Privacy notice – supporters

Perennial recognises and understands that your privacy is very important. We want you to be confident that we will handle your personal information with care and respect. We have outlined below how Perennial collects, uses, discloses and protects this information.

Personal information includes any information that identifies you personally, such as your name, address, email address or telephone number. It may also include other information that will be helpful for us to ensure that we only send you information that you might be interested in.

Our privacy policy may be revised from time to time. We will post any changes to our privacy policy on our website and if the changes are significant, we will provide a more prominent notice. We will also keep prior versions of this privacy policy in an archive for your review. Please search for ‘archive’ on our website to find these.

What information we collect

We may collect, hold and process, various kinds of personal information which you provide when filling in forms or when you contact us in any other way, e.g. by letter. This data may include your name, contact details, employment history, educational qualifications, complaint details and other information.

We may also collect and hold, sensitive information, such as financial circumstance and health data in respect of our clients – and membership of a professional association, health data and insurance policy information in respect of contractors and prospective employees.

In order to ensure that the data we hold about you is accurate and up to date, we may occasionally use information sources that are in the public domain to verify your details, such as an address or telephone number. Sometimes we use third parties to supplement the information that we hold, as we only want to send you information which we believe you will be interested in. This is done under section 6.1 (f) of the UK GDPR – Legitimate Interests.

How we collect information

Perennial and its trading company GRBS (Enterprises) Ltd, collects and stores, with the support of the relevant legal basis according to UK GDPR, personal information provided by clients, employees, volunteers and donors supplied in writing, via email, via the telephone or via online forms on the Perennial website.

This information might be provided when applying for assistance, making an enquiry, registering for an event, buying goods, offering help or making a donation. When photographers give us copies of photographs/videos in which you can be identified, they also give us your personal details to confirm that you have consented to us using the image.

We will always tell you when we are going to store information and will give you the opportunity to make the choice to ‘opt in’ at that time. You have the ability to ‘opt out’ of any form of communication at any time, either by contacting us by telephone, email, letter or through the ‘Contact Us’ page of our website at

If you are a client of Perennial, we may also receive personal information about you from a third party, for example from a Welfare Officer, other charity, agency or third party organisation.

How we use your information

We may use the information we collect from or about you in any of the following ways:

    Supporters and volunteers:

    • To provide you with the services, products or information you have requested or to fulfil individual agreements with volunteers.
    • To communicate with you – by post or telephone – to provide you with information relating to your personal involvement with the charity, or to provide you with information relating to our work, charitable activities and/or fundraising activities.
    • To communication with you – by Email or Text – to provide you with information relating to your personal involvement with the charity, or to provide you with information relating to our work, charitable activities and/or fundraising activities when you have given us permission to do so.
    • We may use your data for fundraising purposes, which may include profiling and wealth screening techniques so that we can tailor our communication to you. We may use additional information about you obtained via third parties including geographic information, demographic information and measure of affluence, to help us to understand the backgrounds of people who support us. This helps to keep fundraising costs down as we can make appropriate requests for gifts to supporters who may be able and willing to give more than they already do and/or leave us a gift in their will.
    • On occasion, we may also use your personal information for internal administration purposes to statistically analyse our operations or conduct service reviews.
    • We may use photographs/videos of you in our promotional and marketing materials, if you have given us consent to do so.

    Disclosure of information

    Perennial, and its trading company GRBS (Enterprises) Ltd, may need to disclose your information if required to do so by law. Aside from this, Perennial will only share your information with third parties if it is needed to progress your case, if is in your best interests and we have explicit consent from you to do so.

    We may engage with third parties to undertake data cleansing or wealth screening on our behalf. We will retain full responsibility for your personal data and any such companies will be acting as agents of Perennial and our trading company GRBS (Enterprises) Ltd. All data will be handled in compliance with the Data Protection Act 2018, the UK General Data Protection Regulation legislation and in accordance with best practice. We will not sell or rent your information to third parties for their marketing purposes.

    We enter into contracts with these providers, which requires them to comply with data protection laws and to ensure that they have appropriate controls in place to protect the security of your information. They cannot do anything with your personal information unless we have instructed them to do so. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it only for the period we instruct.

    Details of the companies we use and their respective privacy policies are as follows:



    We may need to pass the names of event attendees to event organisers, which will be explicitly for the purposes of the event and no contact information will be shared with the event organiser without the consent of the event attendee.

