Privacy Notice

Agapé Ministries Ltd (or simply Agapé UK) is dependent on our supporters, whether financial, prayer, or volunteering, to fulfil our vision, namely: giving people the tools and resources they need to discover Jesus together.

Agapé UK is committed to protecting your privacy. We want you to know that the information you share with us will be treated with care. We also want to be honest and clear about your privacy and personal information at all times. We are publishing this Privacy Notice to let you know how we collect, process, use, and share your personal information. It also tells you how you can exercise your rights.

We will regularly update this Privacy Notice and we as we do so will inform data subjects of the changes to your privacy and how your personal data is processed. If you have any questions about this policy, please contact Agapé UK at dataprotection@agape.org.uk.

Please click on the section headings to display more information.

It’s important that you read this each section of this Privacy Notice in full. It has been constructed into categories that you may click if you wish to find specific information. But to help guide you if you don’t have time right now, here is a (very) quick summary:

  • Agapé ‘UK is a registered charity.
  • Where we use the terms “we,” “us,” or “our,” we refer to Agapé UK
  • We collect information that can be personal data, sensitive personal data or non-personal data.
  • We collect information about the people who engage with our ministries, our supporters, funders, volunteers, and others.
  • We only collect the information that we need or that helps us to provide the best possible service and fulfil our charitable aims and objectives.
  • We do our utmost to keep personal information secure, including SSL technology (secure server software) on our websites and storing data on a secure database.
  • We never share your data with another company or charity for their marketing or commercial purposes.
  • We only share data where we are required by law or with carefully selected suppliers and trusted partners who do work for us, for example, a mailing house to send out our magazine. All our partners are required by their contract with us to treat your data as carefully as we do, to only use it as instructed and to allow us to check they do this.
  • Our websites use different type of cookies so that we can give you a personalised website experience.

Agapé UK is a registered charity no. 258421 (England and Wales) and SC042332 (Scotland). Agapé UK is a company limited by guarantee under registration number 00949989. Our registered address is 167 Newhall Street, Birmingham, B3 1SW.

When we use the terms ‘we,’ ‘us,’ or ‘our,’ we refer to all of Agapé UK and its various ministry teams. When we use the term ‘staff’ this includes all those who are employed full-time, part-time, who are Associate or Emeritus staff, are interns, and volunteers acting on behalf of Agapé UK.

Agapé UK is registered with the Information Commissioner’s Office (ICO) as a data controller, with the registration number ZA161402. Agapé UK abides by the Fundraising Regulator’s Code of Fundraising Practice. Agapé UK is part of the global organisation Campus Crusade for Christ International.

For further information about our privacy notice and data protection, or if you have any questions about the way we use your personal information, you may contact:

  • By Post: 167 Newhall Street, Birmingham, B3 1SW.
  • By Email: dataprotection@agape.org.uk
  • By phone: 0121 765 4404

Personal data is information that can be used to identify a living individual, such as name, address, phone number, or email address. This may be collected directly or indirectly (when combined with other identifiers). Some categories of data are more sensitive, known as special category data, including religious information.

In line with the principles defined in the GDPR, Agapé UK will ensure that personal data is:

  • Obtained fairly and lawfully and shall not be processed unless certain conditions are met.
  • Obtained for a specific and lawful purpose.
  • Adequate, relevant, but not excessive.
  • Accurate and be kept up to date to the best of our ability.
  • Not held longer than necessary.
  • Processed in accordance with the rights of the data subjects (those about whom information is stored).
  • Subject to appropriate and effective security measures.
  • Not transferred outside the European Economic Area (EEA) unless explicitly stated.

We will only ever collect the information we need – including data to help improve our services – or which you agree we can collect. At each point of data collection, you will be informed of the purpose(s) for which your personal data will be processed.

In addition to the information you give us directly, we collect information in the following ways:

When you interact with our website or other Digital Tools

Our websites use cookies to track activities (for more information, see ‘Section 11: Cookies’). We also track usage of mobile apps through analytics. When you visit our websites, we collect general information which might include which pages you visit most often, and which services, events or information is of most interest to you. We may also track which pages you visit when you click on links in emails from us. We use this information to personalise the way our website is presented when you visit to make improvements and to ensure we provide the best service and experience for you. Wherever possible we use anonymous information which does not identify individual visitors to our website.

