EquiTraction CIC Privacy Policy
Last Updated: 10 July 2026
Who We Are
EquiTraction CIC (“EquiTraction”, “we”, “our”, “us”) is a Community Interest Company established to improve the wellbeing of people, animals and communities and to contribute positively to the environment.
Our website address is:
We are committed to protecting your privacy and handling personal information fairly, lawfully, transparently and securely in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and other applicable legislation.
For questions relating to this Privacy Policy or your personal information, please contact us using the contact details published on our website.
Information We Collect
We may collect and process the following information.
Personal Information
- Name
- Email address
- Telephone number
- Postal address
- Organisation details
- Volunteer information
- Event registration details
- Emergency contact information where appropriate
- General correspondence and enquiries
Programme and Participation Information
Where relevant to the services, projects and activities we deliver, we may collect:
- Registration information
- Attendance records
- Volunteer records
- Training records
- Survey responses
- Feedback forms
- Participation records
- Information required to facilitate participation in activities
- Records of interactions, communications and relationships with individuals, volunteers, carers, partner organisations, funders, suppliers and stakeholders
Special Category Information
Where necessary and lawful to do so, we may process limited amounts of sensitive personal information, including:
- Health information
- Disability information
- Accessibility requirements
- Equality, diversity and inclusion information
- Safeguarding and welfare information
Such information will only be collected where there is a lawful basis and an appropriate condition for processing under data protection legislation.
Website Usage Information
When you visit our website, we may automatically collect:
- IP address
- Browser type and version
- Device information
- Operating system
- Website usage information
- Referring websites
- Pages visited
- Date and time of visits
How We Use Your Information
We may use personal information to:
- Respond to enquiries and requests.
- Deliver community activities, projects and programmes.
- Manage volunteers.
- Coordinate events and training.
- Support participants and carers.
- Manage partnerships and collaborations.
- Apply for, administer and report on grants and funding.
- Monitor, evaluate and improve our activities.
- Conduct research and consultation activities.
- Communicate with individuals, organisations and stakeholders.
- Meet legal, safeguarding, regulatory and governance obligations.
- Protect the safety and wellbeing of participants, volunteers, contractors and staff.
Lawful Bases for Processing
Depending on the circumstances, we process personal information under one or more of the following lawful bases:
- Consent
- Contract
- Legal obligation
- Vital interests
- Public task
- Legitimate interests
Where special category information is processed, we will identify and rely upon the appropriate additional condition permitted by law.
Who We Share Information With
We only share personal information where necessary, proportionate and lawful.
We may share information with:
Funding Bodies and Grant Makers
To support funding applications, programme delivery, monitoring, evaluation and reporting requirements.
Community and Delivery Partners
Including:
- Charities
- Community Interest Companies
- Social enterprises
- Community groups
- Volunteer organisations
- Project delivery partners
Local Authorities and Public Services
Including where relevant:
- Local authorities
- NHS organisations
- Educational institutions
- Social care providers
- Regulatory bodies
- Other public sector organisations
Business and Corporate Partners
Where they support the delivery, development or funding of community benefit activities.
Technology Providers
We use a range of technology services to support the administration, management and delivery of our activities.
These may include providers of:
- Website hosting
- Email services
- Cloud storage
- Customer and stakeholder relationship management systems
- Communication platforms
- Project management systems
- Data management systems
- Online forms and surveys
- Digital collaboration tools
This may include Microsoft services such as:
- Microsoft 365
- Outlook
- SharePoint
- OneDrive
- Microsoft Teams
- Dynamics 365
Information will only be stored or processed within these systems where necessary for legitimate operational, safeguarding, reporting, partnership, programme delivery or administrative purposes.
Professional Advisers
Including:
- Accountants
- Auditors
- Solicitors
- Insurers
- Other professional advisers
Contractors, Consultants and Associates
We may share information, where necessary, with authorised contractors, consultants, associates, self-employed individuals and service providers supporting EquiTraction CIC.
Such parties will only receive information necessary to perform their role and must comply with appropriate confidentiality, contractual and data protection requirements.
Legal and Regulatory Requirements
We may disclose information where required by law, court order, safeguarding obligations or regulatory requirements.
Use of Contractors, Associates and Related Service Providers
EquiTraction CIC may engage:
- Self-employed specialists
- Consultants
- Associates
- Partner organisations
- Contractors
- Companies owned or operated by directors
to assist in delivering projects, programmes and services.
For example, a director may provide services through a separate limited company and another director may provide services in a self-employed capacity where such arrangements are properly authorised, transparently managed and consistent with the Company’s governing documents and legal obligations.
Where personal information is shared with contractors, consultants, associates or delivery partners, it will only be for authorised purposes and subject to appropriate contractual, confidentiality and data protection arrangements.
Volunteers, Carers and Participants
Where we work with volunteers, carers, service users and programme participants, we may collect information necessary to:
- Deliver activities safely.
- Meet accessibility and inclusion requirements.
- Provide training and support.
- Manage safeguarding responsibilities.
- Monitor participation and outcomes.
- Meet funding and reporting requirements.
- Evaluate the effectiveness of services and activities.
We will only collect information that is necessary for these purposes and will handle it appropriately and sensitively.
