Privacy Notice

Personal Data

• Name, email address, telephone number, visual impairment status, health and wellbeing, address, any additional information you provide to us.

Where do we get it from?

• From you, the data subject.
• When you submit an enquiry on our website, use our online forms, email, telephone, post or when we meet you face to face.

Legal Basis

• We may process your personal data where is it necessary for us to fulfil the performance of our contract with you.
• We may process special category data where it is necessary to provide you with our services in the context of providing and managing the provision of health or social care or treatment or the management of health and for ‘Health or Social Care Purposes.

Who may we share it with?

• Organisations that support our day-to-day operations, including IT software, maintenance and delivery companies, and transportation services.

Personal Data

• Name, email address, social media handle, telephone number, any additional information you provide to us.

Where do we get it from?

• Listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings and other communications.

Legal Basis

• Processing is necessary for the purpose of our legitimate interest to ensure the quality control and for staff training purposes.

Who may we share it with?

• Organisations that support our day-to-day operations, including IT software, maintenance and delivery companies, and transportation services.

Personal Data

• Name, email address, telephone number, any information you provide to us.

Where do we get it from?

• When you submit an enquiry on our website, use our online forms, email, telephone, post or when we meet you face to face.

Legal Basis

• We may process your personal data where is it necessary for us to fulfil the performance of a contract to provide you with our services.

Who may we share it with?

• Organisations that support our day-to-day operations, including IT software, maintenance and delivery companies, and transportation services.

Personal Data

• Name, age, address, telephone number, email address, place of birth, employment status, employment history, gender, salutation, ethnicity, religion, sexual orientation, visual impairment status, health and wellbeing, financial information including bank details, details of savings, income, liabilities, and expenditure, power of Attorney status, marital status, spouse details, health of spouse, others living at your address, next of kin, emergency contact details of next of kin, criminal convictions, housing status, sign language user, relationship to service users, military service details, verification of service from MOD.

Where do we get it from?

• From you, the data subject
   
• A person or organisation that you have authorised to provide this data to us.

Legal Basis

• We may process your personal data where is it necessary for us to fulfil the performance of a contract to provide you with our services.
   
• We may process special category data where it is necessary to provide you with our services in the context of providing and managing the provision of health or social care or treatment or the management of health and for ‘Health or Social Care Purposes’.

Who may we share it with?

• Organisations that support our day-to-day operations, including IT software, maintenance and delivery companies, and transportation services.
• Partner organisations which can provide support and assistance.

Personal Data

• Name, age, address, telephone number, email address, place of birth, employment status, employment history, gender, salutation, ethnicity, religion, sexual orientation, visual impairment status, health and wellbeing, financial information including bank details, details of savings, income, liabilities, and expenditure, power of Attorney status, marital status, spouse details, health of spouse, others living at your address, next of kin, emergency contact details of next of kin, criminal convictions, housing status, sign language user, relationship to service users, military service details, verification of service from MOD.

Where do we get it from?

• A person or organisation that you have authorised to provide this data to us.

Legal Basis

• We may process your personal data where is it necessary for us to fulfil the performance of a contract to provide you with our services.

Who may we share it with?

• Organisations that support our day-to-day operations, including IT software, maintenance and delivery companies, and transportation services.
• Partner organisations which can provide support and assistance.

Personal Data

• Name, address, gender, address, telephone number, email address, age, national insurance number, accommodation status, military service details, dependents details, spouse details, financial information including bank details, details of savings, income, liabilities, and expenditure, visual impairment status, health and wellbeing .

Where do we get it from?

• From you, the data subject.

Legal basis

• Processing is necessary for the purpose of our legitimate interest to support Sight Scotland Veterans service users by assessing their eligibility for benefits and assistance and providing financial support via our allowance and grant schemes.

Who may we share it with?

• Organisations that support our day-to-day operations, including IT software, maintenance and delivery companies, and transportation services.

Personal Data

• Name, email address, social media handle, telephone number, address.
• Donation and fundraising activity history.
• Communication history.

Where do we get it from?

• From you, the data subject.
• Trusted third-party specialist companies that collate and analyse information from public registers.
• Publicly available sources such as the Royal Mail's National Change of Address database.

Legal Basis

• Consent — where we market to you by email, phone, and text.
• Legitimate interests — to send marketing materials by post, and to improve the effectiveness of our marketing and fundraising, which directly funds our charitable objectives and enables us to better serve our beneficiaries.
• Charitable purpose soft opt-in — under the Data (Use and Access) Act 2025, we may contact individuals who have not explicitly opted in, where you provided your contact details when expressing an interest in or supporting our charitable purposes, and the communication relates only to furthering those purposes.

You can opt out of receiving marketing communications from us at any time by contacting us at privacy@sightscotland.org.uk.

Who may we share it with?

• Market research companies who help us develop our products and services.
• IT software providers who support our day-to-day operations.

Personal Data

• Name, email address, social media handle, IP address and device information.

Where do we get it from?

• From you, the data subject.
• Social media platforms.
• Our website, through cookies and tracking technologies.