From Third parties:

We may receive information about you from third parties if you have given them permission to share this information, indicating that you wish to support Agapé UK, for example, if you set up a fundraising page for us with JustGiving or order products through Amazon Smile. In any references we receive for applicants for our Global Projects or careers with Agapé UK we may receive additional personal information, e.g. your religious views.

If you have been named as the Executor on a Will, we may receive your details in order to administer a Gift left to us in that Will.

From Partners or suppliers (Processors) working on our behalf:

This could be if you access a specific tool or service which is delivered through a trusted organisation working on our behalf and always under our instruction.

From Publicly available sources:

In order to provide you with timely and relevant communications and use our resources effectively, we may use profiling techniques to collect information about you from publicly available sources, which may include geographic, demographic or other information relating to you to better understand your interests and preferences. This information is compiled by our employees using publicly available data or information that you have already provided to us. Publicly available information may include information found in places such as Companies House, the Charity Commission, LinkedIn, listed Directorships, typical earnings in a given area or published in the media. By doing this it allows us to understand the background of the people who support us and helps us to make the right requests. Importantly, it helps us to raise more funds, sooner, and more cost-effectively, than we otherwise would.


A detailed list of the personal information we process, along with the purposes that we process it for, can be found in the table in Section 6: ‘How do we use your personal data?’

We collect three kinds of information:

1. Non-personal information / anonymised data

This helps us to understand how many people use our websites, how many people visit on a regular basis and how popular/useful our web pages are. These can be obtained, for example, from pages that you may have accessed and from files that you may have downloaded. This information doesn’t tell us anything about who you are or where you live.

2. Personal information

We will ask you for certain information in order to provide you with the services requested, for example to send you news and prayer communications, or process your donation.

3. Special Category information

Depending on the event or project, we may ask for information about your religion, beliefs, personal circumstances, or health, for example, so that we can provide you with communications, resources, and relevant information that can equip and support you appropriately. We may also ask for health information and passport information to ensure your safe participation in an event or project. You may also choose to disclose with us your personal circumstances.

Children under 16

If a child under the age of 16 attempts to register with one of our Digital Tools, purchase products or materials, or participate in an activity requiring the submittal of personally identifiable information, a parent or guardian must give permission and consent for that child to provide information and register. The only personal information we collect from a child is information that is necessary for the child to participate in activities, such as an address for making a purchase. Parents have the right to request at any time that the information collected about their child is removed from our database. We do not collect personal information from children under the age of 13 beyond what is necessary for them to participate in our online or other activities, such as registering for a conference or downloading materials. If we discover that we have accidentally collected personal information from a child below the age of 13, we will delete it from our records as soon as reasonably possible.


We want to make sure you receive the communications that are most relevant to you and we want to make sure you receive the best attention when you book on an event, make a donation, or purchase resources.

There are a number of lawful reasons for us to process your personal information that we rely on. One of these lawful reasons is called ‘legitimate interests’. This means that the reason that we are processing information is because there is a legitimate interest for Agapé UK to do so. Whenever we process your personal information under the ‘legitimate interest’ lawful basis we make sure that we consider your rights and interests and will not process your personal information or justify it as so if we feel that there is an imbalance or infringement to your rights.

You always have the option to opt-out of receiving marketing communications, including those we send via post via our legitimate interest. You can update your choices or stop us sending you these communications at any time by contacting us using the information provided in Section 2: ‘Who we are.’

We may also use your personal information when it is needed to provide you with goods or services (for example, because you have placed an order on our website), or to process donations or to comply with our legal obligations.

We set out below a table where we describe each of the ways in which we use your personal information, the types of personal information that we use and the lawful basis that applies to that use. Where the lawful basis is “legitimate interest” we also set out some further details.

Purpose of use
Types
of Personal Data involved
Lawful
Basis
Legitimate
Interest (if applicable)
To send you Agapé UK central
news and prayer updates via email; via post.

Name, contact details

Consent for all electronic marketing.

Postal comms by legitimate
interest.

To keep you informed of our
ministry; to send you ministry information and resources which we believe you will be interested in.

