Privacy Policy for Beyond Borders UK

1. Introduction

At Beyond Borders UK, we take your privacy seriously and are committed to being transparent about how we collect, store, and use your personal information. This Privacy Policy explains the types of personal data we may collect, how we use it, and your rights in accordance with UK GDPR and the Data Protection Act 2018.

2. Who We Are

Organisation Name: Beyond Borders UK
Status: Charitable Incorporated Organisation (CIO) in England and Wales
Company Number: 16476407
Registered Address: 1 Atlantic Crescent, Wembley, HA9 0UF, United Kingdom
Data Controller Contact:
Email: info@beyondbordersuk.org

You have the right to raise concerns with the Information Commissioner’s Office (ICO).

3. What Personal Information We Collect

Depending on how you interact with us, we may collect:
- Name, title, postal address, phone number, and email address
- Social media handles (if you connect via social platforms)
- IP address and browsing activity (via cookies and analytics tools)
- Donation details (excluding full payment card info—processed securely by third-party providers)
We will only collect special category data (e.g., health, ethnicity) with your explicit consent, unless necessary for safeguarding or legal reasons.

4. How and When We Collect Data

We may collect your personal data when you:
- Contact us via email or phone
- Sign up for newsletters or updates
- Make a donation or support us in other ways (e.g. volunteering)
- Register for events or services
- Engage with us via social media or our website
Some data may also be collected through publicly available sources or research services, where permitted by law.

5. How We Use Your Personal Data

We use your data to:
- Respond to enquiries and correspond with you
- Process and acknowledge donations
- Provide services or support when requested
- Send updates and campaign communications (with your consent)
- Improve our digital services and tailor content
- Manage feedback or complaints
- Comply with legal obligations or prevent fraud

6. Legal Basis for Processing

We rely on:
- Consent: For marketing communications or cookie use
- Contractual necessity: To process donations or provide requested services
- Legal obligation: As required by law (e.g., accounting rules)
- Legitimate interest: For internal improvements and communications, balanced against your rights

7. Sharing Your Data

We do not sell or rent your personal data. We may share it with:
- Payment processors (e.g., Stripe, PayPal)
- IT service providers (e.g., website hosting, analytics)
- Advisors or legal bodies when required by law
All third parties are GDPR-compliant and contractually obliged to protect your data.

8. International Data Transfers

As a charity working with partners, donors, and supporters globally, we may transfer and store your personal data outside the United Kingdom and the European Economic Area (EEA).
When we do so, we ensure appropriate safeguards are in place, including:
- Transfers only to countries deemed to have adequate protection by the UK Government or the European Commission.
- Use of standard contractual clauses (SCCs) or equivalent legal safeguards.
- Ensuring that third-party providers outside the UK/EEA apply strong security measures.
You may request more details by contacting us at beyondbordersuk1@gmail.com.

9. Cookies and Tracking

Our website uses cookies to improve your browsing experience, analyse traffic, and understand how visitors use our site. Cookies are small text files stored on your device.
Types of cookies we use:
- Strictly necessary cookies: Essential for the website to function (e.g., security, donation forms).
- Performance cookies: Help us understand how users engage with the site (e.g., Google Analytics).
- Functionality cookies: Remember your preferences and settings.
- Marketing cookies (if used): Track engagement with campaigns and fundraising efforts.
Your choices:
- On your first visit, you will see a cookie consent banner allowing you to accept or reject non-essential cookies.
- You can also adjust your preferences at any time via your browser settings.
For more details, please see our separate Cookies Policy.

10. Data Retention

We store personal data only as long as necessary:
- Donations and financial records: Retained as required by law (typically 6–7 years)
- Newsletter subscriptions: Held until you unsubscribe
- General enquiries: Kept for a reasonable period to respond appropriately
We regularly review and securely delete personal data that is no longer needed.

11. Your Rights

You are entitled to:
- Access your personal data (subject access request)
- Correct inaccurate or outdated data
- Request deletion of your data (subject to legal requirements)
- Restrict or object to processing
- Withdraw consent for processing that depends on it
- Request portability of your data, where applicable
To exercise your rights, contact us at beyondbordersuk1@gmail.com.

12. Automated Decision-Making

We do not use your personal data for automated decision-making that has legal or significant effects.

13. Complaints

If you are unhappy with how we handle your personal data, contact us using the details in Section 2. You also have the right to complain to the ICO (Information Commissioner’s Office).

14. Changes to This Policy

We may update this Privacy Policy from time to time. Please check the “Last updated” date at the top to stay informed.

15. Contact Details

For any questions or concerns about this Privacy Policy or your personal data:
Email: info@beyondbordersuk.org
Address: 1 Atlantic Crescent, Wembley, HA9 0UF, United Kingdom

Last updated: 28 August 2025