect about you and how do we collect it?

You are not required (by law or by any contract with us) to provide personal information to us via this website. We will only require you to provide personal information to us where it is necessary for us to provide you with a service (such as where you complete our Contact Form or register for our mailing list). 

Information you provide to us  

We may receive personal information about you whenever you contact us. For example, by doing the following: 

•  Completing our Contact Form

•  Registering for our mailing list

•  Donating

•  Using and browsing our website

•  Telephoning, texting, writing by post or emailing us

This information may include the following:

•  Normal identification information, such as your full name, gender, marital status 

•  Contact information, such as your postal address, email address and telephone number 

•  Additional information relevant to your use of our site and services, such as your marketing preferences, survey responses and feedback 

•  Payment information such as payment card or bank details 

Information we collect about you on our website

We collect information using Cookies and other similar technologies to help distinguish you from other users of our website. These can streamline your online experience by saving you from re-inputting some information and allow us to make improvements to our website. For more information about how and why we use Cookies please look through our Cookie Policy.

When you visit our website, we may collect the following information:

•Which pages you view and which links you follow

•Your IP address and general location

•Details of the hardware and software that you are using to access the site

Our Website is not intended for children and we do not knowingly collect information relating to children.

Your personal information may therefore be processed by our website provider, only for the purpose of managing the website.

Information we collect about you from other sources

We may collect information about you from other sources. This may include the following:

• Publicly available information, from sources such as search engines 

•  Information you have shared publicly, including on social media

This list is not exhaustive, and, in specific instances, we may need to collect additional information for the purposes set out in this Policy.

Information we receive about you from other sources

We may collect information from other sources, rather than from your directly, including from other websites, services or third parties. 

How do we use your personal information?

We take data protection law seriously, so below we have set out exactly how and why we use your information, and what our legal basis is to be able to use your information in each way. 

Information we collect about you from other sources 

If we collect publicly available information about you, this is in our legitimate interest to decide if we plan to contact you because of a shared interest in our charitable goals.  

Information we receive about you from other sources 

If we receive information from you from other service, you may have given your consent for your personal information to be provided to us and how you want your information to be used.  If you have given your consent and/or any other permission, then we will follow the specific consent and/or permission you have provided.   

Managing your donation 

When you donate to us (whether through our Fundraising Page, SMS donations, over the phone, in person or otherwise) we will need to process your personal information for the legitimate purposes of processing your donation.  This is in order to: 

•  Process your payment

•  Record your donation

•  Manage and monitor our donations 

Telling you about the work of the Black Stork Charity and/or the DNRC that we think may be of interest to you

We may use your information to identify and tell you about our projects, events and fundraising activities that we think may be of interest to you. This will be based on your specific consent and so we will only do this where you have informed us that you would like to receive marketing communications.  We will always offer you the opportunity to opt out of our newsletters or updates, or you can contact you directly to have your name removed from our contacts list.  

Whether you choose to receive these marketing communications is entirely up to you. Your choice will not otherwise affect your relationship with us. 

You can update your preferences by using the links in any of our emails to you, or by getting in touch using our Contact Form. 

Our best practice  

Sometimes we may use your information to find ways that we can improve what we do, or how we do it. 

In this context, we will only use your personal information where it is necessary so that we can: 

•  Review and improve the performance of our systems, processes and staff (including training)

•  Improve our site to ensure that content is presented in the most effective manner for you and for your computer 

Contacting you

Sometimes we may need to use the information that we have about you in order to respond to your questions or let you know about important changes to the charity.  

We will only use your information in this respect where it is necessary so that we can:

•  Interact and respond to any communications you send us, including where you use our Contact Form and any social media posts that you tag us in

•  Let you know about any important changes to our charity

Verifying your identity

We may use your information where it is necessary for us to do so in order to meet our legal obligations or to detect and prevent fraud, money-laundering and other crimes.

Protecting you and others from harm

We may use your information where it is necessary to protect your interests, or the interests of other. This may be required in the event of a criminal activity that has taken place, for example in the event of identity theft, piracy or fraud.

Who do we share your personal information with?

Sharing your information within our Charity

We may share the information that you provide to us with our staff, and with our subsidiary company, BS Stanford Limited (company number 07489494), for internal administration purposes to pursue our charitable activities.

