The Ulysses Trust
1. Purpose of this Policy
The Ulysses Trust (“the Trust”, “we”, “our”, or “us”) is committed to protecting personal data and respecting the privacy of everyone who interacts with us.
This policy explains how we collect, use, store and protect personal data when individuals interact with the Trust, including when they:
- visit our website
- apply for expedition funding or grants
- participate in programmes
- donate or support our work
- volunteer with the Trust
- communicate with us
- attend events organised or supported by the Trust
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Who We Are
The Ulysses Trust
Registered Charity Number: 1170600
Address:
c/o David Evans and Co
Stowegate House
Lombard Street
Lichfield
Staffordshire
WS13 6DP
For the purposes of data protection law, The Ulysses Trust is the data controller for personal data we collect.
Data protection contact:
Honorary Secretary – Lt Col (Ret’d) I A Orr MBE
Email: secretary@ulyssestrust.co.uk
3. Scope of This Policy
This policy applies to personal data collected through:
- our website
- grant applications and programme participation
- expedition funding applications
- fundraising and donations
- communications with supporters, volunteers and partners
- events and activities organised or supported by the Trust
- email correspondence and other communications
- social media interactions
4. What Personal Data We Collect
Personal data means any information that identifies, or could identify, an individual.
Depending on how you interact with us, we may collect the following categories of information.
Supporters and Donors
- Name
- Address
- Email address
- Telephone number
- Donation history
- Gift Aid declarations
- Communication preferences
Beneficiaries and Programme Participants
- Name and contact details
- Expedition participation details
- Grant applications
- Impact reporting information (including surveys and expedition reports)
- Emergency contact details
- Any additional information voluntarily provided
Volunteers, Trustees and Staff
- Application details
- Professional role or appointment
- References
- Training records
- DBS checks (where required)
- Payroll and HR information
Professional and Partner Information
- Organisation
- Role or appointment
- Contact details for expedition leaders, cadet organisations, and partners
Website Visitors
When you use our website we may collect:
- IP address
- Browser type
- Device information
- Website usage data
- Cookies and analytics data
- Contact form submissions
5. How We Collect Personal Data
We collect personal data in several ways, including when you:
- apply for expedition funding or grants
- donate to the Trust
- attend events or activities
- subscribe to newsletters or updates
- contact us by email, phone or post
- interact with us on social media
- visit our website
We may also receive information from partner organisations including:
- UK Reserve and Cadet organisations
- expedition leaders or organisers
- partner charities or activity providers
- payment processors or fundraising platforms (e.g. JustGiving)
6. How We Use Personal Data
We use personal data for the following purposes.
Delivering our charitable activities
- processing grant applications
- administering expedition support
- evaluating the impact of our work
Managing relationships
- communicating with supporters, volunteers and partners
- responding to enquiries
- coordinating events and activities
Fundraising and communications
- sending newsletters and updates
- providing information about fundraising activities
- communicating about events and campaigns
Administration and governance
- managing donations and Gift Aid claims
- maintaining financial and operational records
- managing volunteers, trustees and staff
- complying with legal and regulatory obligations
Improving our services
- analysing website usage
- reviewing programme impact
- improving grant and expedition support processes
7. Lawful Bases for Processing
Under UK GDPR we rely on one or more of the following lawful bases:
- Consent – where you have agreed to receive communications
- Contract – where processing is necessary to deliver services or grants
- Legitimate interests – for managing and developing the charity
- Legal obligation – for regulatory or financial compliance
- Vital interests – where necessary to protect individuals’ safety during expeditions or activities
8. Marketing Communications
If you subscribe to receive updates, we may send information about:
- the Trust’s activities
- fundraising opportunities
- events and campaigns
You can opt out or unsubscribe at any time by:
- using the unsubscribe link in emails, or
- contacting us directly.
9. Sharing Personal Data
We do not sell personal data.
We may share information where necessary with:
- trustees, staff and authorised volunteers
- professional advisers (lawyers, auditors, accountants)
- IT and service providers supporting our systems
- expedition organisers or partner organisations
- payment processors and fundraising platforms
- HMRC for Gift Aid claims
- regulators such as the Charity Commission
- safeguarding authorities or law enforcement where required by law
All third parties are required to handle personal data securely and only for agreed purposes.
10. International Data Transfers
Most personal data is processed within the United Kingdom.
Where services involve overseas providers (such as cloud services), we ensure appropriate safeguards are in place in accordance with UK data protection law, including:
- adequacy regulations, or
- standard contractual clauses.
11. Data Security
We take appropriate technical and organisational measures to protect personal data from:
- unauthorised access
- loss
- misuse
- alteration
- disclosure
Security measures include:
- secure IT systems and servers
- password protection and encryption
- access controls
- staff and volunteer training
- regular data protection reviews and audits
12. Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including legal and regulatory obligations.
Typical retention periods include:
- Gift Aid and financial records: 6 years
- Volunteer and HR records: in line with employment legislation
- Grant and expedition records: based on programme requirements
- Mailing lists: until consent is withdrawn or individuals unsubscribe
When data is no longer required it will be securely deleted or anonymised.
13. Your Data Protection Rights
Under UK GDPR you have the right to:
- request access to your personal data
- request correction of inaccurate data
- request erasure of your data in certain circumstances
- restrict processing of your data
- object to certain processing
- request transfer of your data to another organisation
- withdraw consent where processing is based on consent
To exercise any of these rights, please contact us.
14. Cookies and Website Data
Our website may use cookies to:
- improve website functionality
- analyse visitor behaviour
- enhance user experience
You can manage or disable cookies through your browser settings.
15. Links to Other Websites
Our website may contain links to third-party websites.
The Trust is not responsible for the privacy practices or content of those websites.
16. Changes to This Policy
We may update this Data Protection & Privacy Policy from time to time.
The most recent version will always be available on our website.
17. Contact Us
If you have questions about this policy or wish to exercise your rights, please contact:
The Ulysses Trust
Email: secretary@ulyssestrust.co.uk
18. Complaints
If you are concerned about how we handle your personal data, please contact us in the first instance so we can address the issue.
You also have the right to complain to the UK data protection regulator:
Information Commissioner’s Office (ICO)
https://ico.org.uk
Top of Form
Bottom of Form