    We may also share limited information with our service providers who help us to prepare and send you our communications or process your donations and other responses. However, we will not allow these organisations to use your data for their own purposes and will take care to ensure that they will keep your data secure.

    Personal data should never be transferred outside of the European Economic Area. When this is unavoidable (e.g. through using Shopify), Perennial will ensure that the information is subject to adequate rules and regulations to protect the data.

    Your data will never be sold or passed to any third party for any other purpose.

    How we store information

    Perennial makes all reasonable endeavours to ensure that your personal information is stored in a secure and confidential environment. When your information is no longer needed it will be archived, destroyed or permanently rendered anonymous.


    If you are a client/beneficiary of Perennial, your personal information (including any information you have provided to us about your family, personal finances or health) is stored securely on a database that only the Perennial Services personnel have access to.


    If you are a supporter, employee, volunteer, donor, or if you give consent for us to use your photograph/video, your information is stored securely on our database which can be accessed only by staff of Perennial and GRBS (Enterprises) Ltd. The only exception to this is for people who choose to subscribe online to our regular e-newsletters, where the data is stored securely with a third-party service and is accessible only to Perennial employees.

    If you volunteer for us, we may ask you for additional information to the usual contact details. This is to ensure that we take account of your personal circumstances or wishes when we offer your volunteering opportunities.

    Your consent

    When providing us with your personal information, including in some circumstances sensitive information relating to your personal finances or health, we will ask you if you consent to the collection and use of any of this information in accordance with the above purposes and this privacy policy. We will always tell you when we are going to store information and will give you the opportunity to make the choice to ‘opt in’ at that time.

    If you wish to withdraw your consent for Perennial to use your data for all or part of the activities listed above, you can do so at any time by using the contact details listed below, or by visiting the ‘Contact Us’ page of our website

    Privacy of children and young people

    The safety of children is very important to us. Children and young people under 18 should always ask a parent for permission before registering with Perennial in any capacity, be that to use the interactive services, to register for an event, or to shop. They should never leave personal information that could identify them away from the website, including descriptions of themselves, addresses or names of schools/colleges they attend.

    Protecting and controlling your personal information

    We will only use your personal information for direct marketing or fundraising purposes (such as sending you a Perennial gift catalogue or approaching you for a donation) if we have a legal basis to do so under UK GDPR legislation. If you have previously agreed to us using your personal information for direct marketing purposes but have since changed your mind, you may amend your preferences at any time, by using the contact information provided below or by visiting the ‘Contact Us’ page of our website On a 2 yearly basis, we will ask you to renew your consent choices as a matter of course.

    For the purpose of the Data Protection Act 2018 and UK GDPR legislation, the Data Protection Lead is The Operations Manager.

    Our privacy policy was created to provide clarity on how we manage data protection, however it does not provide exhaustive details of all aspects of Perennial’s collection and use of personal information. We will be happy to provide any further information regarding this. In order to request any additional information, please make any requests using the contact information provided below.

    Our registration numbers on the Data Protection Register, run by the Information Commissioner’s Office are:

    Perennial – Z8659551

    GRBS (Enterprises) Ltd – Z6383546


    Telephone: 01372 373962

    Address: Perennial, 115-117 Kingston Road, Leatherhead, Surrey KT22 7SU

    You may request details of personal information we hold about you (Subject Access Request) under the Data Protection Act 2018 and UK GDPR legislation. If you would like a copy of the information we hold about you, please write to The Data Protection Lead at the above address.

    If you believe that any of the personal information we have about you is incorrect, or incomplete, please contact us as soon as possible and we will promptly amend the relevant details.

    Our commitment to data security

    To prevent unauthorised access to your personal and sensitive information, maintain data accuracy and ensure the correct use of information in accordance with this privacy policy, we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information we collect.

    If you have any complaint about the way in which your information has been collected, used or stored, you can contact us by referring to our formal complaints’ procedure, found by searching for ‘complaints’ on our website at Alternatively, you can contact us directly on any of the contact methods described above.

    Your rights around your data

    As a data subject, you have the right to request that we undertake the following steps with your data:

    • Rectify
    • Erase (right to be forgotten)
    • Restrict
    • Object
    • Be involved with decision-making, including profiling
    • Portability

    To exercise any of these rights or to enquire further, please contact us using one of the methods above.