Privacy Information

Privacy Policy & Privacy Notices

A Privacy Policy needs to explain, to the individual, what information we collect about them, what we plan to do with it and how we keep it secure.

Under GDPR there are extra requirements to be included in a Privacy Policy, such as how we treat children’s data (may not be applicable to you) and the ‘rights of the individual’. GDPR is more about the privacy and rights of individuals.

A Privacy Notice or Privacy Statement is a paragraph we put on all forms where we collect personal information.

For example:

[Company name] collects and stores your information so we can let you know about future [news, events,  offers……]. We do not keep your information for longer than is necessary. You can unsubscribe from our emails at any time. Please refer to our Privacy Policy for more details on how we use your information, store it securely and about your rights.

A Privacy Policy should include detailed information covering all aspects or how we process personal information and the rights of the individual.

For example:

Who are we?

[Company Name] is a registered company [number]. Our registered address is [address]

What is personal information?

Personal information is any data that identifies you as an individual. This could include; name, address, email address, bank information (when purchasing from us) etc.

How do we use your information?

We use your personal information to:

  • Take payment (via PayPal secure site)
  • Send you event confirmation
  • Send you newsletters

We look after your personal information and keep it secure……[you will probably need to add something here, as I have no idea how you keep individual’s data secure]

Lawful basis for processing

The lawful basis will depend on why we are processing your information. We use the following for processing your information:

  • Consent – where you have given us consent to send you our newsletter
  • Contract – where you have bought a product from us
  • Legal Obligation? – applicable in certain circumstances
  • Legitimate Interest – where it is our legitimate interest to contact you with further relevant information and where it doesn’t affect your rights as an individual (Refer to ‘Rights of Individuals’ below)

How long do we keep your information

We will not keep your information for longer than necessary. When we no longer have a lawful basis for storing your information, we will delete it.

Do we share your information

We never share your details with any third parties except where we need to do so to fulfil a function, such as booking an event.

Your rights

Under data protection regulations, you have certain rights as follows:

  • ‘Right to be informed’ means we will be completely clear and transparent about how we plan to use your personal information.
  • ‘Right of access’ means you can request a copy of the personal information we hold about you and we will provide it within one month.
  • ‘Right to rectification’ means you can ask us to update or amend the information we hold about you, if it is incorrect.
  • ‘Right to restrict processing’ means you can ask us to change, restrict or stop the way we are using your information.
  • ‘Right to erasure’ (or ‘right to be forgotten’) means you can ask us to remove your personal information from our records.
  • ‘Right to object’ means you can object to us using your information for marketing purposes.
  • ‘Right to data portability’ means you can obtain and reuse your personal data for your own purposes.
  • ‘Right not to be subject to automated decision making’ means if we use systems to make a decision about you, you have the right to ask for a person to intervene, that then may change the outcome.
  • Right to lodge a complaint with a supervisory authority, such as Fundraising Regulator or the Information Commissioner’s Office (ICO), if you are not satisfied with our response to your request, or you feel we are not using your information correctly.

How we use Cookies 

We only use ‘third party’ cookies to collect information about the IP address of all our website visitors, using Google Analytics, in order to monitor site traffic, so we can improve and develop the design and content of our site.

How to contact us

You can write to us at the following address:

[name & address of company]

You can phone us on:

[telephone number(s)]

Please email us at:

[company email address]

Template here.

GDPR step 5


Comments are closed.