Legal Basis

• Consent — for the use of your email address in custom/lookalike audiences or suppression and for social media advertising cookies.

Cookie preferences can be managed at any time through our website's cookie settings or your social media account settings. See our Cookies Policy for further information.

Who may we share it with?

• Digital platforms — including Meta (Facebook and Instagram) and LinkedIn and Google.

Sight Scotland and Sight Scotland Veterans use digital platforms to share updates, raise awareness of our work, and reach new supporters. To make our advertising more relevant, cost-effective, and respectful of our supporters' time, we use the following tools:

• Custom audiences: Where you have given consent for us to use your email address for marketing purposes, we may securely share it in a hashed and encrypted format with digital platform platforms to deliver adverts tailored to your interests.
• Lookalike audiences: Using the characteristics of our existing supporters, digital platforms can identify other users who may share similar interests or behaviours. These users may then see adverts about our work. No personally identifiable data is shared with us in this process.
• Suppression: We take steps to ensure our advertising is respectful and efficient by excluding individuals from campaigns where content would not be relevant — for example, avoiding donation appeals to those who already give regularly. This helps us use charitable funds wisely and effectively.

You can withdraw your consent for social media and digital platform advertising at any time by updating your cookie preferences on our website or contacting us at privacy@sightscotland.org.uk.

Personal Data

• Name, email address, social media handle, telephone number, address.
• Fundraising activity history.
• Communication history.

Where do we get it from?

• From you, the data subject.
• Third-party event organisers and fundraising platforms.

Legal Basis

• Legitimate interests — to provide you with relevant information and support relating to an event, activity, or campaign you have registered for or enquired about.
• Charitable purpose soft opt-in — under the Data (Use and Access) Act 2025, where you have provided your contact details when expressing an interest in or signing up for an event or activity that furthers our charitable purposes, we may contact you with relevant information about that activity.

If you have completed a form or otherwise contacted us to register or enquire about an event, activity, or campaign, we will treat this as a request to send you relevant details. Where you provide contact details, we may contact you by post, phone, mobile messaging, email, social media, or any other channel for which you have provided your details. This may include fundraising guidance and key reminders about the activity.

Who may we share it with?

• Third-party event organisers and fundraising platforms, to confirm your participation and share necessary information relevant to your activity.
• IT and CRM system providers who support our day-to-day operations.

You can opt out of receiving event and campaign communications at any time by contacting us at privacy@sightscotland.org.uk.

Personal Data

• Name, email address, telephone number, address.
• Donation and fundraising activity history.
• Demographic information and measures of wealth, obtained from publicly available or reputable sources.

Where do we get it from?

• From you, the data subject.
• Publicly available sources such as LinkedIn and Companies House.
• Trusted third-party specialist companies that collate and analyse information from public registers and statistical socio-economic data.

Legal Basis

• Legitimate interests — to understand our supporter base, tailor our communications, and identify individuals who may wish to provide further support, in a way that is proportionate and respects your privacy.

We may analyse information you have provided to us, together with data from publicly available or reputable sources, to build a better understanding of our supporter base. This may include demographic indicators or measures of wealth. We may use data analysis tools, including AI tools with human oversight, to assist with this.

We may also carry out research to identify individuals not currently in contact with us who may have an interest in our work and the capacity to support us at a higher level. To do this, we may collect information from publicly available sources, combine it with statistical and socio-economic data, and use trusted third-party organisations to assist with analysis.

All suppliers involved in this activity are required to comply with UK GDPR and meet our data protection standards.

Who may we share it with?

• Data analysis and profiling providers supporting research, segmentation, and audience insight.
• Trusted third-party specialist companies that collate and analyse information from public registers.
• IT software system providers who support our day-to-day operations.

You can opt out of this type of profiling at any time by contacting us at privacy@sightscotland.org.uk.

Personal Data

• Name, email address.

Where do we get it from?

• From you, the data subject.

Legal Basis

• Commercial purpose soft opt-in under the Privacy and Electronic Communications regulations (PECR), where you have provided your contact details when purchasing goods from our Braille bookshop or merchandise shop, we may contact you to offer similar goods and services.

You can opt out of receiving marketing communications from us at any time by contacting us at privacy@sightscotland.org.uk.

Who may we share it with?

• Market research companies who help us develop our products and services.
• IT software providers who support our day-to-day operations.

Personal Data

• Name, email address, social media handle, telephone number.

Where do we get it from?

• From you, the data subject.
• Publicly available sources such as the Royal Mail’s National Change of Address database.

Legal Basis

• Consent where we market to you by email, phone, and text.
• Processing is necessary for the purpose of our legitimate interest to issue marketing materials to you by post.
• Processing is necessary for the purpose of our legitimate interest to improve the effectiveness of our marketing and fundraising, which directly funds our charitable objectives and enables us to better serve our beneficiaries.

Who may we share it with?

• Market research companies who help us develop our products and services.

