Skip to content
Burdett Trust for Nursing
Explore

Privacy & Cookie Policy

Updated February 2026

1. Introduction

The Burdett Trust for Nursing (“BTFN”, “we”, “us”, “our”) takes your privacy very seriously. We are committed to protecting personal data and being transparent about how we collect, use and store it, in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and related legislation.

This Privacy Policy explains how we collect and use personal information when you:

  • apply for a grant;
  • act as a referee, assessor or adviser;
  • subscribe to our communications;
  • attend our events; or
  • use our website.

2. Who we are

The Burdett Trust for Nursing (BTFN) is an independent charitable trust that makes grants in support of nurse-led projects, using its funds to empower nurses and make significant improvements to the patient care environment.

3. Personal information we collect

We may collect the following types of personal information, depending on your relationship with us:

  • name, job title, organisation and contact details;
  • information included in grant applications (including CVs, project information and monitoring reports);
  • correspondence with us;
  • newsletter subscription details;
  • website usage information (see Cookies section below).

We only collect personal data that is necessary, relevant and proportionate for our charitable and grant-making purposes.

4. Lawful bases for processing

We process personal data under the following lawful bases:

  • Legitimate interests – for administering our grant-making activities, assessing applications, monitoring funded projects, evaluation, learning and improvement of our charitable activities.
  • Contract – where processing is necessary to manage a grant award or funding agreement.
  • Consent – for sending newsletters and marketing communications, and where explicitly required.
  • Legal obligation – where required for regulatory, financial or audit purposes.

Where we rely on consent, you may withdraw it at any time.

5. How we collect and store the information

Online forms

We receive grant applications and newsletter subscriptions via online forms provided by Formstack.

Formstack processes data on our behalf under a data processing agreement and appropriate UK GDPR-compliant safeguards.

Databases

All personal information is securely stored in our Salesforce cloud-based grants management system. Salesforce applies industry-standard security measures and processes data only on our instructions.

Email communications

We use Mailchimp as our email marketing platform. By subscribing, you acknowledge that your information will be processed by Mailchimp on our behalf, subject to appropriate contractual and security safeguards.

6. International data transfers

Some of our service providers process personal data outside the UK (for example in the United States).

Where personal data is transferred internationally, we ensure that:

  • appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or approved contractual clauses; and
  • data is protected to UK GDPR standards.

You may contact us for further information about these safeguards.

7. How we use your information

We use personal information to:

  • administer and assess grant applications;
  • communicate with applicants, grantees, referees and assessors;
  • manage grants, monitoring, evaluation and learning;
  • provide newsletters and updates (where consent has been given);
  • invite you to events or consultations related to our charitable aims;
  • comply with legal, regulatory and audit requirements.

We do not sell personal data or use it for commercial profiling or advertising.

Your personal information will be held only for as long as it is required for our grant making processes or as long as the law requires.

8. Sharing your information

We may share personal information only where necessary, including with:

  • external assessors and consultants engaged to review grant applications;
  • professional advisers (such as auditors or legal advisers);
  • service providers who process data on our behalf under contract.

All recipients are required to protect personal data appropriately.

9. Your rights

You have the right to:

  • access your personal data;
  • request correction of inaccurate data;
  • request erasure of data where appropriate;
  • restrict or object to certain processing;
  • withdraw consent where processing is based on consent.

Requests will normally be responded to within one month.

10. Complaints

If you have concerns about how we handle your personal data, please contact us first so we can address them.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) www.ico.org.uk

11. Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse. However, no internet-based system is completely secure.

12. Cookies, analytics and security tools

Our website uses:

  • Google Analytics to understand website usage;
  • Google reCAPTCHA v3 to prevent spam and abuse.

These services may place cookies and process limited technical data in accordance with Google’s Privacy Policy. You can control cookies through your browser settings and opt-out tools.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

14. Contact us

For questions about this Privacy Policy or your personal data, please contact the Chief Executive via the contact form on our website.