To send you a staff member(s) or specific ministry team’s news and prayer updates via email; via post.

Name, contact details

Consent for all electronic
marketing. Postal comms by legitimate interest.

To keep you informed of our
ministry; to send you ministry information and resources which we believe you will be interested in.

To keep you up to date with the impact of your support and to ask for financial and non-financial support.

Name, contact details

Consent for all electronic
marketing. Postal comms by legitimate interest.

To keep you informed of our ministry;
to send you ministry information and resources which we believe you will be
interested in. Legitimate interest applies to posting our Annual Review to
donors.

To keep an accurate record of
your relationship with us; to keep your marketing preferences up to date
Name, title,
contact details, religious information, marketing/ communication data;
requests and preferences.
Legitimate
Interests
To manage accurate participation in our ministry and contact management across the ministry, including how you’ve supported us or have been supported by us in the past.
Can include opt-out/do not contact lists.For the processing of Religious information – Additionally see GDPR Article 9 section
2e.
To invite you, or to allow you to register, to meet up for a 1-1 or group spiritual follow up or relationship building meeting/ gathering.

Name, title, address, contact
details, religious information.

Consent

To communicate ahead of the event and to follow up with you after the event.

Name, title, address, contact
details, religious information.

Legitimate interests.

Communication with you regarding this meeting and in any relationship that you wish to form thereafter.

For the processing of Religious information – Additionally see GDPR Article 9 section 2e.

To create and tailor discipleship content/ plans to suit your personal needs within an agreed relationship. Name,
religious information

Consent, Legitimate interest

To provide spiritual guidance and support; to allow us to pray for you; to provide you with resources and
activities that will help you grow spiritually.

For the processing of Religious information – Additionally see GDPR Article 9 section 2e.

To apply for or participate in projects or events; participate in a short or long-term mission opportunity with us; to apply or participate as a volunteer.

To communicate with you ahead of the event or project and follow up with you after the event.

Name, nationality, contact
details, passport information, religious information, university information
(student projects)

Contractual obligation for
ticketed or paid/ support-discovered project.

Legitimate interest

Communication with you regarding this event or project beforehand and  following up with you after.

For the processing of Religious information – Additionally see GDPR Article 9 section 2e.

Third party provision and communication with trusted partners to ensure your safety, the
safe set up and running of an event or project. This may be sent
internationally.
Name, contact
details, numbers, passport information (global projects), health information
Legitimate
Interests
We communicate with trusted partners as a necessary step to keep our events safe (e.g. travel and health insurance, DBS checks).
Using feedback to evaluate our progress and performance in line with our ministry goals; to improve services and make any necessary changes. Name, contact
details, marketing requests and preferences.
Legitimate
Interests
To make sure that our services, events, products and information are relevant to you and are the very best they can be.
Archiving for statistical purposes Name, event
attendance, contact details, marketing preferences
Legitimate interest To map trends and evaluate our
ministry so that we may refine our day-to-day ministry, fundraising and
marketing campaigns, and tailor our events better.
To use your photo and story for a specific event or project’s publicity; for a ministry’s or our organisation’s publicity more generally.

Imagery (photo and/or video),
name, location information, story or bio (if it contains data you provide)

Consent

To use your photo for further a ministry’s general publicity.

Imagery (photo and/or video),
name

Consent

To tell you about or to invite you to a recruitment opportunity or meeting.

Name, contact details,
religious information.

Consent,

Legitimate interest.

We may contact you if you level
of relationship with us would naturally lead to an opportunity for recruitment
that we feel would benefit you.

To hold referee information for project applicant.

Name, contact details,
relationship to applicant.

Legitimate interest

That we may appropriately
evaluate the candidacy of an applicant.

Process your shop orders, products, and sales; to deliver them to you.

Name, contact details.

(Sales made over the phone
require bank details, but these are immediately erased once the sale is
complete)

Contractual obligation

Taking donations, including claiming gifts (e.g. Amazon Smile)

Name, contact details, account
or card details.

(Donations made over the phone
require card details, but these are immediately erased once the sale is
complete)

Legitimate interest

To securely receive your donation toward our charitable aims.
To claim Gift Aid on your donation and submit to HMRC. Name, contact
details, tax paying status

Legal Obligation

Recording Gift Aid declaration Name, contact
details, tax paying status

Consent

Administering legacy pledges and gifts left to us in a Will. Name, contact
details, family member details.

