Privacy Policy

How we protect and respect your privacy

At Mind the Digital Gap we are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. It includes data that we hold electronically and in paper files.

Applicable to:

  • Mind the Digital Gap service users
  • Mind the Digital Gap volunteers
  • Website visitors
  • All others for whom Mind the Digital Gap provides a service

1. How and why we process personal data

We will process data to deliver the services Mind the Digital Gap provides to you; to administer requests, service bookings, and for volunteer management.

We confirm, when processing data that we will comply with the provisions of all relevant data protection legislation and regulation.

We do not sell, rent or lease any of the personal information collected from you to third parties. We do not use or disclose sensitive personal information, such as race, religion, or political affiliations (in the event that we become aware of any), without your consent.

What personal information we collect

The personal information that we collect will depend on what capacity you engage with Mind the Digital Gap i.e. to provide you with a requested service, or for volunteer purposes. These may include (the list is non-exhaustive):

  • Personal Identifiable Information (Names, email address, postal information, phone number, date of birth)
  • IP addresses (collected for security and spam prevention purposes - see Security section below)
  • Service preferences and interests
  • Information provided in forms, surveys, or feedback

Where we collect personal information from

Service enquiry forms, telephone, in person, email, website enquiry form (general enquiries, service bookings, questionnaires or surveys), at events (event feedback/surveys).

Legal bases for processing data

The legal bases for the processing of client data where a formal agreement exists is under the following paragraphs of the General Data Protection Regulation (GDPR): Article 6 1(b), the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, and Article 6 1.(f), it is in the legitimate interests of the data controller or a third party.

Our legitimate interest means the interests of our organisation in conducting and managing our business to enable us to give you the best service. Safeguards have been put in place to ensure we achieve the correct balance between both our interests.

Where no formal contract exists, the legal basis for processing personal information is consent provided via email, in person, booking forms, over the telephone or at a marketing event.

How we use your personal data

The purposes for which personal information is processed may include any of the following (the list is not exhaustive):

  • Deliver services and provide digital skills support
  • Verify identity where this is required
  • Communication by post, email or telephone
  • Understand needs and how they may be met
  • Maintain records for the purpose of service delivery
  • Manage volunteer relationships
  • Process service requests and bookings

Who has access and why?

Data will be held and processed depending on the service/s you have requested and receive from Mind the Digital Gap.

Only those staff and volunteers who have a legitimate need to access data will be authorised to do so. We may also be required to share your data with some third parties. For example, if we have a problem with some software it may be necessary to provide the software supplier with specific data. However, where this is necessary we only disclose the information that is required to resolve the issue, and we have a contract in place that requires them to keep your information secure and not to use for their own purposes.

Examples of third parties could include (this list is non-exhaustive):

  • Software providers
  • Website hosting provider
  • Electronic communication providers
  • Partner organisations (The Roy Fletcher Centre, Good Things Foundation) where necessary for service delivery

How long we retain your personal data

To meet our legal data protection and privacy obligations, we only hold on to your information for as long as we need it and for the purposes we acquired it for in the first place.

Where we have a formal agreement, we will collect personal data and retain for as long as required under current legislation. Where we don't have a formal contract and you have submitted your data in person, via email, over telephone or at a marketing event, we shall keep your personal information on our database, subject to an individual's right to unsubscribe or be forgotten at any time. Please see the Your Rights section below.

2. Using our website & social media

Information Collection

We may collect information about the software on your computer (your browser version etc) and your IP address (your connection with the internet) in order to improve your interaction with our website. This may happen automatically without you being aware of it.

We may use cookies (small text files which we and other website operators store on your computer when you visit our websites) to deliver a better and more personalised interaction. They enable us to recognise you when you return to the website, store information about your preferences, and improve the way your searches are processed. This helps us to better manage and develop our website, to provide you with a more enjoyable, customised service and experience in the future, and to help us develop and deliver better products and services tailored to your individual interests and needs.

Cookies also enable us to generate statistics about the number of visitors we have and how they use the website and the internet to improve the service we provide. You can set your browser to reject our cookies if you wish (you should consult your browser help section for details), but this might restrict your use of the website and other websites.

Any social media posts or comments you send to us (on our Facebook page or Twitter) will be shared under the terms of the relevant social media platform on which they are written and could be made public. Other people, not us, control these platforms. We are not responsible for this kind of sharing. We recommend you should review the terms and conditions and privacy policies of the social media platforms you use.

Cookies & Our Website

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide statistical information. Our use of Cookies is strictly limited to ensuring the functionality of the website and to capture statistical information in an anonymous form. We do not identify or capture personal identifiable data.

On this website we may use cookies to enable website functionality and to capture statistical information. We use this information to compile statistical reports and to help us improve the website for the benefit of our users.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.

Website Security & IP Address Collection

To protect our website and users from spam, abuse, and security threats, we collect and temporarily store IP addresses when you submit forms on our website. This includes:

  • Contact form submissions
  • Volunteer application forms
  • Any other interactive forms on our website

How we use IP addresses: We use IP addresses solely for security purposes, including:

  • Preventing spam and automated form submissions
  • Rate limiting to ensure fair access to our services
  • Detecting and blocking malicious activity (such as attempted security attacks)
  • Security logging and monitoring

Legal basis: We process IP addresses under GDPR Article 6(1)(f) - legitimate interests. Our legitimate interest is protecting our website and users from abuse, spam, and security threats.

Retention: IP addresses are automatically deleted after 30 days of inactivity. Active IP addresses (those that have submitted forms recently) are retained only for as long as necessary to enforce rate limiting (typically 24 hours for rate limit data). Security logs may retain IP addresses for longer periods where necessary to investigate security incidents.

Sharing: We do not share IP addresses with third parties except where required by law or to protect our legitimate security interests. IP addresses are not used for marketing purposes or shared with advertising partners.

If you have concerns about IP address collection or wish to exercise your rights regarding this data, please contact us at info@mindthedigitalgap.co.uk.

3. Your Rights

You have a number of rights under GDPR:

Right of Access

You have the right, subject to a number of exceptions, to know what information we hold about you.

Right to Rectification

You have the right to have any information we hold about you corrected if inaccurate or incomplete.

Right to Erasure

You have the right to ask us to delete personal information about you where:

  • You consider that we no longer require the information for the purposes for which it was obtained.
  • We are using that information with your consent and you have withdrawn your consent.
  • You have validly objected to our use of your personal information
  • Our use of your personal information is contrary to law or our other legal obligations.

Right to Object

  • You have the right to object our processing of your personal data on the basis of legitimate interest, for direct marketing or for processing service bookings.
  • We will stop processing your data on the basis of legitimate interest unless there are compelling legitimate grounds for us to continue.
  • We will stop any processing of your data for direct marketing as soon as we receive an objection.

Right to Restrict Processing

You have the right to restrict processing of your data in certain circumstances, such as when there is a question over the way in which we are using it.

Automatic Processing

We will not make any decision regarding you by purely automated means.

Withdrawing consent using your information

Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.

Please contact us by emailing info@mindthedigitalgap.co.uk or by calling 01743 341300 if you wish to exercise any of these rights or have any queries regarding how we use/store your information.

Last updated: December 2025