Coram Financial Data Privacy Notice

If you purchase goods or services from Coram or a related charity, or are commissioned by Coram to supply us with goods or services, you will be undertaking a financial transaction.

When you undertake financial transactions with Coram, your information is processed by Coram’s Group Finance Team as well as whichever other part of the Group you may be interacting with.

This Privacy Notice describes the types of personal information Coram’s Group Finance Team collect during our interactions with you, why we collect it, how we use it, the conditions under which we may disclose it to others, how long we keep it for, how we keep it secure, and what your rights are in relation to your information.

Your use of other Coram services is governed by any applicable terms and conditions and by our general Group Privacy Policy.

Any questions regarding this Privacy Notice and our privacy practices should be sent by email to or by writing to the Data Protection Manager, Coram, Coram Community Campus, 41 Brunswick Square, London, WC1N 2AZ.



1. Who we are
2. What personal information do we collect and how is it used?
3. What is our legal basis for processing your data?
4. Who at Coram can see your personal information?
5. Will Coram share your information with anyone else?
6. What are your rights?
7. How long will Coram keep your personal information?
8. How will we secure your personal information?
9. Changes to this privacy notice
10. Complaints
11. How to contact Coram

1. Who we are

The Coram group of charities – which we’ll refer to as ‘Coram’ in this document – is made up of a number of related charities and wholly-owned trading subsidiaries, all committed to improving the lives of the UK’s most vulnerable children and young people. The current constituents of the group are listed in our general Privacy Policy.

Back to top

2. What personal information do we collect and how is it used?

This privacy notice applies to all personal information provided by you (whether online, via email or post) in order to enable us to:
• Purchase services from you; or
• Provide services to you; or
• Undertake other relevant financial transactions with you.

The information may be provided to us either directly or via other members of the Coram Group, in order to enable us to carry out the activities above.

The personal information we collect might include:
• Personal data you provide which allows us to identify you: title, first name(s), surname
• Information you provide which enables us to correspond with you concerning the services you provide to Coram: home address, home telephone number, mobile number, work telephone number, email address
• Information you provide to enable us to pay for your services (such as your bank account details)
• Information you provide to us in order for you to make payments to us (such as credit card details)

Back to top

3. Legal basis for processing your data

By submitting your information to Coram you are consenting to us using the information you provide in the way we outline above. You may withdraw your consent at any time, but this may result in us not being able to continue to provide services to you / use your services.

We may continue to hold your personal data in order to comply with our legal and contractual record keeping obligations, and in the legitimate interest of managing our business.

Back to top

4. Who at Coram will have access to your personal information?

Your data will be received by Coram’s Group Finance department and accessed for the purposes outlined above. It may be accessed by other Coram staff members only where necessary for the purposes outlined above.

Back to top

5. Will Coram share your information with anyone else?

We will not sell or rent any information you provide to us to third parties. Nor will we share your information with third parties for marketing purposes.

Where you interact with us through third parties such as online credit card processing companies (such as Sage Pay, or WorldPay), or online fundraising platforms (such as Just Giving) the data you provide will be subject to their privacy policies, which may not be consistent with those of the Coram Group.

We will keep your information confidential except where disclosure is required or permitted by law (for example to government bodies and law enforcement agencies). Generally, we will only use your information within the Coram Group. External consultants working for Coram may have access to your data where required for the maintenance of the relevant databases. Such access will be supervised and carried out under contract requiring compliance with the Coram Group’s privacy policies.

Back to top

6. Your rights

We take reasonable steps that are designed to keep your personal data accurate, complete and up-to-date for the purposes for which it is collected and used. We also have implemented measures that are designed to ensure that our processing of your personal data complies with this privacy notice and applicable law (e.g. the General Data Protection Regulation).

You have the right to request access to the personal data that we have collected about you for the purposes of reviewing, modifying or requesting deletion of the data. You also have the right to request a copy of the personal data we have collected about you.

If you would like to make a request to access, review, or correct the personal data we have collected about you, or to discuss how we process your personal data, please contact our Data Protection Manager. Coram will reply within one month of receipt of your request.

To help protect your privacy and security, we will take reasonable steps to verify your identity before granting you access to your personal data.

Back to top

7. How long will Coram keep your personal information?

We will hold your personal information on our systems for as long as is necessary for the relevant activity, and meet any legal or regulatory requirement. This is so that we can provide the services, products or information you have requested, to administer your relationship with us and to comply with the law. Financial information will generally be kept for a minimum of six years after the financial year containing the most recent transaction and maximum of ten years. After this time electronic records will be deleted and hard copy records will be destroyed unless there is a legal requirement to retain them.

Back to top

8. How will we secure your personal information?

We use a variety of data security measures intended to ensure the confidentiality, and integrity of your personal information, including the use of secure servers, firewalls, and encryption of application data.

Back to top

9. Changes to this privacy notice

If we modify this privacy notice, we will post the revised version online which can be accessed via our general Privacy Policy with an updated revision date. Please check back periodically, and especially before you provide any personally identifiable information.

Back to top

10. Complaints

Coram tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously and encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. You have the right to complain at any time to the Coram Data Protection Manager.

In the event of a conflict concerning the processing of your personal data, you have the right to lodge a complaint with the supervisory authority in the UK:

Information Commissioner’s Office

0303 123 1113
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5A

Back to top

11. How to contact Coram

For further information on how your information is used, how we maintain the security of your information, and your rights to access information we hold on you, please contact us:

• By email:
• Or write to us at: Data Protection Manager, Coram, Coram Community Campus, 41 Brunswick Square, London, WC1N 2AZ