Legitimate interest

To securely and sensitively receive the donation toward our charitable aims.

To provide technical support, administration, and digital tool or website assistance; to monitor the performance and security of our websites.

Name, account information,
contact details, cookie information, requests and preferences.

Consent for cookies, legitimate
interests

To improve your digital tools and website experience; to show information more relevant for you; to help with account matters.

Recording and storage of CCTV imagery

Imagery

Legitimate interests

For the purposes of crime
prevention of public safety; protection of our staff and premises.


Generally, we will not disclose or share your personal information with anyone outside our organisation without your permission. However, we may need to use or share your information with trusted partners and agents who enable us to conduct our charitable  objectives and ministry legally, safely, and effectively, and to provide goods and services to you on our behalf. We will need to share your information if we are required to by law, i.e. with the police or a financial or regulatory body. Some of these services may be processed overseas, outside the European Economic Area.

Where applicable, we share information about you with:

  • Other parts of Agapé UK (including Agapé and CCCI offices around the world, e.g. Cru, Agapé Europe, etc.);
  • Public or regulatory or financial authorities;
  • Companies that perform health and safety services for, or on behalf of, Agapé UK (e.g. child safety checks, travel insurance etc.);
  • Partners and suppliers that deliver the tools, resources, products, and services you’ve ordered from us;
  • Third party cloud service providers for the hosting of apps and sites (e.g. Microsoft)
  • Direct marketing and email marketing service providers (e.g. Mailchimp);
  • Companies that assist us in collecting and processing your donations effectively (e.g. PayPal).

In cases of transfers outside the EEA, we will only transfer your personal information with adequate safeguards in place, in full compliance with applicable laws. For example, we will only transfer your personal information to countries that have been deemed to provide an adequate level of protection as reported in the adequacy findings of the in the Official Journal of the European Union (OJEU) or where there are appropriate safeguards (e.g. EU-US Privacy Shield), enforceable data subject rights, and legal remedies. We have established standard contractual clauses with processors acting in partnership with us or under our instructions to ensure they protect your information and to enforce legal transfers of data, internationally. If you participate in a Global Project that requires a visa or other immigration document, information such as your biometrics and passport information may be collected by that country’s authorities.

Being a prayer and/or a financial supporter means that your data will be stored in a system called MPDX. MPDX is owned and managed by Cru, the US organisation of Campus Crusade for Christ International, the global organisation of which Agapé UK is a part. MPDX is hosted in the US.

Cru’s MPDX privacy notice is here: https://get.mpdx.org/privacy-policy/. None of the information in MPDX will be used by Cru for marketing purposes but may be processed for statistical purposes.

Donations made via our website retain information within Cru’s WordPress network, hosted in the US. Personal data obtained through making online donations will only be accessed by Agapé UK’s website and finance teams. At all times, Agapé UK remains legally responsible for your data. We take steps to safeguard your information and we have contractual provisions requiring all third-party service providers to respect the security of your personal data and to treat it in accordance with our data protection policies and all applicable laws. We never share your data with any third parties for their own purposes. We will not allow any third party, including service providers and other charities, to use your personal information for their own marketing or commercial purposes and they will only be allowed to process your personal information in accordance with our instructions.


Agapé UK’s policy regarding sharing of your personal information with third parties is as follows:

  • We share only the information they need to perform their specific services.
  • They may only use your data for the exact purposes we specify in our agreement with them.
  • Your privacy is respected and protected at all times.
  • If we stop using their services, any of your data held by them will either be deleted or anonymised.

Our websites may contain links to other sites or digital tools that are run by third parties such as other organisations, sponsors, content providers, social media providers, and advertisers. Once you’ve clicked on a link or button activator for an outside website, you will leave the site and be taken to sites that we do not control, and our privacy notice no longer applies on those sites.

You must read the privacy policy of the third-party website concerning how personal information will be used. We also provide content created by third parties on some of our digital tools. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the privacy practices or the content of such content providers or third-party sites. Please be aware that advertisers or websites that have links on our site may collect personally identifiable information about you.


