Data Protection Policy

Athena Herd Foundation is located at High Lees Farmhouse, Wagon Lane, Paddock Wood, TN12 6PT (“Athena Herd Foundation” “Athena Herd” “Athena” or “We” orUs” or “Our).

Athena Herd Foundation is made up of three trading arms: Awarding, Learning and Community.

Concordia Equestrians™ is trading name of the Athena Herd Foundation.  Concordia International™, Concordia Equestrians™, Concordia International Equestrian Magazine™ are all recognised trade marks of the Athena Herd Foundation™.

Athena Herd Foundation needs to retain and process certain data to enable the efficient running of the business.  Including, for example, personal data on volunteers, employees, customers, service users, clients and learners.  Athena Herd Foundation is committed to protecting all personal data. Therefore, when you contact Us (for whatever reason) you can be confident about how personal data will be looked after and used.

Athena Herd Foundation is a Global Specialist in Equine Interactions.  Being around the Athena Herd of horses inspires learning, recovery, regain of self-esteem and provides a sense of purpose and community to our learners, communities and clients.  Concordia Equestrians circulate a magazine around the voice of the horse

In developing relationships with the Athena Herd of horses and learning new skills, participants gain increased self-confidence, self-awareness, improved communication skills, learning responsibility and empathy. These are factors linked to resilience said to be essential in achieving positive life outcomes.  Athena is about supporting people to pursue happy healthy lives and the Athena Herd are part of the change mechanism and Concordia Equestrians circulate a magazine around the voice of the horse (“Services”).

Please read this Data Protection Policy carefully to understand Our views and practices regarding your personal data and how We will treat it.

Athena Herd Foundation owns and operates https://athenaherd.org and https://concordiaequestrians.org ("Website").

For the purpose of the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679) and/or any relevant law implemented as a result of General Data Protection Regulation and E Privacy Law (together, "Data Protection Laws"), We are a:

  1. data controller in respect of any personal data that You share with Us, or that We collect, through Our Website (including any personal data that you provide to Us, or that We collect, during your registration for, and subscription to, the Services we provide) or otherwise in Your communications with Us; and
  2. data processor in respect of personal data that You share with Us as part of Your use of the Services that We provide, and in respect of which You are the data controller. Our and Your respective obligations in relation to that personal data are set out in this Data Protection Policy and Our Terms and Conditions.

You can contact Us directly, at the above address, by email at info@athenaherd.org, or through our Website.

This Data Protection Policy applies to all use of Our Website and the provision of Services to You, and any other communications You have with Us from time to time.

For the purposes of Data Protection Laws and paragraph b. above only, We process "Personal Data " (as defined in Our Terms and Conditions) in accordance with the following scope, nature and purposes:

  • Nature and purpose of the processing of personal data: necessary for the provision of our Services to You in accordance with our Terms and Conditions.
  • Subject matter of the Processing of Personal Data: for Our provision of Services to You, as set out in Our Terms and Conditions.
  • Duration of the Processing of Personal Data: the Term of Our Agreement with you in accordance with our Terms and Conditions entered into under the same, until We delete that data in accordance with the Agreement between Us.
  • Categories of Personal Data being shared between You and Us: personal data relating to individuals provided to Us by You (or at Your direction) during Our provision of the Services.
  • Types of Data Subject in respect of whom We Process Personal Data: the Data Subjects in respect of whom use Our Services and data is sent (or provided) to Us by You or at Your direction. For the avoidance of doubt, this does not relate to Our processing of Your personal data otherwise than in accordance with paragraph b. above.
  • Fair processing: We will only use Your personal data in the manner set out in this Data Protection Policy. We will only use Your personal data in a way that is fair to You. We will only collect personal data where it is necessary for Us to do so and where it is relevant to Our dealings with You. We will only keep your personal data for as long as it is relevant to the purpose for which it was collected or for as long as we are required to keep it by law.
  • Other than as set out in this Data Protection Policy, We shall NOT sell or disclose your personal data to third parties without obtaining Your prior consent unless this is necessary for the purposes set out in this Data Protection Policy or unless We are required to do so by law.
  • Collection and processing of your personal data: We collect:

Your title and name:

  • By You filling in an application form at the time you subscribe to receive the Services we provide either directly or through the Website (including newsletters and other communications).
  • When You fill in forms available on the Website to get in touch with Us or get in touch with Us directly for example to inform Us of a particular issue, to make a complaint, to request access to additional services, or register for an event.
  • When You contact Us in any other way for any reason.