Research, Monitoring and Evaluation
To improve services and demonstrate community impact, we may collect information for:
- Research projects
- Community consultations
- Service reviews
- Programme evaluation
- Impact reporting
- Grant reporting
- Continuous improvement activities
Where possible, information will be anonymised or aggregated before being shared externally.
Comments
When visitors leave comments on the website, we collect:
- The information shown in the comments form.
- The visitor’s IP address.
- Browser user agent information.
This information helps us detect and prevent spam.
An anonymised string (hash) created from your email address may be provided to the Gravatar service to determine whether you use it.
The Gravatar privacy policy is available at:
After approval of a comment, your profile picture may be visible publicly alongside your comment.
Media
If you upload images to the website, you should avoid uploading images containing embedded location data (EXIF GPS).
Visitors may be able to download images from the website and extract location data from them.
Cookies
Our website uses cookies and similar technologies to improve functionality, usability, security and performance.
Comments Cookies
If you leave a comment, you may choose to save your:
- Name
- Email address
- Website
in cookies for convenience.
These cookies may remain on your device for up to one year.
Login Cookies
If you visit our login page, a temporary cookie may be created to determine whether your browser accepts cookies.
This cookie contains no personal information and is removed when you close your browser.
When users log into the website, cookies may store:
- Login information
- Display preferences
Login cookies normally last for two days.
Display preference cookies may remain for up to one year.
Selecting “Remember Me” may extend login persistence for up to two weeks.
Editing Cookies
If an authorised user edits or publishes content, a cookie may be stored containing the post identifier for that content.
This cookie contains no personal information and expires after one day.
You can manage cookies through your browser settings.
Embedded Content from Other Websites
Pages and articles on our website may include embedded content from third-party websites, such as:
- Videos
- Images
- Articles
- Maps
- Social media content
Embedded content behaves as though you have visited the third-party website directly.
These websites may:
- Collect information about you.
- Use cookies.
- Embed additional tracking technologies.
- Monitor your interaction with their content.
We encourage you to review the privacy policies of any third-party services you use.
Website Services
WordPress
Our website is built using WordPress.
Forminator
We use Forminator to provide contact forms, registration forms and other online forms.
Information submitted through these forms is processed only for the purpose for which it was collected.
Yoast SEO
We use Yoast SEO to improve website visibility, accessibility and search engine optimisation.
Microsoft 365 and Dynamics 365
EquiTraction CIC uses Microsoft cloud services to support the management and delivery of its activities.
Personal information may be stored or processed using:
- Microsoft 365
- Outlook
- SharePoint
- OneDrive
- Microsoft Teams
- Dynamics 365
These systems may be used to:
- Manage enquiries and communications.
- Maintain records and documents.
- Store project information.
- Manage volunteers and participants.
- Administer grants and funding.
- Manage relationships with organisations, partners and stakeholders.
- Deliver programmes and activities.
- Produce monitoring, evaluation and reporting information.
Access to information held within these systems is restricted to authorised persons with a legitimate business need.
Appropriate security controls are applied to protect information stored within these systems.
Data Retention
We retain personal information only for as long as necessary to:
- Deliver activities and services.
- Administer projects and programmes.
- Meet funding and audit requirements.
- Fulfil contractual obligations.
- Meet legal and regulatory requirements.
- Discharge safeguarding responsibilities.
When information is no longer required, it will be securely deleted, destroyed or anonymised.
Website Comments
Comments and associated metadata may be retained indefinitely to allow automated approval of future comments from the same contributor.
Website Accounts
Where users register on our website, we retain information provided within their user profile.
Users may view, edit or remove their personal information at any time, except where technical restrictions apply (such as usernames).
Website administrators may also access and manage that information.
Data Security
We take appropriate technical and organisational measures to safeguard personal information from:
- Unauthorised access
- Unauthorised disclosure
- Loss
- Alteration
- Misuse
- Destruction
These measures may include:
- Access controls
- Secure passwords
- Secure cloud services
- Restricted access to sensitive information
- Staff, volunteer and contractor confidentiality obligations
International Data Transfers
EquiTraction CIC primarily seeks to store and process information within the United Kingdom.
Some technology providers, including Microsoft and other cloud service providers, may process information within the United Kingdom, European Economic Area (EEA) or other jurisdictions where appropriate safeguards are in place.
Where personal information is transferred internationally, we will take reasonable steps to ensure that appropriate protections and lawful transfer mechanisms are applied.
Your Rights
Under applicable data protection legislation you have the right to:
- Be informed about how your information is used.
- Access your personal information.
- Correct inaccurate information.
- Request deletion of information in certain circumstances.
- Restrict processing.
- Object to processing.
- Request data portability where applicable.
- Withdraw consent where consent is relied upon.
If you have a website account or have left comments, you may request:
- An exported copy of the personal information we hold about you.
- Deletion of personal information we hold about you, subject to legal, administrative and security requirements.
Requests can be made using the contact details available on our website.
Where Your Data Is Sent
Visitor comments may be checked through automated spam detection services.
If you request a password reset, your IP address may be included within the password reset process as part of website security measures.
Complaints
If you are unhappy with how we handle your personal information, please contact us first so that we can attempt to resolve the issue.
You also have the right to complain to:
Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Website: https://www.ico.org.uk
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in legislation, technology, organisational practice or the services provided by EquiTraction CIC.
The latest version will always be available on our website.
Last Updated: 10 July 2026.