Information will only be kept as long as necessary for the purposes for which you provided it. A reminder of these purposes can be found in the table ‘Section 6: How do we use your Personal Information’? Data collection will be minimised to ensure we only keep what information is necessary for that purpose and time necessary, e.g. to meet any statutory, legal, financial, or reporting requirements. For example, tax records and donations with Gift Aid will need to be kept for 6 years from the date of the last donation. If you request that we stop processing your information, upon verification of the request, we may not be able to comply if these statutory or legal requirements prevent us from doing so.

We have retention policies for every personal data set and purpose for collection.

When your information is no longer required for the purposes of collection and use, we will ensure that it is disposed of securely. We may archive, anonymise, or pseudonymise information needed for further statistical or archiving purposes (e.g. mapping trends in event attendance, marking the effectiveness of marketing or fundraising campaigns). If we do so, we will ensure that your data will not be used for any further purposes and will ensure your privacy continues to be protected. Your data subject rights apply fully to archived data.


We take looking after your information very seriously. We have put in place appropriate security measures to protect your personal information from being accidentally lost, altered, disclosed or misused, or accessed in an unauthorised way. These include technical, administrative, and physical security measures to ensure that any information we collect is stored and processed securely.

For example, for Digital Tools that require personal or sensitive data to be collected or displayed, a Secured Socket Layer (SSL) connection is required, to ensure that the data is encrypted as it is transferred to the browser. All credit card payments are processed using Payment Card Industry (PCI) compliant technology to ensure that your credit card number is securely passed to the merchant/service provider. We do not store your credit card details.

Agapé holds its data on a secure database which is hosted in the UK. Access to this system is limited and there is restricted access to data based on a person’s role in the organisation.

Our third-party suppliers store data in the EU, with the following exceptions:

  • Our online supporter management software, MPDX, is hosted by Cru, who store data in USA.
  • Agapé’s digital files are stored on a server hosted by Microsoft at a data centre. Access to this data centre is restricted.

All our current partners or suppliers adhere to the EU-US Privacy Shield – you can find out more https://www.privacyshield.gov/welcome.

Paper records of personal data is used minimally; storage of paper records is securely within locked cabinets or safes.

Unfortunately, the transmission of information using the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee that the security measures we implement in connection with the operation of the site will absolutely prevent others from accessing or acquiring any information that you provide while using the site. You can help us protect your personal information by properly protecting your password and remembering to sign out of your account and close your browser window when you finish visiting our site, especially if you are on a shared or public computer.

We have procedures to deal with any suspected personal data breach and we will promptly notify you and any applicable regulator of a breach in accordance with our legal obligations.


Our websites contain different types of cookies that keep track of website activities, save your password, or deliver content specific to your interests. A cookie is a small data file that certain websites write to your hard drive when you visit them. A cookie file can contain unique identifies you and your devices. You can find out more about cookies at: www.allaboutcookies.org.

You must consent to cookies on our websites in order to get the best user experience. If you choose to decline cookies, you may not be able to fully experience certain interactive features of the site or access all the services provided through our sites.

We use the categorisation set out by the International Chamber of Commerce (ICC) in their UK Cookie Guide. We use the following categories of cookies:

  • Strictly necessary cookies are essential for you to move around our website and to use its features, like our shopping basket, and your account.
  • Performance cookies collect anonymous information about how you use our site, like which pages are visited most.
  • Functionality cookies collect anonymous information that remember choices you make to improve your experience, like your text size or location. They may also be used to provide services you have asked for such as watching a video or commenting on a blog.
  • Targeting or advertising cookies collect information about your browsing habits to make advertising relevant to you and your interests. As such if you visit the Agapé website you may then be more likely to see adverts about Agapé’s work on other websites as your browsing suggests that this is an area of interest.
  • Social media cookies are set by a range of social media services to enable you to share content with your friends and networks and are capable of building up a profile of your interests. If you don’t allow these cookies you may not be able to use or see these sharing tools.
  • To view our cookies and to manage your consent preferences, click here:

    Cookie Settings


You may also wish to read Toucan Together’s Terms and Conditions.

