Empower London Foundation (“us”, “we”) respect the privacy of every person who visits or subscribes to our websites and online publications (“you”) and are committed to ensuring a safe online-experience. This privacy statement outlines the personal data we may collect about you and how we may process it, as well as how our service providers might do the same. This privacy statement also tells you about your rights to control this data.
Empower London Foundation is subject to the General Data Protection Regulation and the Data Protection Act 2018. We are registered with the Information Commissioners Office.
We collect, store and process personal data for the following purposes:
Some of your personal data may be collected and processed with the intention of providing it to other named organisations (i.e. access to key reports or events), but this will only done where you have given your consent at the time of accessing such content or signing up for such an event (separately to this privacy statement).
Our site uses message boards on blogs and users can participate in these facilities. Any information that is disclosed in these areas becomes public information and you should always be careful when deciding to disclose your personal information.
Under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, organisations are required to have a legal basis for processing personal data. The legal bases we use for processing data are:
We will only send you further information about the partners involved in The London Festivl and their specific services, if you have actively consented to us doing so (e.g. you have opted to join their mailing lists). Individuals signed up to receiving these, can withdraw their consent at any point by contacting the relevant partner organisation concerned.
Our primary goal in collecting personal data from you is to give you an enjoyable customised experience whilst allowing us to provide services and features that most likely meet your needs. We only collect personal data from you through data inputted through enquiry forms (if submitted), newsletter subscriptions (if joined) and site usage data. We do give you the option to access our sites’ homepages without subscribing or registering or disclosing your personal data. Please note that we do not intend to collect any personal data from children under thirteen years of age and no child under thirteen should submit any personal data to any of the sites. Should we discover that any such personal data has been delivered to any of the sites, we will remove that information as soon as possible.
Under the GDPR and the Data Protection Act 2018, you have the following rights:
Your personal data is stored on servers in the United Kingdom. If we share your personal data with any third-party service provider in the course of providing you with our services, those third parties are required to process your data in accordance with contracts which comply with current European data-protection legislation.
Information collected at one site may be used by any other Empower London Foundation services for the purposes listed above. We may also disclose your personal data to other third parties, including, without limitation, professional advisers, or governmental or State institutions or regulatory authorities, where necessary in order to exercise or defend legal rights or where required by law. We may transfer, sell or assign any of the information described in this policy to third parties as a result of a sale, merger, consolidation, change of control, transfer of assets or reorganisation of our business.
We are committed to keeping the data you provide us secure and will take reasonable precautions to protect your personal data from loss, misuse or alteration. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features described above to try to prevent unauthorised access. We have implemented information security policies, rules and technical measures to protect the personal data that we have under our control from:
All our employees, contractors and data processors (i.e. those who process your personal data on our behalf, for the purposes listed above), who have access to, and are associated with the processing of your personal data, are obliged to keep the information confidential and not use it for any other purpose than to carry out the services they are performing for us in line with the standards set out in the GDPR.
In line with our contractual obligations we share personal data about participants with The London Festival Limited. We also share personal data with third parties who process our data for the purposes of providing services to you, such as email providers, digital file storage providers, those processing credit card payments, our online invoicing system. Our chosen processors to help us do this include Google Analytics, Salesforce, Affino and Dotmailer.
Finally, we will share data with the appropriate authorities (e.g. police, law enforcement agencies and other parties) where we have a legal obligation. For example, for the detection and prevention of fraud, or where data is required in relation to a criminal offence.
We do not sell or share data with any other third parties other than those listed above, covered under the trading data clause and where we use a third party to securely process our data on our behalf.