top of page

PRIVACY POLICY

1. Introduction

West Allotment Wildlings CIC (“we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you interact with us, including through our website at wawildlings.co.uk, at club events, or as a member of our community.

We are a Community Interest Company (CIC) based in Holystone, North Tyneside. As a data controller, we are responsible for your personal data and we take that responsibility seriously.

Please read this policy carefully. By using our website or engaging with our club, you acknowledge that you have read and understood how we handle your personal data.

2. Who We Are (Data Controller)

Organisation: West Allotment Wildlings CIC

Website: wawildlings.co.uk

Address: Holystone, North Tyneside, England

If you have any questions about this policy or how we handle your data, please contact us via the contact details on our website.

 

3. What Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information you provide to us directly

  • Name and contact details (email address, phone number)

  • Enquiries submitted through our website contact forms

  • Event booking and registration details

  • Membership information

  • Photographs or videos taken at events (where consent is given)

  • Any other information you choose to share with us

 

3.2 Information collected automatically

  • Website usage data and analytics (e.g. pages visited, time on site)

  • IP address and browser/device type

  • Cookies and similar tracking technologies (see Section 9)

 

3.3 Information from third parties

  • If you connect with us via social media platforms (e.g. Facebook, Discord), we may receive limited profile information from those platforms in accordance with their privacy policies

 

4. How We Use Your Personal Data

We use your personal data for the following purposes:

4.1 To run and manage the club

  • Processing event registrations and bookings

  • Communicating club news, session schedules, and updates

  • Managing club membership and community participation

  • Responding to enquiries and requests

 

4.2 To operate our website

  • Ensuring the website functions correctly

  • Improving user experience and content

  • Analysing website traffic and usage patterns

 

4.3 To promote the club

  • Sharing event photographs and community highlights on our website or social media (only where consent has been obtained)

  • Producing newsletters or community updates (where you have opted in)

 

4.4 To meet legal obligations

  • Complying with applicable laws and regulations

  • Maintaining records as required by law (e.g. as a registered CIC)

 

5. Our Lawful Basis for Processing

Under UK GDPR, we rely on the following legal bases for processing your personal data:

  • Legitimate interests – to manage and promote our community club activities in a way that you would reasonably expect, and that does not override your rights

  • Consent – where you have actively opted in, for example to receive newsletters or to appear in event photography

  • Contract – where processing is necessary to fulfil a commitment to you, such as an event booking

  • Legal obligation – where we are required to process data to comply with a legal duty

 

Where we rely on consent, you have the right to withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the consent was withdrawn.

 

6. Who We Share Your Data With

We do not sell your personal data to third parties. We may share your data in the following limited circumstances:

  • Service providers – we may share data with trusted third-party services that help us operate (e.g. website hosting, email platforms, event booking tools). These parties are required to handle your data securely and in accordance with UK GDPR

  • Social media platforms – if you engage with our social media accounts, the relevant platform's privacy policy will also apply

  • Regulatory or legal requirements – we may disclose data if required to do so by law, court order, or government authority

  • With your explicit consent – in any other case where you have given us clear permission to share your data

 

7. How Long We Keep Your Data

We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Typical retention periods are:

  • Contact form enquiries: up to 12 months

  • Event registration records: up to 3 years

  • Member and participant records: for the duration of membership/participation, plus 12 months

  • Financial records (if applicable): up to 7 years (legal requirement)

  • Photographs/video: until consent is withdrawn, or until they are no longer relevant to club activities

 

When data is no longer needed, it will be securely deleted or anonymised.

 

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of access – you can request a copy of the personal data we hold about you

  • Right to rectification – you can ask us to correct inaccurate or incomplete data

  • Right to erasure – you can ask us to delete your personal data where there is no compelling reason to continue processing it

  • Right to restrict processing – you can ask us to restrict how we use your data in certain circumstances

  • Right to data portability – you can ask us to provide your data in a structured, commonly used format

  • Right to object – you can object to processing based on legitimate interests or for direct marketing purposes

  • Rights related to automated decision-making – we do not make decisions about you using solely automated processing

 

To exercise any of these rights, please contact us using the details provided on our website. We will respond within one month of receiving your request. There is no fee for making a request unless it is manifestly unfounded or excessive.

 

9. Cookies

Our website may use cookies to improve your browsing experience and to help us understand how our site is used. Cookies are small text files placed on your device.

9.1 Types of cookies we may use

  • Essential cookies – necessary for the website to function correctly

  • Analytics cookies – used to understand how visitors interact with our site (e.g. Google Analytics or similar)

  • Preference cookies – used to remember your settings

 

9.2 Managing cookies

You can control and/or delete cookies via your browser settings. Disabling cookies may affect the functionality of our website. Where consent is required for non-essential cookies, we will ask for this when you first visit the site.

 

10. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, alteration, or disclosure. These measures include:

  • Secure website hosting with HTTPS

  • Access controls limiting who within our organisation can access personal data

  • Regular review of our data handling practices

 

While we take all reasonable steps to protect your data, no method of transmission over the internet is completely secure. In the unlikely event of a data breach that affects your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) as required by law.

 

11. International Data Transfers

We aim to keep your data within the UK and European Economic Area (EEA). If we use any third-party services that transfer data outside of the UK/EEA, we will ensure appropriate safeguards are in place in line with UK GDPR requirements.

 

12. Children's Privacy

We welcome participants of all ages, including children and young people who attend sessions with parental permission. We do not knowingly collect personal data directly from children under the age of 13 without verified parental or guardian consent.

If you believe we have inadvertently collected information from a child without appropriate consent, please contact us immediately and we will take steps to delete it.

For event photography involving minors, we always seek explicit consent from a parent or guardian before taking or publishing images.

 

13. Links to Third-Party Websites

Our website may contain links to external sites such as social media platforms, event booking tools, or hobby retailers. We are not responsible for the privacy practices of those third-party sites and encourage you to review their privacy policies before providing any personal data to them.

 

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will update the date at the top of this document and, where appropriate, notify you by email or via a notice on our website.

We encourage you to review this policy periodically.

 

15. How to Make a Complaint

If you have concerns about how we handle your personal data, please contact us in the first instance using the contact details on our website. We will do our best to address your concerns promptly.

If you remain unhappy with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection authority:

 

  • Website: ico.org.uk

  • Helpline: 0303 123 1113

  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

 

16. Contact Us

If you have any questions, requests, or concerns about this Privacy Policy or how we handle your personal data, please get in touch via the contact page on our website:

 

wawildlings.co.uk

bottom of page