Privacy Policy

Shared Futures Foundation ("the Foundation", "we", "us", "our") is a UK registered charity. We are the data controller for the personal data we collect through this website and our services. Our contact details for data protection enquiries will be published on our contact page once available.

We may collect and process the following personal data: - Information you provide directly, such as your name and email address when you contact us, subscribe to updates, or submit a donation - Technical data including IP address, browser type and version, time zone setting, operating system, and platform - Usage data including information about how you use our website, products, and services - Communications data including any correspondence you send to us We do not collect special category data (such as data about your race, ethnicity, religious beliefs, political opinions, health, or sexual orientation) unless you voluntarily provide it.

We collect data through: - Direct interactions: when you fill in forms, correspond with us, or otherwise provide information - Automated technologies: as you interact with our website, we may automatically collect technical data about your equipment, browsing actions, and patterns using server logs and similar technologies - Third parties: we may receive data from analytics providers, payment service providers, and similar third-party services

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we process your data on the following lawful bases: - Consent: where you have given clear consent for us to process your personal data for a specific purpose - Legitimate interests: where processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests - Legal obligation: where processing is necessary for compliance with a legal obligation - Contract: where processing is necessary for the performance of a contract with you

We use your personal data to: - Respond to your enquiries and provide you with information you have requested - Process donations and maintain records as required by charity law - Send you updates about our work, where you have opted in to receive them - Improve our website and services - Comply with legal and regulatory obligations - Protect our legitimate interests and those of third parties We will never sell your personal data. We will never share it with third parties for their marketing purposes.

We may share your personal data with: - Service providers who perform services on our behalf (such as website hosting, payment processing, and email delivery), who are contractually bound to protect your data - Regulatory bodies, law enforcement, or other authorities where required by law - Professional advisors including lawyers, auditors, and insurers We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

Some of our service providers may be based outside the United Kingdom. Where we transfer personal data outside the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented: - Transfers to countries that have been deemed to provide an adequate level of protection by the UK Secretary of State - Specific contracts approved for use in the UK which give personal data the same protection it has in the UK (UK International Data Transfer Agreement or UK Addendum to the EU Standard Contractual Clauses)

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. Donation records are retained for a minimum of six years in accordance with UK charity law and HMRC requirements. Contact form submissions and general enquiries are retained for two years unless a longer retention is necessary.

This website uses only essential cookies required for basic functionality and security. We do not use tracking cookies, advertising cookies, or third-party profiling cookies. If we introduce analytics in the future, we will use privacy-respecting tools that do not track individuals across websites and will update this policy accordingly.

Under UK data protection law, you have the following rights: - Right of access: you can request a copy of the personal data we hold about you - Right to rectification: you can request that we correct inaccurate or incomplete data - Right to erasure: you can request that we delete your personal data in certain circumstances - Right to restrict processing: you can request that we restrict the processing of your data in certain circumstances - Right to data portability: you can request a copy of your data in a structured, commonly used, machine-readable format - Right to object: you can object to our processing of your data where we rely on legitimate interests - Right to withdraw consent: where we rely on consent, you can withdraw it at any time To exercise any of these rights, please contact us via our contact page. We will respond to your request within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Our website is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that we have collected personal data from a child under 13, we will take steps to delete it.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorised way, altered, or disclosed. We limit access to your personal data to those who have a genuine business need to access it. We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.