Privacy Policy

We are committed to protecting your privacy and handling your personal data responsibly in accordance with UK GDPR.

Quick Summary

We only collect information necessary to provide our services, never sell your data, and you have full control over your personal information. This policy explains your rights and how we protect your privacy.

1. Who We Are

The Leiston Surgery Education Foundation is a registered UK charity (Charity Number: 1197432) committed to supporting local students in their educational journey. We are the data controller for the personal information we collect and process.

Contact Details:

Data Protection Officer: Sarah Mitchell
Email: [email protected]
Address: Leiston, Suffolk IP16 4ES, United Kingdom

2. Information We Collect

Personal Information You Provide

  • Name, email address, phone number, and postal address
  • Date of birth and educational background
  • Financial information for grant applications
  • Academic records and references
  • Employment history for work experience placements
  • Bank details for grant payments

Information We Collect Automatically

  • Website usage data through privacy-friendly analytics
  • IP address and browser information
  • Cookies and similar technologies (see our Cookie Policy)

3. How We Use Your Information

Programme Delivery

  • • Processing grant applications
  • • Matching mentors with students
  • • Arranging work experience placements
  • • Providing ongoing support

Communication

  • • Responding to inquiries
  • • Sending programme updates
  • • Newsletter communications
  • • Event invitations

4. Legal Basis for Processing

We process your personal data based on:

  • Consent: When you voluntarily provide information
  • Legitimate Interest: For programme delivery and communication
  • Legal Obligation: For charity reporting and safeguarding
  • Vital Interests: In emergency safeguarding situations

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your data only in these limited circumstances:

  • Service Providers: Trusted third parties who help us deliver our services (e.g., payment processors, email services)
  • Educational Institutions: With your consent, to support your applications
  • Employers: For work experience placements, with your permission
  • Legal Requirements: When required by law or to protect safety
  • Safeguarding: To relevant authorities if we have concerns about welfare

6. Data Security

Security Measures

  • • SSL encryption for all data transmission
  • • Secure cloud storage with access controls
  • • Regular security audits and updates
  • • Staff training on data protection
  • • Physical security for paper records

7. Data Retention

Data TypeRetention PeriodReason
Application Records7 years after programme completionCharity reporting requirements
Financial Records7 yearsLegal and tax obligations
Contact InformationUntil you opt outOngoing communication
Website Analytics26 monthsService improvement

8. Your Rights

Access & Control

  • • Right to access your data
  • • Right to rectification
  • • Right to erasure
  • • Right to restrict processing

Portability & Objection

  • • Right to data portability
  • • Right to object to processing
  • • Right to withdraw consent
  • • Right to complain to ICO

How to Exercise Your Rights

Contact us at [email protected] or write to us at our registered address. We will respond within one month of receiving your request.

9. Children's Privacy

Many of our beneficiaries are under 18. We take extra care with children's data:

  • Parental consent required for under-16s
  • Age-appropriate privacy notices
  • Enhanced safeguarding measures
  • Regular review of data necessity

10. International Transfers

We primarily process data within the UK. When we use international service providers, we ensure adequate protection through approved mechanisms such as adequacy decisions or standard contractual clauses.

11. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or website notice. The current version is always available on our website.

Questions or Concerns?

If you have questions about this privacy policy or how we handle your data, please contact us:

Email: [email protected]

Phone: 01728 830524

Post: Data Protection Officer, Leiston Surgery Education Foundation, Leiston, Suffolk IP16 4ES

You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk

Last updated: January 2024
Next review: January 2025