1. What information do we collect about you?

We collect information as and when you provide it to us through your usage of the Toucan app and if send it to us directly. This information covers several categories of data as outlined below:

Account, Profile and Relationship Information.
When you sign up for an account or edit your account details, we collect your name and email address and encrypt your password. You then have the option to provide further information to build your profile, such as Date of Birth, your Relationship Status and Gender. If you connect with your partner, we will store their name and email address in your account for your personal reference.

Content, Answers, Bookmarks and Action Points.
As you engage with Toucan we collect and store content you submit and enter as answers, bookmarks or action points. This will include any personal information you choose to provide. We do not access, publish or sell your personal information.

Information you provide via technical support.
If you contact us for support on any other enquiry, we will collect information about you on anything you provide in order to service that request and provide the support needed.

Donations.
Toucan is a free to use tool and does not rely on advertising. If you make a donation towards Toucan, we will collect contact information regarding your donation. We do not collect or store your credit card information, however, this is securely encrypted and held by our payment provider, Stripe.

Automated data collection and statistics. As you engage with Toucan, we collect various data points and metrics that enable the app to function, such as the last module you accessed or exercise you were on. Additionally, we use your chosen interactions in the app to build your dashboard and measure your Relationship Fuel and track Relationship Health benefits.

Anonymised data and analytics.

To help us learn how to make Toucan a better experience for you and all other users, we used fully anonymised data to understand how people use the app and what they engage with. This will include frequency of logins, amount of content accessed, time spent in the app, relationship health values and relationship fuel levels. This anonymised data, therefore, does not include any personally identifiable information, such as names or email addresses.

Cookies and other Tracking Tools.

In order to provide functionality and recognise you across different devices and track our app performance we use tracking tools, including Cookies and Pixels. You can opt out of these tracking technologies through your browser settings and stop your browser from accepting cookies. This may limit your experience or ability to use Toucan fully.

2. How do we use the information we collect?

We use your information in the following ways:

Providing you with the Toucan functionality.
The information you provide on sign up, add to your profile and submit as you go through modules and content is stored and used to provide the functionality of Toucan. Information submitted during exercises, bookmarks and action points is for your own convenience and ability to engage with Toucan.

Your partner information is collected in order to connect you together and provide key functionality to track each users progress and help you stay on track together within the app.

Your overall activity (logins, bookmarks, action points, progress) is used to generate your Relationship Fuel and your answers to the first exercise of each module are used to calculate your Relationship Health score.

System messages and helping you stay on track.
We use your login, partner status and content frequency to send automated system messages that help you stay on track, remember to do something or check if you are still interested in Toucan. You may choose to opt out of these messages at any time from your profile.

Marketing and announcements.
Toucan is growing and developing all the time. If you have consented, we use your information to send you appropriate news and announcements about the Toucan app, Toucan promotions or Toucan events. This may include news about, for example, a new module or new features.

Promotion of Toucan.
We may use anonymised statistical data, such as Relationship Health values, in the marketing and promotion of Toucan.

Providing technical Support.
If you have requested technical support, we will use your information to provide that support and help.

Learning and future development.
We are constantly looking for ways to improve Toucan. We will use anonymised analytical data to understand how users are engaging and using the app. For example, we might use this data to analyse age groups and gender of Toucan users viewing certain content, which could help us develop other relevant content and / or functionality. If you have given feedback, we may use that information to inform decisions and make future improvements.

3. How we share information we collect?

We want to protect your privacy at all times. Occasionally it may be necessary to share some of your information. Outlined below are the few exceptions where we may share your information.

With your partner.
Toucan is designed to be used by couples, together. Therefore, the design of the app is such that it is helpful to know who you are connected with and some basic information about their app usage. We share your name, email, last login and current progress with your partner.

With organisation partners.
Toucan is developed by Family Life, which is part of Agape Ministries Ltd. We have sister organisations in other countries who work closely with us. We share anonymised statistical data with these partners to help advance and promote the Toucan app.

With service providers.

Toucan was developed in collaboration with third-party service providers for design, coding, videography, and marketing. From time to time it may be necessary to share limited information with these partners in order to improve the app. For example, a support ticket may require account details in order to trace the route of a bug or issue you are experiencing. Additionally, we use third party services, such as MailChimp, to help process your information and send out emails using help desk services to help process your support requests.

