We collect and process personal data from:

• Participants – name, address, date of birth, contact details, gender, ethnicity, additional needs, etc. to manage your participation, record achievements, and notify you of events and other benefits.
• Parents / Carers – name, email address, etc., provided by participants on an optional basis.
• Adults who help to deliver the Award – name, address, email address, contact number, gender, ethnicity, primary language, etc. to manage young people’s participation in the Award.
• Supporters and donors – name, contact details to notify you of opportunities to support us.
• General enquirer – name, contact details to answer general and non-operational queries.

We may request personal data in line with the uptake of service you are requesting. Information requested will be restricted to only what we need from individuals to fulfil our legal, contractual, and safeguarding obligations. Our lawful basis for processing personal data would be either consent or contract [UK GDPR Article 6(1)(a), (b)] when handling data in line with your participation in the DofE, and the associated administration duties.

There may be instances where we may use other lawful bases [under UK GDPR Article 6(1)] for processing your data. An assessment would usually be conducted, and outcome recorded, along with the appropriate notification to the data subject at the point of data collection of the lawful basis relied upon.

Data collected through our eDofE platform/system is shared with the relevant DofE Licensed Organisation or DofE centre, as a necessity to enable young people to complete their DofE programme and achieve their Award and for DofE Leaders to manage programmes effectively. Participant personal information is never shared with other participants.

We may pass your information to our trusted third-party service providers and other associated organisations who are authorised to work on our behalf, e.g., for processing donations. We disclose only the personal information that is necessary to deliver the service. In circumstances related to purchases of merchandise, we will send your data to our fulfilment house. We have a written agreement with the fulfilment house that all data is destroyed after use.

We do not store credit/debit card details and we only share customer card details with companies involved in processing your donations/purchases on our behalf.

Access to all other stored data will be managed by our Role Based Access Control (RBAC) process.

The DofE will not provide any information collected that personally identifies you to any other company or organisation, other than those noted above, unless it is required to do so by law, a Court Order by Government or law enforcement authority, or as described in this Privacy Statement.

Programme delivery

We keep records of your activity on eDofE to help us understand how you use the system so that we can make it a more effective tool for you. If you provide information on ethnicity, gender, disability and wellbeing it will be collected and used anonymously for statistical purposes by the DofE to ensure we are making the DofE accessible, and that programmes have a positive impact on those taking part. If the email address of the Parents/Carers of our participants is provided, they may choose to be kept up to date with information to help them support their young person to complete their DofE programme.

All programme emails and information are considered administrations under contract for all participants undertaking their DofE programmes and for all adults involved in delivering the programmes. They contain vital updates and essential programme information, so all participants, and the adults involved in delivering their programme, will receive those as appropriate.

We may also send information about changes to eDofE and other programme-related services from time to time.
We may also ask for you to opt-in to other communications that are not programme related, which you can opt out of at any time by visiting DofE.org/preferences or using the ‘unsubscribe and manage preferences’ link at the bottom of any marketing email sent by us.

DofE offers

We have a range of specially negotiated offers from the DofE and our partners to tell you about, which provide an income to the charity – including branded merchandise, free prize draws, privilege discounts and recommended expedition kit information.

The above offers are sent by e-mail and are not mandatory and you will need to opt in to receive them. You can opt out at any time by visiting DofE.org/preferences or using the ‘unsubscribe and manage preferences’ link at the bottom of any marketing email sent by us.

In certain circumstances, your identifiable personal information will be passed onto third parties to fulfil our obligation to you, e.g., a mailing company to dispatch your Welcome Pack. In some circumstances unidentifiable personal information may be sent to an approved DofE supplier to enable a discount / benefit to be provided to you. An example of this is using number of participants by age range to develop age-appropriate partner discounts. Please see the section on ‘Who has access to your information’ above regarding how third parties use this information for more detail on this.

Fundraising opportunities

When you make a donation to DofE, we will ask you to provide certain information so that we can process your donation, claim Gift Aid (if you choose to donate in this manner) and where appropriate, add you to relevant communication recipient lists so we can inform you of the impact of your gift and potentially, request further support. We rely on your consent to claim Gift Aid and for future contact.

If you sign-up to participate in one of our fundraising events, we will ask you to provide certain information so that we can confirm your place and send you information about the event. To ensure the wellbeing of all participants, we may also ask you for some health or wellbeing information, for example whether you have particular dietary or access requirements. When you pay to enter an event, we may work with payment processors who process your payment on our behalf. We never store your payment details, although we will receive certain information from the payment processors to allow us to identify your transaction. If a third party is organising the event, then we will share your details with that third party for the purpose of administering the event, but the terms of use and security of personal data is included in all contracts we enter into with any third party with whom data needs to be shared.

DofE is registered with the Fundraising Regulator (England, Wales, and Northern Ireland) and the Scottish Fundraising Standards Panel (Scotland). When conducting its fundraising activity, DofE strictly adheres the Fundraising Regulator’s code of fundraising practice and all other relevant legislation.

