Back to Top

Privacy Policy

Make Them Smile


1. Introduction

Make Them Smile is committed to protecting and respecting your privacy. Protecting personal data has always been a priority of our Trustees, staff, and volunteers.

This Privacy Policy explains how we collect, use, store, and protect personal information, and outlines your rights under data protection legislation, including the UK General Data Protection Regulation (UK GDPR).


2. Who We Are

Make Them Smile is a UK registered children’s charity that provides support, equipment, respite, and holiday opportunities to children with disabilities and their families.

We act as the Data Controller for the personal data we collect and process.


3. What Personal Data We Collect

We may collect and store the following types of personal information, where relevant:

Names and contact details (address, email, telephone number)

Information relating to children and families applying for support

Donation and financial transaction records

Correspondence with us (emails, letters, application forms)

Volunteer information where applicable

We only collect information that is necessary for the purposes outlined in this policy.


4. Why We Store and Use Your Personal Data

We may use your personal data for the following purposes:

To provide services, grants, respite, holidays, and support

To process applications and assess eligibility

To contact you regarding important changes to our services

To manage donations, accounts, and financial records

Where we have dealt with you previously, to contact you by email, post, or telephone with news and updates about our work and events

To meet our legal, regulatory, and safeguarding obligations


5. Lawful Basis for Processing

We process personal data under one or more of the following lawful bases:

Consent

Performance of a contract or agreement

Legal obligation

Legitimate interests of the charity, where these do not override your rights


6. How We Protect Your Data

We take the security of your personal information very seriously.

We protect your data by:

Using appropriate technical and organisational security measures

Restricting access to personal data to authorised individuals only

Ensuring all Trustees, staff, and volunteers handling data comply with strict data protection standards

Providing training to ensure data is handled responsibly and confidentially


7. How Long We Keep Your Data

We retain personal data only for as long as necessary.

In most cases, personal data will be held for a maximum of 11 years, in line with our financial, accounting, and regulatory requirements. After this period, data is securely deleted or destroyed.


8. Sharing Your Personal Data

We do not sell, rent, or share your personal information with third parties for marketing purposes.

Personal data will only be shared where:

We are legally required to do so

It is necessary to deliver a service you have requested (with appropriate safeguards in place)

Otherwise, your data remains confidential.


9. Your Data Protection Rights

Under data protection law, you have the right to:

Request access to your personal data

Request correction of inaccurate or incomplete data

Request erasure of your personal data (where applicable)

Object to or restrict certain types of processing

Withdraw consent at any time, where consent is the lawful basis

Lodge a complaint with the Information Commissioner’s Office (ICO)


10. How to Contact Us

If you have any questions about this Privacy Policy or how we handle your data, or if you wish to exercise your rights, please contact us directly.


11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legislation or our practices.


Children & Families Data Safeguarding

Make Them Smile recognises that personal data relating to children and their families is particularly sensitive and requires the highest level of care and protection.

We are fully committed to safeguarding the privacy, dignity, and wellbeing of all children and families we support.

How we safeguard children’s and families’ data

We only collect information that is strictly necessary to assess applications, provide support, and meet legal or safeguarding obligations

Access to children’s and families’ personal data is restricted to authorised Trustees, staff, and volunteers who require it for their role

All individuals handling this information are trained in data protection, confidentiality, and safeguarding responsibilities

Sensitive information is stored securely using appropriate technical and organisational measures

Paper records, where used, are kept in secure locations and disposed of safely when no longer required

Use of children’s information

Information relating to children is:

Used solely for the purpose of delivering support, services, and safeguarding

Never used for marketing purposes

Never shared externally unless legally required or where necessary to protect the welfare of the child

Safeguarding and legal responsibilities

Where there is a concern about the safety or wellbeing of a child or vulnerable person, we may share relevant information with appropriate authorities only when required by law or safeguarding guidance.

Any such disclosure will be limited to the minimum necessary and handled with the utmost care.

This commitment forms part of our wider safeguarding, confidentiality, and data protection policies.