Privacy Policy

1. Who we are and how to contact us

This Privacy Policy explains how BarmingPC collects, uses and protects personal data when you visit and interact with the website barmingpc.org.uk.

General contact: Please use the contact details published on this website for any general enquiry. For data protection enquiries, see Section 13 (Data Protection Officer).

2. Scope of this policy

This policy covers personal data processed through this website, including information you submit via online forms, emails you send to Council addresses published on this website, and technical data generated when you access the site. It does not cover third-party websites you may access via embedded content or off-site links.

3. The personal data we collect

We may collect and process the following categories of personal data:

  • Identity and contact details: name, address, email address, telephone number, and any other details you choose to provide in forms or correspondence.
  • Communications and submissions: messages, enquiries, feedback, requests for information, service requests, consultations and survey responses.
  • Subscription preferences: your choices relating to newsletters, notices, or updates where offered.
  • Event or meeting interactions: registrations, accessibility requirements, and attendance confirmations where relevant.
  • Technical and usage data: IP address, device identifiers, browser type, operating system, pages viewed, time and date of visits, referrer URLs, and similar diagnostic data collected through server logs, security tools and cookies (see Section 5).
  • Cookie consent records: your consent choices and related metadata.

We do not intentionally collect special category data (e.g., health, religion) through this website. If you voluntarily include such information in a message or form, we will handle it with additional care and only as necessary for the purpose you submitted it.

4. Purposes and lawful bases for processing

We process personal data only where a lawful basis under the UK General Data Protection Regulation (UK GDPR) applies. The purposes and bases include:

  • Responding to your enquiries and correspondence; arranging meetings or follow-up; providing information you request

    – Lawful basis: performance of a contract or steps prior to entering into a contract (where relevant); public task (carrying out our official functions); or consent where you have asked us to contact you in a particular way.

  • Providing online services and information to the public; administering consultations and surveys; publishing statutory notices

    – Lawful basis: public task (performing tasks carried out in the public interest or in the exercise of official authority).

  • Managing subscriptions to newsletters or updates (where offered)

    – Lawful basis: consent. You may withdraw consent at any time (see Section 9).

  • Website operation, security and fraud prevention, including maintaining server logs and using security tools to detect or prevent unauthorised access

    – Lawful basis: public task and/or our legitimate interests in securing our systems; and compliance with our legal obligations to keep personal data secure.

  • Analytics and performance measurement to improve the website (non-essential cookies)

    – Lawful basis: consent under the Privacy and Electronic Communications Regulations (PECR) and UK GDPR.

  • Compliance with legal obligations and exercising or defending legal claims

    – Lawful basis: legal obligation; establishment, exercise or defence of legal claims.

We do not sell your personal data.

5. Cookies and similar technologies

Cookies are small text files stored on your device. We use:

  • Strictly necessary cookies: required for basic site functionality, security, and to remember essential settings. These do not require consent.
  • Preference cookies: to remember optional settings you choose. Where these are not strictly necessary, we rely on your consent.
  • Analytics cookies: to understand how the site is used and to improve performance. These are only set with your consent.

Cookie duration varies. Session cookies expire when you close your browser. Persistent cookies typically expire within 13 months unless a shorter period is indicated. You can withdraw or change your consent for non-essential cookies at any time by adjusting your browser settings to block or delete cookies, or by revisiting your cookie preferences if a consent tool is presented.

Most browsers allow you to refuse cookies or to delete them. If you block some cookies, parts of the website may not function properly.

6. Data sharing

We may share personal data with:

  • Our service providers acting as data processors, such as website hosting, security, maintenance, analytics and communications providers, under written contracts that require them to protect your data and act only on our instructions.
  • Other public authorities or organisations where necessary to fulfil our statutory functions or respond to matters you raise that fall within their remit.
  • Law enforcement, regulators, courts or other third parties where required by law or to establish, exercise or defend legal claims.

Where we embed third-party content (for example, maps or videos), those providers may collect data directly from your device subject to their own privacy practices. You can choose not to interact with such embedded content if you prefer.

7. International transfers

We aim to store personal data in the United Kingdom. If a service provider processes data outside the UK, we will ensure an appropriate safeguard is in place, such as:

  • UK adequacy regulations for the destination country; or
  • A legally approved transfer mechanism (for example, the UK International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses), together with additional safeguards where necessary.

You may request more information about international transfers affecting your data by contacting the Data Protection Officer (see Section 13).

8. Retention periods

We keep personal data only for as long as necessary for the purposes described above and to meet legal, accounting or reporting requirements. Typical retention periods are:

  • Enquiries and correspondence: up to 24 months from the date of our last substantive contact, unless a longer period is needed for a complaint, legal claim or statutory purpose.
  • Newsletter or update subscriptions: until you unsubscribe or your contact becomes inactive for 24 months, after which we will remove you from the list.
  • Event or meeting registrations: up to 24 months after the event, unless records must be retained longer for legal or audit purposes.
  • Technical logs and security records: up to 12 months, unless needed longer to investigate or prevent security incidents.
  • Cookie consent records: up to 13 months from your last consent action.

Where retention periods are not fixed by law, we determine them by considering the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes of processing and whether we can achieve those purposes through other means.

9. Your rights

Under the UK GDPR, you have the following rights in relation to your personal data:

  • Right to be informed about how your data is used.
  • Right of access to your personal data and to obtain a copy.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure in certain circumstances.
  • Right to restrict processing in certain circumstances.
  • Right to data portability for data you provided to us, where the processing is based on consent or contract and carried out by automated means.
  • Right to object to processing carried out for public task or legitimate interests, and to direct marketing (if applicable).
  • Right to withdraw consent at any time where processing is based on consent. Withdrawal does not affect the lawfulness of processing before withdrawal.
  • Rights related to automated decision-making, including profiling, where applicable.

To exercise your rights, contact the Data Protection Officer (see Section 13). We may need to request specific information to verify your identity. We aim to respond within one month of receiving your request. You also have the right to lodge a complaint with the Information Commissioner’s Office (see Section 15).

10. Data security

We implement appropriate technical and organisational measures to protect personal data, including access controls, encryption in transit where supported, secure hosting, regular updates and backups, and restricted access to personal data on a need-to-know basis. While we take reasonable steps to secure your data, no internet transmission or storage system can be guaranteed to be 100% secure.

11. Children’s privacy

This website is intended for general audiences. We do not knowingly collect personal data from children via the site without appropriate consent where required. If you believe a child has provided personal data through the site, please contact the Data Protection Officer so we can address the matter.

12. Automated decision-making

We do not use personal data collected through this website to make decisions that produce legal or similarly significant effects based solely on automated processing, including profiling.

13. Data Protection Officer (DPO) contact

How to contact the DPO: Please write using the contact details published on this website and mark your correspondence “For the attention of the Data Protection Officer”. You may also use the published email address and state that your message is for the Data Protection Officer.

14. Changes to this policy

We may update this Privacy Policy to reflect changes in our processing or legal requirements. Substantive changes will apply from the date they are posted on this page. Please check back periodically to review the current version.

Effective date: 8 February 2026.

15. Complaints and how to contact the ICO

If you have concerns about how we use your personal data, please contact the Data Protection Officer in the first instance so we can try to resolve the issue. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Telephone: 0303 123 1113. Website: ico.org.uk.

About The Editorial Team Terms of Service Legal Notice Privacy Policy Sitemap Contact
© 2026 BarmingPC