Profiling

On occasions, through monitoring of your interest in our range of products and services, we may create a profile of your preferences so that any contact we have with you is appropriate, relevant and timely. We may make use of additional information about you when it is available from external sources to help us to do this effectively. This activity is done to understand our audiences and supporters and helps us to limit our communications only to those who are interested in our cause and have the desire to support us.

Remarketing

The DofE may pass on your personal information to online advertising tools, including Facebook Custom audiences, Google AdWords Match and Google Analytics to carry out ‘remarketing activities’ – this is so that if you have visited our website, we can direct you back to it through ads shown on sites across the internet by third-party vendors, including Google and Facebook. These third-party vendors may use cookies based on your past visits to our website to perform this service. You can opt out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative’s opt-out page.

The DofE only keeps data for as long as it is needed for the purpose for which it was collected. We comply with the UK legislative requirement to set a data retention schedule governing all personal data we collect and process, ensuring data which is no longer required is disposed of securely as defined under the ISO27001 ISMS requirements, accredited by the British Standards Institute (IS 566019).

As defined under the UK GDPR, individuals (as Data Subjects) have the below rights (subject to exemptions and restrictions in certain circumstances):

• Your right of access – you have the right to ask us for copies of your personal information.
• Your right to rectification – you have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
• Your right to erasure – you have the right to ask us to erase your personal information.
• Your right to restriction of processing – you have the right to ask us to restrict the processing of your personal information.
• Your right to object to processing – you have the right to object to the processing of your personal information.
• Your right to data portability – you have the right to ask that we transfer the personal information you gave us to another organisation, or to you.

Should you wish to enquire or exercise any of the above rights please contact us for more details:

Head Office: The Duke of Edinburgh’s Award, 9 Greyfriars Road, Reading, Berkshire RG1 1NU

Email address: [email protected]

Cookies are small files sent to a device when visiting a webpage that the website can retrieve at a later time. Cookies are used for various reasons:

• Functional – it recognises the browser and operating system and presents the page best suited to the system configuration.
• Noting your activity – e.g., a shopping cart in case the connection is lost, when the basket content is retained for a set time.
• Analytical cookies – gives the site owner stats on visitor numbers and pages visited, etc.
• Marketing cookies – captures visitor behaviour and browsing pattern to effectively tailor promotional material (e.g., if you visited a car buying site, you may see related ads in your social media session later).

Cookie acceptance is optional (with certain exceptions where these are to manage the delivery of the page). You should be presented with the selection upon landing on our web page, unless the setting has already been configured from a previous visit.

You can modify your browser setting to decline all cookies, but this may impact the functionality or intended page experience. If you wish to update your browser settings, please refer to the browser’s help file.

In some of our email messages we use a ‘click-through URL’ linked to content. When a customer clicks one of these URLs, they pass through our web server before arriving at the destination web page. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our communications. If you prefer not to be tracked simply avoid clicking text or graphic links in our emails.

The Duke of Edinburgh’s Award does not guarantee the accuracy, and disclaims any liability to, any third party anywhere in the world for any injury, damage, loss, or inconvenience arising as a consequence of any use of, or the inability to use, any information on the DofE’s website and other communications to the fullest extent permitted at law.

The DofE’s online services provide links to various websites that we do not control as well as to websites of our partners and supporters. If you visit a website that is linked to our site, you should consult that site’s privacy statement before providing any personal information. This Privacy Statement applies solely to the information gathered by the DofE.

Assessor’s report

When an Assessor enters an email address into our Assessor’s Portal to submit an Assessor’s report for a DofE participant, it is stored on our secure database servers and only shared with that participant’s Leaders so that they can contact the Assessor if they have any queries. It is not used for any other purpose. We do not share it with the participant nor any third party.

The DofE app (eDofE)

In order to help participants achieve their Award, the DofE provides an app called eDofE (iOS and Android). eDofE offers the user calendar, camera and photo integration and notifications features; these features help with uploading photographic evidence of completing activities, managing time and messaging Leaders. The app user has complete control of enabling and disabling its functionality on their device(s). The DofE has no access to data stored on the user’s device(s). The only app data which the charity has access to is either programme related or provided with consent. The app user needs to submit data and any supporting evidence (photos or text) as part of their programme.

We may need to update or modify this Privacy Statement at any time, and modifications are effective upon being posted on the DofE websites and in eDofE. You are responsible for reviewing this Privacy Statement periodically to ensure that you are aware of any changes to it. The last review and update was September 2024.

If you have any concerns about our use of your personal information, you can make a complaint to us at:

Head Office: The Duke of Edinburgh’s Award, 9 Greyfriars Road, Reading, Berkshire RG1 1NU

Email address: [email protected]

You can also complain to the Information Commissioner’s Officer – ICO if you are unhappy with how we have used your data:

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

Helpline number: 0303 123 1113