PRIVACY POLICY

We may collect and process the following types of personal data:

• Name

• Email address

• Telephone number

• Postal address

• Organisation or role (where relevant)

• Communication preferences

• Information relating to event attendance or enquiries

• Any other information you choose to provide to us

We do not knowingly collect data relating to children.

3. HOW WE COLLECT YOUR DATA

We collect personal data when you:

• Contact us via our website, email, phone or in writing

• Register for or attend an event

• Subscribe to our communications

• Engage with our marketing or fundraising activities

4. LAWFUL BASIS FOR PROCESSING

We process your personal data under the following lawful bases:

• Consent – where you have opted in to receive marketing or fundraising communications

• Contract – where processing is necessary to manage event bookings or deliver services you have requested

• Legitimate interests – to communicate with you about Act IV activities in a way you would reasonably expect

• Legal obligation – where we are required to comply with the law

You may withdraw your consent at any time (see Section 9).

5. HOW WE USE YOUR DATA

We use your personal data to:

• Communicate with you about Act IV events and activities

• Send marketing and e-newsletters (where you have consented)

• Manage event registrations and related logistics

• Share information about fundraising opportunities on behalf of our clients (where appropriate)

• Improve and tailor our communications

We do not sell or share your personal data to third parties.

6. PROFILING AND COMMUNICATIONS TRACKING

We may use limited profiling techniques to better understand your interests and tailor our communications. This may include analysing engagement with our emails (such as opens and link clicks).

You have the right to object to profiling or direct marketing at any time.

7. SHARING YOUR DATA

We may may need to share your name with trusted third parties where necessary to carry out our activities, including:

• Event venues and suppliers

• IT and data hosting providers

All third parties are required to respect the security of your data and process it in accordance with the law. We do not allow third parties to use your data for their own purposes.

We do not transfer your data outside the UK.

8. DATA SECURITY

We take appropriate technical and organisational measures to protect your personal data against loss, misuse, unauthorised access or disclosure.

Your data is stored on secure servers operated by Ratcliff IT.

9. DATA RETENTION

We retain your personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting or reporting requirements.

When your data is no longer required, it will be securely deleted or anonymised.

10. YOUR RIGHTS

Under UK GDPR, you have the right to:

• Request access to your personal data

• Request correction of inaccurate data

• Request deletion of your data

• Request restriction of processing

• Object to processing, including direct marketing and profiling

• Request data portability

• Withdraw consent at any time

• Lodge a complaint with the Information Commissioner’s Office

(ICO) www.ico.org.uk

11. OPTING OUT AND MANAGING PREFERENCES

You can opt out of communications or update your preferences at any time by:

• Clicking the unsubscribe link in our emails, or

• Contacting rebecca@activ.org.uk

If you request to be removed from our records, we will securely delete your personal data unless we are legally required to retain it.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Any changes will be published on our website.

Last updated: January 2026