1   Inspire Hounslow, (hereinafter called IH), is a charitable company, limited by guarantee, to provide charitable services to people who reside, work or study in the London Borough of Hounslow. It was incorporated as Hounslow Cultural and Community Services on the 14th April 1998 and changed to its present name on the 15th January 2013.  IH has a website, and its email address is

N.B. This policy should be read in conjunction with the “Terms for using the IH website” available on the same website.

2   This Policy is designed to ensure that information supplied to IH will be used only for the purposes of IH and will be used in a proper manner in accordance with this policy. 

3  Who is covered by the policy?

Data subjects”, defined under the Data Protection Act 2018 as an identified or identifiable living individual to whom personal data relates. The same Act defines an “identifiable living individual” as one who can be identified, directly or indirectly, in particular by reference to – (a) an identifier such as a name, an identification number, location date or an online identifier, or (b) one or more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of the individuals. For the purposes of this Policy “data subjects” will also include past and present trustees and anyone working for IH.

4   IH Data Controller

The Trustee Charles Rees will be designated as the Data Protection Controller for IH and will be responsible for IH complying with the requirements of the Data Protection Act, 2018. Under the Act, Data Subjects, as defined above, have a right to know what information is being held about them and how that information will be used. The Act sets out six principles to ensure that that the personal data held by IH is, or will be:-

  • Processed lawfully and fairly
  • Processed for purposes that are specificied, explicit and legitimate
  • That the personal data obtained is adequate, relevant, and not excessive,
  • That the personal data is accurate and kept up to date,
  • That the personal data will be kept for no longer than is necessary
  • That the personal data is processed in a secure manner.

5    The duties of the Data Controller under this Policy will be:-

  • Informing and advising the data processors of IH, (see below), of their obligations to comply with the General Data Protection Regulation, (GDPR), and the Data Protection Act, 2018. 
  • Monitoring compliance including managing internal data protection activities.
  • Advising on data protection impact assessments if required under article 33 of the GDPR – notification of personal data breach to the supervisory authority, the Information Commissioner’s Office.
  • Being available for inquiries from data subjects on issues relating to data protection practices, withdrawal of consent, the right by a data subject “to be forgotten”, and related rights.

6    IH Data Processors

The IH Data Controller will designate Data Processors who shall include the Treasurer of the Board of Trustees and the Administrator to the Board and trustees. Their duties will include monitoring compliance with the policies of the IH Data Protection Controller in relation to the protection of the personal data and processing all data received by IH and processing information as required.

7    What kinds of data are covered under this Policy?

This Policy applies not only to information stored on-line but to all personal data received and stored by IH in whatever format.

8     What information will IH collect?

  • Information contained in applications by organisations or persons seeking grants or loans from IH, progress reports and financial information in connection with grants and any other progress reports and financial information. Such information is likely to include, (but not be limited to), names, titles, addresses, telephone numbers, email addresses of the office holders, members and users of those organisations or persons applying for grants and loans, with summaries of  their activities,  together with financial details, names, postal and email addresses and telephone numbers of people dealing with those organisations either as users of their services or providing services or goods to them, and also any progress reports and evidence of spend of organisations receiving money from IH.
  • Credit references and any other financial information not included in an organisation’s application  for funding
  • Information about people not connected to either IH or organisations or persons supported by IH but who might be mentioned in material published either by IH or organisations by IH, e.g. by press release, video, TV or radio transmission or any other kind of transmission or dissemination.
  • Information contained in application forms by persons applying to be trustees of IH and any subsequent statutory and other information recorded by IH such information including their names, addresses, date of birth, all other contact details and their employment.
  • Any other data relating to IH’s present and past trustees and all those working for IH.
  • Details of persons and organisations supplying any goods or services to IH.
  • Information supplied by or to third parties about persons and organisations with whom IH is, or has been, or may be involved,  including, but not limited to, its solicitor, accountant, auditor.
  • Any other information gathered in conjunction with IH operations as indicated in its Memorandum of Association, Articles of Association, IH Trustees Rules all accessible on the IH website.

9   Why does IH need this information ?

To enable it to carry out its charitable activities in a manner which complies with data protection law and follows good practice. In particular in this policy IH has set out how it will store and process personal information in accordance with the requirements of the General Data Protection Requirement as set out in the Data Protection Act 2018, in particular that any data obtained by IH shall be processed for only lawful purposes and that personal data shall be held, stored and processed in a manner which is adequate, relevant and not excessive in relation to the purpose or the purposes for which the data is processed.

10  Storage of information by IH under this Policy

All on-line information will be stored on IH’s website. All written information will be kept by the Chair whose address is:- 70 Thornbury Road, Isleworth, Middlesex TW7 4LN. The transmission of information via the internet is not completely secure. IH will take reasonable steps to protect personal data but cannot guarantee the security of data transmitted to its site so any transmission is at the risk of the person supplying it. However, once information has been received IH will use reasonable endeavours to prevent unauthorised access.

10.1 IH takes reasonable steps to ensure that data held by IH Trustees, advisors and those working for IH will be held on a private server and private dedicated email address, kept securely, and separate from non-IH papers.

10.2 IH will hold information under this Policy for no longer than is necessary. 

11 Consent of data subjects to information held on them by IH 

No written or pictorial information shall be stored by IH whether on-line or in any other format without the express or implied consent of the data subject, or in the case of a subject lacking full legal capacity their parent or guardian or registered attorney. It will be the responsibility of those providing IH with such data to ensure and confirm in writing to IH that such consent has been obtained.


In particular any applicant for a grant or loan who includes any personal information in that application, or might include it at a later stage, must confirm, (at the same time or before any personal information is provided) that they have obtained consent from the person whose data it is to provide that information and for it to be made public, for example, on their website or the IH website. Personal information is defined under the Data Protection Act, 2018.  This is a complex subject and any applicant who has doubts about providing such information either in the application or in later information to IH should seek legal advice.

12  Controlling personal information supplied to IH

IH will not sell, distribute or lease personal information supplied to it to third parties unless requested to do so by the person supplying the information or IH is required by law to disclose that information. 

13  Applications by individuals, (data subjects), for details of any personal information held on them by IH

 IH will supply details of information held under the Data Protection Act 2018 to the data subject (i.e. the person whose information is held).  Any application for personal information should be sent to Charles Rees, Data Controller, at Inspire Hounslow’s Registered Office, Menzies LLP Heathrow, Centrum House, 36 Station Road, Egham Surrey TW20 9LF.

14  Rights of a data subject under this policy

In addition to having the right to access information held on him or her by IH a data subject has other rights. These include:-

  • A right to have the information erased if it is held because the data subject originally consented this consent for IH to hold it.
  • A right to have it erased if the data subject considers that that the information is no longer needed for the purpose for which it was originally stored and/or there is no overriding legitimate interest to continue to hold or process it.
  • A right to have any data which the subject believes is incorrect, corrected.

If the data should never have been stored by IH, or if the data subject contests the accuracy of the personal data but it is not possible to ascertain whether it is accurate or not, the IH Data Controller will restrict its processing.

15   Territorial application of this policy

This policy will apply only within the continent of Europe and nowhere else in the world. 

16   Alteration or variation of this policy

The trustees of IH reserve the right at any time to alter or vary this policy whether because of changes of law or changes of policy by the IH trustees.

This policy is dated the   7.1.24