We may analyse the details you have provided to us along with further information about you that we have obtained from public and/or private sources (e.g. LinkedIn, Companies House) and AI tools, with human intervention. If we do this, we will make sure it is compliant with UK GDPR. In some instances, we may make use of additional factors such as demographic information and measures of wealth.

We do this to help us understand why people are motivated to support us and to help us create a fuller and better picture of our supporters. This enables us to communicate with our supporters more effectively and to reach out to individuals who may wish to give additional support with a further monetary gift. We may on occasion use third party suppliers to undertake these activities on our behalf and provide them with your information to the extent required, but this will only be done where we have a legitimate legal basis to do so. If you would rather that we didn’t undertake this screening, please contact us and ask to opt-out. All of our suppliers are UK GDPR compliant.

We may also carry out research to identify individuals who may have an affinity to our cause, and capacity to support us at a higher level, but with whom we are not already in touch. Before contacting, we may use data analysis and AI tools, with human intervention, to interpret your data and predict how likely you are to be interested in or responsive to a particular campaign or fundraising message. In order to do this we may collect information about you, and combine, analyse and compile that information into a profile of you in order to assist us in engaging with you in a more personalised way. In order to do this efficiently, we may use AI tools, with human intervention, and trusted third party specialist companies that collate and analyse information from public registers alongside statistical social-economic data to automate some of this work. This will only be done with UK GDPR compliant suppliers. This helps us to understand more about your interests and level of potential engagement or donation.

Personal Data

• Name, address, email address, telephone number, financial information including bank details, details of savings, income, liabilities, and expenditure the fact you are a UK taxpayer, reason for your donation and whether it is in memory of another person.

Where do we get it from?

• From you, the data subject.

Legal Basis

• Processing is necessary for the purpose of our legitimate interest to process donations for benefit of charity.
• Processing is necessary to fulfil a legal or regulatory obligation.

Who may we share it with?

• HMRC for purposes of Gift Aid; Payment bureau provider administering the payment.

Personal Data

• Name, address, email address, telephone number, hours volunteered, hours worked, events attendance, next of kin, emergency contact details of next of kin.

Where do we get it from?

• From you, the data subject.

Legal Basis

• We may process your personal data where is it necessary for us to fulfil the performance of a contract with you.

Who may we share it with?

• Third party event organisers.

Personal Data

• Technical data about your use of our website.           

Where do we get it from?

• From you, the data subject.

Legal Basis

• Processing is necessary for the purpose of our legitimate interest to use cookies to support the functionality of our website. Consent for non-essential cookies. Please visit our Cookies Policy for further information.
• Processing is necessary for the purpose of our legitimate interest to improve the effectiveness of our marketing and fundraising, which directly funds our charitable objectives and enables us to better serve our beneficiaries.

Who may we share it with?

• Organisations that support our day-to-day operations, including IT software, maintenance and delivery companies, and transportation services.

Our website uses cookies, including social media tracking tools, such as Meta’s pixel, to better understand how users interact with our site and our adverts. This allows us to:

• measure the success of our campaigns.
• deliver more relevant adverts to individuals who have shown interest in our work or similar causes.
• ensure we are spending charity funds effectively by reducing wasted advertising.

These cookies work by placing a small piece of code on your device, which allows us and the social media platforms to understand your actions, such as visiting certain pages on our website. The data collected is anonymised and does not reveal your identity to us. Cookie preferences can be set through our website’s cookie settings and in your social media account settings, see here for further information: Cookies Policy.

Personal Data

• Name, email address, telephone number, date and time of visit to our premises, vehicle registration number.

Where do we get it from?

• From you, the data subject.

Legal Basis

• Processing is necessary for the purpose of our legitimate interest to document visitors to our premises for security and fire safety purposes.

Who may we share it with?

• External organisations such as Police Scotland and other official authorities to fulfil a legal or regulatory obligation.

Personal Data

• Special category data specifically information relating to your health and wellbeing.

Where do we get it from?

• From you, the data subject.
• From your healthcare provider.

Legal Basis

• We may process special category data where it is necessary to provide you with our services in the context of providing and managing the provision of health or social care or treatment or the management of health and for ‘Health or Social Care Purposes’.

Who may we share it with?

• Legal advisors, insurers, and other professional advisors.

Personal Data

• Personal data and special category data.

Where do we get it from?

• From you, the data subject.

Legal Basis

• Processing is necessary to fulfil a legal or regulatory obligation.

Who may we share it with?

• External organisations such as Police Scotland and other official authorities to fulfil a legal or regulatory obligation.
• Legal advisors, insurers, and other professional advisors.

If you have a concern about how we have used your personal data, you can raise this directly with us. Details on how to make a complaint can be found on our Complaints Policy page or by contacting us at complaints@sightscotland.org.uk. We will acknowledge any complaint raised within 30 days.

If you remain unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

Our website Sight Scotland may contain links to other websites.  Please note that Sight Scotland has no control of websites outside our domain. The charity is not responsible for the protection and privacy of any sensitive information provided to a website linked to Sight Scotland.

We reserve the right to amend this Privacy Notice from time to time.