Please click HERE to continue subscribing to emails from Chelsea Physic Garden.

This is the privacy policy for Chelsea Physic Garden.  A large print version of this policy is available on request from [email protected]

Chelsea Physic Garden is the former garden of the Worshipful Society of Apothecaries, established in 1673 in order to grow medicinal plants and train apprentices in their identification and use.  It is open to the public as an historic botanic garden with exhibitions and educational activities. There are a café and shop on site and the Garden undertakes other activities to raise funds to support their work.

Chelsea Physic Garden Company is a registered charity (charity number 286513) and company (company number 1690871).  CPG Enterprises Limited (company number 03140004) is a wholly owned subsidiary company responsible for the commercial activities of the charity and the company.  Under this policy, ‘we’ and ‘Chelsea Physic Garden’ refer to both Chelsea Physic Garden Company and CPG Enterprises Limited.

We are committed to protecting your privacy and ensuring the confidentiality of the personal information we collect.

  1. Introduction

This privacy notice sets out the way we process your information and details our privacy policy. We will always refer to this privacy policy when we ask you for your consent. We’ll keep this policy updated on our webpage to show you all the things we do with your personal information so that you can be confident when sharing your information with us that it will be only used for what we say here.

  1. How we use personal information

Personal information provided to us will be used for the purposes outlined at the time of collection or registration in accordance with the preferences you express.

Personal data collected and processed by us may be used for the following purposes:

  • Administration of membership(s)
  • Fulfilment of orders for goods and services requested
  • Administration of donations and legacies
  • Research and statistical analysis
  • Communication about our educational, membership, fundraising and other activities that we think may be of interest to you
  • To tell you about special offers for our supporters from partners that support our cause
  • Ensuring all marketing communications you receive from us are relevant, such as tailoring messaging to our existing supporters and potential supporters

Personal data collected and processed by us will not be shared with third parties. 

To allow us to profile our supporters and target similar audiences with our communications  we may host encrypted personal data on third party websites such as social media platforms. This data is not linked to any personally-identifiable information. Your data would only ever be analysed or profiled through encrypted and protected data, which only ever identifies broad statistics.

You are always in control of how we communicate with you. You can update your choices by contacting the address in section 7 below.

  1. Your marketing permissions

Chelsea Physic Garden always upholds your choices about what type of communications you want to receive and how you want to receive them. However there are some communications that need to happen regardless of your marketing preferences. These are what we would describe as essential communications to fulfil our promises to you as a member or buyer of goods or services from the Garden. Examples of this type of communication would be:

  • Transaction notification messaging, such as Direct Debit confirmation
  • Membership related mailings such as your renewal reminder
  1. Retention

We will retain your personal information for as long as you have an active relationship with Chelsea Physic Garden and to comply with our legal obligations in relation to  matters such as Gift Aid processing and accounting rules. If you cease to have an active relationship with us or request to receive no further contact, we will also retain some basic information in order to avoid sending you unwanted materials in the future, and to ensure that we don’t accidentally duplicate information.

  1. Consent

When we request your consent, we will ensure always that you are as fully informed as possible at the time on what we do with your personal information, with whom it may be shared and how long we will keep it. This is in line with the requirements of the current Data Protection Act and other relevant legislation.

  1. Accessing your personal data held by Chelsea Physic Garden

You have the right to ask us, in writing, for a copy of all the personal data held about you (this is known as a 'subject access request') upon payment of a fee of £10.

A copy will be sent to you as soon as possible but this will not be later than 40 days after your request.

If you would like to access your personal data held by us, please apply in writing to:  

Data Protection Officer

Chelsea Physic Garden

66 Royal Hospital Road

London SW3 4HS

  1. Updating and amending your personal information

If, at any time, you want to update or amend your personal data or preferences please write to:
 
Chelsea Physic Garden

66 Royal Hospital Road

London

SW3 4HS

For alternative communication methods, please check our Contact us page.

Verification, updating or amendment of personal data will take place within 28 days of receipt of your request.

  1. Cookies

A cookie is a small file downloaded on to the hard drive of a computer or mobile device when the user logs on to a website.

One cookie we use is to remember your font size preference.

We also set Google Analytics cookies to collect general statistical information to help us understand how our website is used and to improve the service we provide. We learn whether visitors have used the website before, which pages are the most popular and how users move around the site. This information does not allow users to be identified individually.

 It is important for us to be able to include your visit in our statistics. By continuing to use the website without changing settings, you are agreeing to our use of these cookies.

To find out more general information on cookies, and how to control or delete them, please go to AboutCookies.org or AllAboutCookies.org.

  1. Links to third party websites

This privacy policy applies solely to the personal data collected by Chelsea Physic Garden and does not apply to third party websites and services that are not under our control.
 
We cannot be held responsible for the privacy policies of third party websites and we advise users to read the privacy policies of other websites before registering any personal data.

  1. Data security

Chelsea Physic Garden has in place physical, electronic and managerial procedures to safeguard and secure the personal information we collect.

We do use external ‘data processors’ to manage ticket purchases, online donations, and hold email mailing lists.  All of our data processors have provided statements on how they keep your personal data safe and secure in compliance with the General Data Protection Regulation (GDPR) 2018.

All our employees and data processors who have access to, and are associated with the processing of, personal data are legally obliged to respect the confidentiality of our visitors’ and supporters’ personal data.

  1. Payment card information

Chelsea Physic Garden has an active PCI-DSS compliance programme in place. This is the international standard for safe card payment processes. As part of our compliance with this very stringent standard, we ensure that our IT systems do not directly collect or store your payment card information; for example the full 16 digit numbers on the front of the card or the security code on the back.

  1. Scannable cards

We use the barcodes on our membership cards to collect information on your visits. When you visit, data such as  the date that you visited and your membership number is collected. We use this information to understand our Friends’ visiting trends.

We may also use this information to make our communications to you more relevant.

  1. Fundraising

Chelsea Physic Garden is a charity, and we actively raise money towards a broad range of projects and ongoing work. We keep a record on our database of your donations so that we can contact you and ask you to donate on another occasion.

If you have opted in to receive marketing communications by email, you may also receive fundraising messages from us. We try to make these as relevant to you as we can. You can opt out of fundraising communications at any time by replying to any message you receive from us.

From time to time we may analyse our database to find people who we think might be able to support us based on factors such as previous contributions, transaction history and demographics. We may note other relevant information about you in our database. This could be information that you have given us yourself, information from publicly available sources, or information shared by other organisations with your consent. 

We will not share or sell your personal information to third parties for the purpose of fundraising or marketing. We may use third parties who collate available information about you, and who undertake research to assess your ability or likely interest in supporting our work  so as to  ensure that you only receive fundraising communications or invitations to support us which are relevant. 

  1. Legal requirements

We keep your personal information only for as long as required to comply with legal and tax requirements, such as Gift Aid processing and accounting rules. Where your information is no longer required, we will ensure it is disposed of in a secure manner.

  1. What this privacy notice tells you and how it is updated

This privacy notice will hold the latest information regarding our privacy policy and we will refer to it when we ask you for your consent. The notice will be updated from time to time to reflect any relevant changes in legislation or related good practice.  This privacy notice was last updated in March 2018.