Sharing your information with third parties

Other than as set out in this Policy, we will not generally share your information with any third parties.

All details of our donors are held in a customer relationship management system, operated by Salesforce held in both the European Union (EU) and the USA.  Some information will therefore be transferred outside the European Economic Area (EEA). The sharing of this information is necessary for us to manage the donation process. The European Commission has decided that the USA ensures an adequate level of protection of personal information as a result of the EU-U.S. Privacy Shield. For more information on the EU-U.S. Privacy Shield, please see the guidance issued by the European Commission.

Your personal information may be accessed by our website provider, only as part of the management of the website. 

There are certain exceptional circumstances in which we may disclose your information to third parties. This would be where we believe that the disclosure is: 

•  Required by the law, or in order to comply with judicial proceedings, court orders or legal or regulatory proceedings

•  Necessary to protect the safety of our employees, our property or the public

•  Necessary for the prevention or detection of crime, including exchanging information with other companies or organisations for the purposes of fraud protection and credit risk reduction. 

How long do we keep your personal information?

We will only store your personal information for as long as we need it for the purposes for which it was collected.

Contact lists of professional contacts will be reviewed annually and will be removed if no longer required. 

We will only keep your information for marketing communications for as long as you agree to receive these communications.   

If we contact you about becoming a donor and you decide not to donate we will then dispose of your personal information.

If you donate, we will retain your personal information for two years after the public fundraising campaign has been completed.

If we receive information from you from other sources and you have given your consent and/or other permission to process your personal information, we will review the consents and permissions provided at least annually.

We may also use some of your personal information for the purposes of keeping and maintaining our historical records, especially in relation to major donors.  We have a legitimate interest in keeping this information as it will later become an important historical record.

How do we protect your personal information? 

We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this policy.

We try to ensure that all information you provide to us is transferred securely via the website (always check for the padlock symbol and “https” at the beginning of the URL). Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

All information you provide to us is stored securely, including in a physically secure environment, on our secure servers, and on third party secure servers in relation to our customer relationship management system and website provider.

What rights do you have in respect of your personal information? 

You have the right to be informed 

We have a legal obligation to provide you with concise, transparent, intelligible and easily accessible information about your personal information and our use of it. We have written this policy to do just that, but if you have any questions or require more specific information, you can get in touch using our Contact Form.

You have the right to access your personal information 

You have the right to ask us to confirm whether we hold any of your personal information.  If we do, you have the right to have a copy of your information and to be informed of the following: 

•  Why we have been using your information

•  What categories of information we were using

•  Who we have shared the information with

•  How long we envisage holding your information

In order to maintain the security of your information, we will have to verify your identity before we provide you with a copy of the information we hold.  

You have the right to correct any inaccurate or incomplete personal information 

Where you have requested a copy of the personal information we hold about you, you may notice that there are inaccuracies in the records, or that certain parts are incomplete. If this is the case you can contact us so that we can correct our records. 

You have the right to be forgotten 

There may be times where it is no longer necessary for us to hold personal information about you. This could be if: 

•  The information is no longer needed for the original purpose that we collected it for

•  You withdraw your consent for us to use the information (and we have no other legal reason to keep using it)

•  You object to us using your information and we have no overriding reason to keep using it

•  We have used your information unlawfully

•  We are subject to a legal requirement to delete your information 

In those situations, you have the right to have your personal information deleted. If you believe one of these situations applies to you, please get in touch using our Contact Form 

You have the right to object to marketing communications 

You can tell us at any time that you would prefer that we do not use your information for marketing communication purposes. If you would not like to receive any direct marketing from us, please contact us or use the links provided in any of our marketing communications, and we will stop sending direct marketing immediately. 

You have the right to restrict how we use your personal information 

•  You have informed us that the information we hold about you is inaccurate, and we have not yet been able to verify this

•  We have used your information in an unlawful way, but you do not want us to delete your information

•  We no longer need to use the information, but you need it for a legal claim

If you believe any of these situations apply, please contact us.

Changes to our privacy policy

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.


If you wish to make a complaint about our collection or use of your personal information, please contact us in the first instance so that we may seek to resolve your complaint. 

Once we have gone through our own internal complaints procedure and you are still not satisfied you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the statutory body which oversees data protection law in the UK. This is the link to the ICO website if you wish to lodge a complaint with the ICO.