Legal Obligation.
We may be compelled to disclose personal information, either for statutory compliance, legal order, or to protect the legal rights of Family Life.

4. How we store and secure information we collect

We use secure servers located in London, UK, configured to protect the information and data stored there.

If your account becomes inactive and we detect you haven’t used the app for a significant period of time we will contact you to see if you still want your account.

You can request your account deletion at any time, from the options available in your profile screen.

5. How long we keep your information

We retain your information for as long as you maintain your account on Toucan, we do this under Legitimate Interest, so that you may track your progress and relationship growth and easily continue to engage in future content.

If you request to delete your account and you have a connected partner, we maintain your data for 14 days and then delete it fully. If you do not have a partner your data is deleted immediately. See Deleting your account, below for further information.

If your account becomes inactive and we detect you haven’t used the app for a significant period of time, we will contact you to see if you still want to retain your account.

6. How to access and control your information

Information and data submitted to Toucan is yours. You can login anytime and change or update information and preferences we hold about you.

Request a copy of your information.

Under GDPR regulations you may request a copy of all the information we hold about you. If you wish to exercise any of these rights or make a complaint, you can do so by contacting using the information provided in Section 2 of the Agapé UK Privacy Notice: “Who we are.”

Deleting your account.

You may request for your account to be deleted. Due to the nature of the app being designed specifically for couples to connect their accounts and functionality of the app being dependant on that, we will send a notification to your partner if you request your account to be deleted. This does not affect your right to deletion but is provided as a courtesy to your partner because their usage of the app will immediately become limited when your account is deleted. If you do not have a partner at the time of requesting deletion, this issue does not apply.

When your data is deleted, we remove all personally identifying information (Name, Email, Partner, Partner Email, Notes, Bookmarks and Action Points) and retain anonymised statistical data for future learning and analysis. Once you delete your account there is no way to recover it and no way for anyone to trace the remaining statistics back to you. We advise you make your own copy of any information you may wish to keep before deleting your account.

7. Children under 16

Toucan is an app design for couples in a mature relationship. The app is therefore not aimed at or marketed to under 16s and we do not knowingly collect information of people under 16 years of age.

8. Data Contact

Toucan has been developed by FamilyLife, part of Agape Ministries Ltd. The Data Controller is Agape Ministries Ltd. This Toucan privacy information is specific to the Toucan App only. In addition, you are covered by the rest of the Agapé UK Privacy Notice, which gives details of how to exercise your rights.


At our UK national headquarters at 167 Newhall Street, Birmingham, B3 1SW, we collect moving imagery via CCTV. Agapé UK collects imagery via CCTV cameras located in both public (street) and private (our business premises) locations. We collect imagery via CCTV for the purposes of crime prevention and public safety, to:

  • Maintain the safety and security of our employees, colleagues, and other members of staff.
  • Support the effective management and safety of our building and infrastructure, including our car park spaces.
  • Provide evidence to any law enforcement or police investigations.

The lawful justification for collecting and using CCTV imagery is that there are legitimate interests to do so. Agapé commits to the safe and secure collection and storage of any imagery on-site, which will only be viewed by the authorised and appropriate Agapé staff. Any sharing with law enforcement or police authorities will be shared under our legal obligation to comply with the law. No imagery will be shared with third parties, except when required to do so by law.

Agapé retains imagery for 28 calendar days, after which point it is deleted. Imagery required for an investigative or legal procedure will be retained beyond this timeframe for as long as necessary and will be deleted upon completion of the purpose for which it was retained.

If you would like a copy of your personal data from the imagery, please write to Agapé UK’s Data Protection Team at 167 Newhall Street, Birmingham, B3 1SW, and include an email address or postal address so that we may get back in touch with you to validate your request. We may need to verify your ID, after which, we will respond to it within 30 days.


Your personal preferences and keeping your data accurate are of the utmost importance to us.

If at any stage you do not want to hear from us or want to update your details, you can:

  • Email: reception@agape.org.uk
  • Call: 0121 765 4404
  • Write: Agapé UK, 167 Newhall Street, Birmingham, B3 1SW

You can also now register your details with the Fundraising Preference Service if you want to tell us through them that you would prefer us not to contact you.