Your address:

By You filling in an application form at the time you subscribe to receive the Services we provide either directly or through the Website.

Your email address:

  • By You filling in an application form at the time you subscribe to receive the Services we provide either directly or through the Website (including newsletters and other communications).
  • When You fill in forms available on the Website or get in touch with Us directly, for example to inform Us of a particular issue, to make a complaint, to request access to additional services, or sign-up for an event.
  • When You contact Us in any other way for any reason.

Your contact telephone number(s)

  • By You filling in an application form at the time you subscribe to receive the Services We provide either directly or through the Website (including newsletters and other communications).
  • When You fill in forms available on the Website to get in touch with Us or directly, for example to inform Us of a particular issue, to make a complaint, to request access to additional services, or register for an event.
  • When You contact Us in any other way for any reason.

Your username and password for accessing the restricted areas of the Website

By You filling in an application form at the time you subscribe to receive the Services we provide through the Website or contacting Us directly.

Your business name (if applicable)

By You filling in an application form at the time You subscribe to receive the Services We provide through the Website or directly (including newsletters and other communications).

Special Category Data

Owing to the Services that We offer, Athena Herd Foundation needs to collect, store and process special category data about You.  Special category data is information about an individual that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, and/or information concerning health.  We collect and process information concerning your health (health data) for the purpose of assessing the suitability of our Services. Where We collect such information, We will only request and process the minimum necessary for specified purposes. The legal basis for this processing is the compliance with our legal obligations, to protect your vital interests and consent.

Why do We use the personal data?

We use the personal data You provide to Us for the following purposes:

  • To provide You with billing information in relation to any Services that We provide to You. This is necessary for the performance of the contract We have in place with You.
  • To manage the Website, detect fraud or Website abuses, send You information relevant to the Website and in case We have any queries. This is in our legitimate interest.
  • To carry out Our obligations arising from any Agreement entered into between You and Us. This is necessary for the performance of the Agreement We have in place with You.
  • To notify You about changes to Our Services. This is necessary for the performance of the Agreement We have in place with You.
  • To allow You to register for a Training Programme or event through Our Website, which may include sending an email to You to confirm your details. This is necessary for the performance of the Agreement We have in place with You.
  • To give You a new password if You have forgotten it. This is necessary for the performance of the Agreement We have in place with you.
  • To provide learner/customer support. This is necessary for the performance of the Agreement We have in place with You.
  • To prevent or investigate prohibited activity. This is in our legitimate interest.
  • To enforce Terms and Conditions and/or any Agreement entered into between Us. This is in our legitimate interest.

How long do We hold the personal data for?

If We are providing Services to You, we will keep your personal data for as long as We have an Agreement with You to provide Services to You through the Website.

We will keep personal data after We stop providing Services to You through the Website, to see if you would like to start using those Services again.  After that, We will delete Your personal data, except where We need to keep it for legal, regulatory or audit reasons, in which case we may do so for 6 (six) years after You cease to be Our customer.

In some circumstances You can ask Us to delete your data (see below for further information).

In some circumstances We may anonymise Your personal data (so that it can no longer be associated with You) for research or statistical purposes in which case We may use this information indefinitely without further notice to You.

Otherwise, We will only retain Your personal data for as long as is necessary for the reason We collected it.  In making this decision, We consider the amount, nature and sensitivity of the data, the reason We process it and, whether We can achieve that purpose without processing Your data, legal requirements, and the potential risks to You from Us processing Your data. You can contact Us for more information about how long We hold your data for.

Information You provide to Us when enquiring about, or applying for, jobs listed on the Website or through such other media as We may use for such purposes from time to time.  Please see "Recruitment" below.

Recruitment

We are the data controller for any information You give to us during a job or volunteer enquiry or application process.

We will only collect the information that We need for recruitment purposes as part of the job or volunteer application process, such as your name, address, email address, phone number, employment history, salary history and referees (together, "Recruitment Data"). We will retain Recruitment Data for as long as is necessary, and in any event for no longer than 2 (two) years, and, if we employ you, for the duration of your employment with us and for a period after your employment ends, in accordance with our internal policies of which you will be informed if you join us.

We will use Recruitment Data only for the purpose of dealing with Your enquiry or application, or to fulfil our legal and/or regulatory obligations. This might include contacting You to keep your application moving and assessing your suitability for the particular role We have available.

We will not share Recruitment Data with any third parties for marketing purposes, and We will not transfer it outside of the European Economic Area.

