• 
•  

• Services

•  

• Accommodation

•  

• Support Us

•  

• News & Events

•  

• Contact Us

•  

• Useful Links

Privacy Policy

Chester Aid to the Homeless

Chester Aid to the Homeless is committed to protecting your privacy. The personal information that you submit will note be shared, sold or disclosed to third parties in any form, for any purpose, at any time, unless prior consent is obtained from you.

This privacy statement applies to the network of Chester Aid to the Homeless web sites. By using any Chester Aid to the Homeless web site, you consent to the data practices in this statement.

Data Controller

Any personal information provided to Chester Aid to the Homeless is controlled by the Data Controller at Chester Aid to the Homeless, Watergate House, 85 Watergate Street, Chester CH1 2LF

What Information Do We Collect?

• When you place an order or an enquiry, we will need to know your name / Chester Aid to the Homeless, e-mail address, address, telephone and / or fax number. This enables us to process and fulfil your orders, invoice you accordingly and keep you posted with account activity.
• Information about how you use and navigate our web sites – we can track this by using what are known as ‘cookies’.
• Additional personal information disclosed during offline telephone conversations. This information may be merged with personal information you have already submitted online and will only be used in accordance with this Privacy Statement.

How We Use This Information

• Chester Aid to the Homeless uses the information to process and fulfil the service(s) that you have requested.
• The personal information provided enables us to treat you more personally.
• The information is also used to communicate with you regarding your account and to broadcast information relevant to the services you use.
• We use your email address to respond to incoming requests from you and to collect your feedback.
• We may also send you appropriate marketing communications

Web Statistics

In order to measure the relevance and usefulness of certain areas of our web site, we analyse anonymous data collected by cookies about our web site visitors. We may also collect Internet Protocol addresses to help diagnose problems with our servers, but these cannot be linked to any person’s name or identity.

Changing your browser settings to decline cookies will enable you to opt out of this anonymous data collection.

Customer Consent and Control

Consent: by using our web sites, you consent to the collection and use of this information by Chester Aid to the Homeless only. Any changes to this Privacy Statement will be posted to this page, to ensure that you are aware of what information is collected, how it is used and under what circumstances we disclose it/

Cookies: A cookie is a text file placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to you; they do not contain personally identifying information and simply enable us to track visitor routes through our web sites.

Most web browsers automatically accept cookies, but you can usually opt out by changing your browser settings.

Communication: As stated previously Chester Aid to the Homeless will send information to customers about (1) account information and (2) relevant marketing information, if given permission.

Account specific communications are considered essential to the smooth operation of your account with Chester Aid to the Homeless and you will not be able to unsubscribe from such emails.

Marketing communications will include details about new products, latest developments, survey and other promotional offers. Customers have the ability to opt in or out of receiving this type of information, simply by clicking the box at the checkout.

Security

Justgiving is committed to maintaining the highest possible standards of data security. They have implemented key international standards of best practice in online and data security, including:

• MasterCard Secure Code (MCSC™)
• Payment Card Industry Data Security Standard.

Thousands of charities outsource their transaction security to them. It is their top priority to ensure that transaction data is kept secure at all times.

They take an active role in the overall reduction of identity theft and fraud on the internet by ensuring the security of our IT systems, personnel and infrastructure.

Their staff are trained in all aspects of web application security, including infrastructure vulnerabilities, cross-site scripting, secure data storage, and using the software development life cycle to maintain and improve security.

Justgiving has been certified PCI compliant by Trustwave, an official Visa Qualified Security Assessor. This means their systems and services comply with the Payment Card Industry Data Security Standard and that they actively protect their customers' identities, personal information and financial details.

Their security efforts are focused on the following areas:

MasterCard Secure Code

Justgiving has implemented the industry standard card verification scheme MasterCard Secure Code (MCSC™).

Created by MasterCard, this scheme has helped create a higher standard of security for online card transactions. This new process is the online equivalent of the now familiar “Chip and PIN” process used in shops and restaurants.

Justgiving has no knowledge of, or access to your MasterCard SecureCode™ password at any time. This is why you are asked to submit your password to your card issuer directly, over a secure link. Their system does not see or store your password.

Transaction security

All transaction and credit card information entering Justgiving systems is encrypted using 128-bit SSL certificates from Verisign. No cardholder information is ever passed unencrypted in a web browser to Justgiving. You can be completely secure in the knowledge that nothing you enter as part of a secure Justgiving transaction can be examined, used or modified by any third parties attempting to gain access to sensitive information.

Encryption and data storage

At their Data Centre rigorous physical, electronic, and personnel security measures protect your data. Those measures are regularly assessed by One-Sec Ltd, an official Visa Qualified Security Assessor.

Once on their systems, credit card data is encrypted and securely stored in their dedicated hosting facilities at our Data Centre. Their servers and network infrastructure are owned and used by Justgiving for the provision of fundraising services, and not shared with any other company or industry.

Card Security Code (CSC) and Card Verification Value or Code (CVV or CVC)

Justgiving do not store the 3-digit Card Security Code (CSC), sometimes called Card Verification Value or Code (CVV or CVC).

Links to banks

Justgiving authorises credit card transactions in partnership with Barclaycard Business. Any cardholder information sent to the banks and any authorisation message coming back is secure and cannot be tampered with.

Employee access

Their systems only allow access to authorised staff. Your transaction information and customer card information is secure even from our own employees because our systems never display the full card numbers, even on administration screens.

Payment Card Industry (PCI) Data Security Standard compliance

The PCI DSS is a set of security standards that apply across the card payment industry worldwide that help safeguard cardholder information and improve consumer confidence.

The Standard was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organisations proactively protect customer account data.

Justgiving is PCI compliant. For more information on our status please click here.

There are six categories of PCI compliance security standards:

1. Building and maintaining a secure network
   Requirement 1: Install and maintain a firewall configuration to protect cardholder data
   Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
2. Protecting cardholder data
   Requirement 3: Protect stored cardholder data
   Requirement 4: Encrypt transmission of cardholder data across open, public networks
3. Maintaining a vulnerability management program
   Requirement 5: Use and regularly update anti-virus software
   Requirement 6: Develop and maintain secure systems and applications
4. Implementing strong access control measures
   Requirement 7: Restrict access to cardholder data by business need-to-know
   Requirement 8: Assign a unique ID to each person with computer access
   Requirement 9: Restrict physical access to cardholder data
5. Regular monitoring and testing of networks
   Requirement 10: Track and monitor all access to network resources and cardholder data
   Requirement 11: Regularly test security systems and processes
6. Maintaining an information security policy
   Requirement 12: Maintain a policy that addresses information security.
   If you have questions regarding security or privacy on this site please get in touch via email at help@justgiving.net.

Contact

If you have any questions regarding this Privacy Statement, please contact the Data Controller by .

Chester Aid to the Homeless, Watergate House, 85 Watergate Street, Chester CH1 2LF

© 2010 CATH - Chester Aid to the Homeless. all rights reserved
Watergate House, 85 Watergate Street, Chester CH1 2LF
Registered Charity No: 1074401. Company Number: 3686284