Any email marketing, we send you will contain information about how to unsubscribe. During any phone conversation you have with us, please feel free to let us know how you prefer to be contacted.


The GDPR gives you various rights in respect of the personal information we hold about you – these are set out in more detail below. If you wish to exercise any of these rights or make a complaint, you can do so by contacting using the information provided in Section 2: ‘Who we are.’

We will respond to your request within 30 days of accepting it. Before accepting your request, we may need to ask for some identity documentation from you, to make sure we don’t inadvertently provide your personal information to someone else.

You have the right to:

Rectification (editing and updating personal information)

If your information needs to be edited or updated, you can change your personal information directly on our website. Our Digital Tools offer different options for you to access, change, and modify the information you previously provided, such as your donor or customer record (for registered users only), email address, postal address, or to stop a duplicate email.

Alternatively, you can ask us to update your information by contacting us using the information provided in Section 2: ‘Who we are.‘ Please make sure to provide us with all the information we need to be able to address your request, including both the old and new information.

Access your personal information (Data Subject Access Request)

You can request details of your personal information we hold. We will confirm whether we are processing your personal information and provide additional details including what kind of information we have about you, where we collected it, how we use it (including the legal basis for our processing), how long we expect to keep it, details of any automated decision making or profiling and the safeguards regarding data transfers to non-EEA countries, subject to the limitations set out in applicable laws and regulations.

If you wish to exercise this right, you should contact the Data Protection team using the information provided in Section 2: “Who we are,” who will investigate your concerns. After validating the request, we will provide you with a copy of your personal information free of charge. We will respond within one month, providing that the request includes appropriate contact details or if we have it already them record. We may charge you a fee to cover our administrative costs if you request multiple copies of the same information or if the requests are manifestly unfounded or excessive.

If you are unhappy at any time about the way we process your personal information, please contact the Data Protection team.

Erasure (deletion of personal information)

At your request, we will delete your personal information if:

  • It is no longer necessary to retain your personal information;
  • You withdraw the consent which formed the basis of your personal information processing;
  • you have successfully objected to the processing of your personal information (see below);
  • Your personal information was processed unlawfully; or
  • We are required to delete your personal information to comply with our legal obligations.

We will review requests on a case-by-case basis and we might not be able to comply with your request if we need to process your personal information:

  • For exercising the right of freedom of expression and information;
  • To comply with our legal obligations;
  • To establish, exercise or defend a legal claim; or
  • To perform a task in the public interest.

If this is the case, we will notify you of the reasons why your request was rejected.

Restriction of processing of personal information

You have the right to request us to limit the processing of your personal information if:

  • You dispute the accuracy of your personal information;
  • Your personal information was processed unlawfully, and you request a limitation on processing, rather than a deletion of your personal information;
  • We no longer need to process your personal information, but you need your personal information in connection with a legal claim; or
  • You object to the processing of your personal information based on our legitimate interests – pending verification as to whether we have an overriding legitimate ground for such processing.
  • To the extent needed, we may still keep some of your data to ensure we comply with your request to limit processing, or for other legal purposes.

Objecting to certain types of processing (including automated decision making and profiling)

Where we process your personal information based upon our legitimate interests, you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts on your fundamental rights and freedoms.

Where we process your personal information based upon our legitimate interests and where decisions are made by automated processing which has a legal or other significant effect on you, you may also object to such automated decision making.

At present, the Record of Processing Activity has not revealed any instances of automated decision making or profiling.

Portability of personal information

You can request us to send you your personal information in a structured, commonly used, machine-readable format so that it can easily be transferred and used by a third party if:

  • You provided us with the personal information;
  • The processing of your personal information is based on your consent or required for the performance of a contract; or
  • The processing is carried out by automated means.

Withdrawing consent

We primarily rely on legitimate business interests to process your data, but to the extent we use consent to process your data, you have the right to withdraw any consent you may have given us at any time. We will comply with your request promptly.

If you withdraw your consent, we might not be able to provide some of our products and services to you. At any point, you have the right to object to processing of your personal information for direct marketing purposes and we will promptly comply with your request.

Filing a complaint with a data protection authority

We will try to resolve any problems that you have but you are always able to contact the ICO – the UK’s supervisory authority for assistance or to make a complaint.