You do not have to provide personal data to us when We ask for it, but it may impact Your application if you do not give Us all of the information We need to assess your suitability for the role We have available.

If We make you a conditional offer of employment, We will ask you for further information, such as proof of your qualifications and identity, and information about Your health. If We then make you a final offer of employment, We will ask you for details of Your bank account (so we can pay your salary), emergency contact details, and details of any pension scheme of which you are a member.

Making sure the Personal Data We hold is accurate and up-to-date

You should only submit to Us or the Website information which is accurate and not misleading.

By submitting Your or anyone else's data to Us or the Website, You must ensure that You have full authority and consent to supply Us with that data on their behalf and You warrant to Us that You do have that authority.

IP addresses

We may collect information about Your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our Users' browsing actions and patterns and does not identify any individual.

We use this data to ensure that content from the Website is presented in the most effective manner for You and for Your computer. We hold this data for 2 (two) years.

Cookies

You can set Your browser to refuse all or some browser cookies, or to alert You when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Website may become inaccessible or not function properly. For more information about the cookies We use, please see Our Cookie Policy.

Where We store your Personal Data

All information You provide to Us is stored on Our secure servers. We use industry standard security and firewalls on Our servers. Where We have given You (or where You have chosen) a password which enables You to access certain parts of the Website, You are responsible for keeping that password confidential. We ask You not to share a password with anyone.

We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of Your information. Our security procedures mean that We may occasionally request proof of identity before We disclose personal information to You.

Unfortunately, the transmission of information via the Internet is not completely secure. Although We do our best to protect your personal data, We cannot guarantee the security of your data transmitted to the Website. Any transmission is at Your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Security

We hold all personal data securely, whether the personal data is in physical or electronic format. We have put in place appropriate security measures to prevent Your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, We limit access to Your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify You and any applicable regulator of a breach where We are legally required to do so.

Sharing Personal Data with third parties

In providing Our Services or otherwise running our business, We use third parties which assist Us in operating Our business, and which process certain personal data on Our behalf. We share personal data with those third parties only to the extent it is necessary for Us to provide the Services, and where it is in Our legitimate interest to do so. We have contracts with those third parties in which they are obligated to process personal data in compliance with Data Protection Laws. All third parties are based in European Economic Area (EEA). See Our Terms and Conditions for information about third parties that We use in providing our Services.

Other third parties that We use in operating the Website, other than for providing our Services, are as set out below:

Third party: Google, Inc. (Google Analytics)

Purpose: We use this provider to supply information about Your usage of the website.

In most circumstances We will not disclose personal data without consent. However, when We receive a complaint or communication from, for example, the Information Commissioner's Office or another regulator or relevant body (such as the Police), We may be under an obligation to share personal information.

Other websites

The Website may, from time to time, contain links to and from the websites. If you follow a link to any of these websites, please note that these websites have their own data protection/privacy policies and We do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Your rights under Data Protection Laws

If You would like to:

- correct or update the Personal Data that We hold about You

- ask that We delete Your personal data;

- get a copy of the personal data that We hold about You;

- access the personal data We hold about You;

- restrict the uses for which We use your personal data;

- transfer the personal data We hold about You to a third-party data controller;

- object to Our processing of Your personal data for particular purposes; or

- withdraw Your consent to Our use of your personal data (where relevant);

Please contact Us promptly directly or through our Website or by post sent to Our registered address. When contacting Us, please include your name, email address and customer reference so that we can be sure that it is You that is contacting Us and not somebody else.

Usually, You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, We may charge a reasonable fee if Your request is clearly unfounded, repetitive or excessive. Alternatively, We may refuse to comply with Your request in these circumstances.

You can unsubscribe from receiving marketing communications from Us by contacting Us directly or through Our Website or by post sent to Our registered address.

We may need to request specific information from You to help Us confirm Your identity and ensure Your right to access Your personal data (or to exercise any of Your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact You to ask You for further information in relation to Your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if Your request is particularly complex or You have made a number of requests. In this case, We will notify you and keep you updated.

Changes to Our Data Protection Policy

Any changes We make to this Data Protection Policy will be posted on Our Website and, where appropriate, notified to You by e-mail. Each time you enter the Website, you agree that the Terms and Conditions and this Data Protection Policy current at that time shall apply to all personal data held by Us.

Contact

Questions, comments and requests regarding the Terms and Conditions and/or this Data Protection Policy are welcomed and should be sent to us directly or through our Website, email or by post sent to our registered address.