Our commitment to privacy

This UK privacy policy (‘Privacy Policy’), effective as of 10/06/2020, sets out how The Sparkle Foundation (‘we’, ‘us’ or ‘our’ being interpreted accordingly) uses and protects the personal information about you that we collect or that you provide, whether through our UK website at https://sparklemalawi.org/ (‘Website’) or by other means. You should also check any user terms and conditions from time to time that generally apply to use of this Website.

Changes to our privacy policy

We may modify this Privacy Policy at any time so please check that you have seen the latest version. We will aim to post changes to the practices outlined in this Privacy Policy at least 30 days prior to them being implemented.

Personal information we collect

We collect personal information from you in various ways, for example:

The type of personal information we collect includes your name, email address, home (or work) address, phone number and other personal details which you may choose to provide. Any credit card or debit card data you provide is securely handled by our third party payment processor (or such other third party payment processor) as we use from time to time. We never store your credit or debit card details.

Such personal information is referred to in this Privacy Policy as ‘Personal Data.’

Use of personal data

We may use your Personal Data about you for the following purposes:

We may also contact you for other purposes that you consent to from time to time.

We may process or disclose your Personal Data for our legitimate interests or those of a third party (such as a transaction counterparty or a partner to a project) to:

We only rely on these interests where we have considered that, on balance, the legitimate interests are not overridden by your interests, fundamental rights or freedoms.

We may process or disclose your Personal Data where it is necessary for compliance with an applicable legal or regulatory obligation to which we are subject to:

We may process or disclose your Personal Data with your consent. If we rely on your consent to process personal data, you have the right to withdraw this consent at any time. Please contact us or send us an email at admin@sparklemalawi.org at any time if you wish to do so.

Legal obligations

We aim to collect and process your Personal Data in accordance with applicable laws that regulate data protection and privacy. This includes but is not limited to national laws implementing the EU Data Protection Directive (95/46/EC), which will be replaced on 25 May 2018 by the General Data Protection Regulation (2016/679).

Disclosing personal data to third parties

We never sell, trade or rent Personal Data. We do not disclose Personal Data to third parties without your consent unless we are legally required to do so or where we need assistance of third party data processors (acting under our instructions) who we may need to assist us to respond to your enquiry. We will take reasonable steps to ensure that Personal Data is only used by those third parties for specific, lawful purposes in accordance with this Privacy Policy.

International transfers

Personal Data that we collect will be processed by staff, volunteers and contractors who are based at our offices in the UK. However, given the international nature of our organisation, by providing us with Personal Data, you agree that we may share Personal Data with our offices in other parts of the world in accordance with this Privacy Policy.

We have also contracted with a third party platform provider, Salesforce.com, Inc (‘Salesforce’) to manage our customer relationship management (‘CRM’) database. This means that your Personal Data may be hosted by Salesforce who are signed up to the EU-US Privacy Shield Framework which means that they are committed to protecting personal data to standards that meet those applicable legal standards in the UK and EU. For more information about their respective privacy policies, please see:

You should be aware that, in general, legal protection for personal data under applicable law in the United States (and other non-EU countries) may not be equivalent to the protection provided in the European Union and/or under UK law. In all cases, Personal Data you provide will only be disclosed to staff, volunteers and contractors who share our commitment to treating Personal Data responsibly and we always aim to make sure your Personal Data is treated to the same security standards you would expect in the United Kingdom.

Your access rights

In accordance with your legal rights under applicable law, you can request to receive information regarding the Personal Data that we collect about you; what we use that Personal Data for and who it may be disclosed to. Please write to our UK data protection officer at the email address in the ‘Contact’ section below. Where applicable law allows, we may request a fee to cover our administrative expenses in responding and may also require further information to verify your identity or locate the specific information you seek before we can respond in full.

Security to protect personal data

We employ appropriate technical and organisational security measures to protect Personal Data from being accessed by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. We also endeavour to take all reasonable steps to protect Personal Data from external threats. However, please be aware that there are always inherent risks in sending information by public networks or using public computers and we cannot 100% guarantee the security of all data disclosed or transmitted to us.

Data retention

We will retain certain Personal Data in respect of financial transactions for at least as long as the law requires us to for tax or accounting purposes (which in the UK may be up to 6 years after a particular transaction). In respect of the holding of Personal Data for fundraising or direct marketing purposes, we will retain this data for a limited period in line with recommendations of the ICO and other competent regulatory authorities

Our cookie policy

By using this Website, you consent to us using ‘cookies’ and similar technologies that can track your activity. Cookies are small pieces of information sent by a web server to a web browser (e.g. Internet Explorer, Safari, Google Chrome or Firefox) on the computer or device you use to access this Website, which enables our server to collect information from your device browser.

Enabling some of these cookies is not strictly necessary for the Website to work but it should enable us to provide you with a better browsing experience. Cookies can be deleted or blocked through changing your web browser settings, however some features of the Website may not work as intended and you may not be able to access parts of the Website. The cookie-related information will not be used for personal identification of individuals and data relating to usage patterns on our Website is kept under our control. These cookies will used for the following purposes:

Please note that when accessing the web and clicking on third party links that may be provided when using our site, those third parties (including, for example, providers of external services that are relevant the Services we offer) may also use cookies on their websites, over which we have no control.

Our Website also makes use of Google Analytics and similar or related analytic products to store information that you send to the server when using the Website. This data includes IP address, pages accessed, and documents uploaded, modified or deleted. For more information about Google Analytics and its privacy practices, please see: https://support.google.com/analytics/topic/2919631?hl=en&ref_topic=1008008.

Third party platforms

This Website will link to third party websites that operate outside our control. For example, if you are a UK resident and wish to make a donation to us, we will direct you to a third party platform which is also subject to its own terms. See also the above section headed ‘International Transfers’ regarding international data processors that we use. We will ensure that your Personal Data is processed by those parties we appoint as data processors in accordance with your reasonable expectations and only as set out in this Privacy Policy. If you access any other third party website using the links provided on this Website, the operators of those websites may collect personal data about you under their own privacy policies, so you should check the terms of any applicable privacy policy when you visit such third party website.

We implement Google’s Invisible reCAPTCHA to protect our site from spam and abuse. Use of this service is subject to Google’s privacy policy and terms.


If you have further queries or requests relating to how we use Personal Data please contact our UK data protection officer at admin@sparklemalawi.org. If you are not satisfied with our response or believe we are processing your Personal Data not in accordance with applicable law you can complain to the Information Commissioner’s Office (available at: https://ico.org.uk/global/contact-us/).

Governing law

This Privacy Policy is subject to English law. To the maximum extent legally permitted, you agree that any dispute relating to use of your Personal Data as referred to under this Privacy Policy is subject to the exclusive jurisdiction of the courts of England and Wales.

Subscribe to our monthly newsletter and stay up to date with all news and events