Data Privacy Policy

We take your data privacy and security seriously

The John Preston Trust collects and holds personal information for the purpose of processing applications for grants, whether from individuals or organisations. This statement explains what personal information we hold, how we use it and how long we keep it.

We seek your consent to our holding this information at the same time that you make an application to us for a grant, and if you don’t give us your explicit consent, we don’t hold your data. You can also withdraw your consent during the application process, but if and when an award has been made, we will hold your data for the purpose of contractually servicing the award, and to comply with regulatory audit requirements.

1. Definitions and Interpretations

In this Policy the following terms shall have the following meanings:

“our site” means this website www.johnprestontrust.co.uk;

And “We/Us/Our” means the John Preston Trust, a Scottish Charitable Incorporated Organisation (SCIO,

2. Information About Us

​The John Preston Trust is a single-tier SCIO (Charity.No.SC052051), managed by a Board of Trustees, all of whom are volunteers.

​Our registered address is c/o Lindsays LLP, Caledonian Exchange, 19a Canning Street, Edinburgh EH3 8HE

We are regulated by all laws applicable to a charity incorporated in Scotland.

​Our website, www.johnprestontrust.co.uk, is owned and operated by the Trust.

3. ​​Scope – What Does This Policy Cover?

​​3.1 This Privacy Policy applies only to your use of our site and data collected when applying for grant.. It does not extend to any websites that are linked to or from our site (whether we provide those links or whether they are shared by other users).

3.2 We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

4. Your Rights

4.1 We have actively taken steps to ensure that we comply with the relevant legislation, including the Data Protection Act (1998), and the more recent General Data Protection Regulation (2018).

At any time, you have the right to ask us to do the following:

  • Request access to your data from us (‘Subject Access Request’)
  • Request that we rectify inaccuracies with your data
  • Request that we restrict processing of your data, for example, if you contest the accuracy of the data this will effectively suspend processing of your application until the matter is resolved
  • Request that we erase your data, where you believe that it is being held outside our stated policy
  • Request that we supply your data in a structured, commonly used, machine read-able format.

4.2 Should you make any such requests, we will take reasonable steps to verify your identity, to ensure that we protect you from unauthorised requests.

5. What Data Do We Collect?

5.1 Under the John Preston Trust’s Grant-Giving Policy, applications for funding or a grant are accepted from individuals and organisations.

5.2 When completing application forms, data is collected about your application.

5.3 Data will only be collected if you voluntarily submit it,

5.4 When an individual is applying for funding or a grant from the John Preston Trust, we will collect the following data:

  • ​name;
  • date of birth;
  • contact information such as postal address, email address and telephone numbers;
  • demographic information such as post code, preferences and interests;
  • financial information you may give us in the course of applying for funding or a grant;

5.5 When an organisation is applying for funding or a grant from the John Preston Trust, we will collect the following data:

  • name of organisation;
  • registered address;
  • charity number;
  • copy of constitution;
  • information on activities;
  • copies of accounts and other financial information.

6. How Do We Use Your Data?

6.1 Data submitted to us in a grant application form is used by the John Preston Trustees to make decisions on awarding grants.

6.2 We may also use your grant application data for evaluating your use of grants which may include contacting you by email, telephone, text message and/or post.

6.3 We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015, 2016 and 2018.

7. How and Where Do We Store Your Data?

7.1 Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our site.

​7.2 Your data will only be stored within the United Kingdom. This means that your personal data will be fully protected under the Data Protection Legislation.

7.3 All personal data is stored securely in accordance with the principles of the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”.

8. ​Steps we take to secure and protect your data include:

8.1 Use of secure databases that are only accessed by our approved individuals and bodies.

​8.2 Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to us data via the internet.

9. Transfers to third parties

9.1 Except where required to submit details to HM Revenue and Customs (HMRC) under the Common Reporting Standard, the John Preston Trust does not transfer your data to any third parties, nor to any other countries.

9.2 We do not share personal data supplied by applicants with any other organisation or individuals.

10. A Note about Shredding

10.1 In any circumstance where we shred paper copies of information, we always do this to the European standard for information destruction (BSEN15713:2009), so you can be sure that the information is destroyed securely and safely.

11. Grants to Individuals

11.1 Under the John Preston Trust’s grants programme as set out in our Grant-Giving Policcy applications are accepted from individuals and organisations.

11.2 Applications made to us directly by individuals completing our standard application form, includes a wide range of personal data including contact details, date of birth, financial circumstances. The application may also include a reference submitted on behalf of the individual..

11.3 We hold copies of applications received both as paper and digital copies. They are used by the John Preston Trustees in making decisions on awarding grants.

11.4 If your application is successful and you receive a grant, we will keep a digital copy of your application and the associated correspondence for audit purposes for six years from the financial year in which the payment was made. The paper copy of your application will be shredded. The charity’s auditors may seek to consult a sample of individual grant files in the course of verifying that the charity’s financial transactions have been properly carried out. After six years the digital files will be deleted.

11.5 If your application is unsuccessful we will not keep a copy of your application once we have let you know the Trustees’ decision.

11.6 To enable us to report on the number of applications processed each year, we keep a summary list, containing no personal information, of the number of applications received and the number and amount of grants awarded.

12. Grants to Organisations

12.1 In addition to the data required from organisations as set out in 5.5, the personal information submitted normally comprises the name, job title and organisational contact details of the person making the application on the organisation’s behalf. In some cases the person making the application, for example a volunteer on behalf of a charity, supplies their private address and contact details.

12.2 We maintain a record of all applications received, whether successful or unsuccessful, on a grants database. This includes the organisation’s name, project description and details of the Trustees’ decision but does not include any personal data. This information is kept for internal statistical research.

12.3 If your application is successful and you are awarded a grant, we will keep your grant file, which includes personal data, for six years for audit purposes from the financial year in which the payment was made. The charity’s auditors may seek to consult a sample of individual grant files in the course of verifying that the charity’s financial transactions have been properly carried out. Beyond six years paper files are shredded and digital files deleted.

12.4 If your application is unsuccessful we do not keep a copy of it: paper applications are shredded and digital copies deleted. As noted above, our grants database enables us to keep permanent record of an application having been made by the organisation concerned.

12.5 In the course of processing applications we may consult publicly-available information about organisations on the websites of the Office of the Scottish Charity Regulator (OSCR), the Charity Commission and Companies House.

13. Privacy Enquiries

13.1 Any queries regarding access to your data and your privacy should be addressed to the John Preston Trust, info@johnprestontrust.co.uk