1. Who we are
11+ Anonymous (“we” or “us”) is a UK campaign website created by Comprehensive Future Ltd. We have our registered office at 52 Bushy Park Road, Teddington, TW11 9DG. Data controllers of your personal data and inquiries regarding this privacy notice and data subject rights can be made to firstname.lastname@example.org or via our contact form.
2. Scope of this Privacy Notice
This Privacy Notice aims at informing website visitors, contributors and other stakeholders about how we process personal data. We are committed to processing personal data responsibly, securely, and proportionally throughout our business.
3. How we collect your personal data
If you share your comment or story on the 11+ Anonymous website, this process is intended to be anonymous, and we don’t want to know your name or any other identifying details for this purpose. We also take other steps to ensure that, where possible, we do not collect or retain personal information about you when you are filling in this form, including your IP address or location.
However, there are other circumstances in which we will obtain personal information from you when you or interact with us. For example, when you enquire about our activities using email or otherwise provide us with personal information.
4. The personal data types we collect
In the circumstances noted above, we may collect the following types of personal data about individuals, including: General personal data types such as location email addresses, names, telephone numbers etc. These are processed when we engage in email, phone, or correspondence relating to people who contact us.
5. The lawful bases for processing your personal data
We process personal data on the bases of legitimate interest, based on the use of this data in ways that people would reasonably expect, for example storing an email address that is provided to us deliberately for future contact.
6. What we do with your personal data
We process your personal data with the purpose of:
• Enhancing our research or undertaking additional research with trusted parties to provide insights and produce speciality knowledge to advocate for change
• Undertaking awareness raising to advocate for policy reform, and to increase awareness through media publications
• Promoting our message and mission (marketing)
• Complying with legal and regulatory obligations
• Explicit consent must be obtained from 11+ Anonymous before the testimonies can be used or analysed in anyway by any external parties
7. How we secure your personal data when we process it
We have put appropriate technical and organisational security policies and procedures in place to protect personal data (including sensitive personal data) from loss, misuse, alteration or destruction. We aim to ensure that access to your personal data is password protected. All data stored are restricted only to those who need to access it. Those individuals who have access to the data are required to maintain the confidentiality of such information. We install and regularly update all security and anti-virus software in use on all of our systems. Please be aware that the transmission of data via the Internet is not completely secure. Whilst we do our best to try to protect the security of your personal data, we cannot ensure or guarantee the security of your data transmitted to our site.
8. Do we share personal data with third parties?
We may occasionally share personal data with trusted third parties to help us develop research and deliver efficient and quality services. When we do so, we ensure that recipients are contractually bound to safeguard the data we entrust to them before we actually share the data. We may engage with several or all of the following categories of recipients:
• Parties that support us as we provide our services (e.g., cloud-based software services such as Google Drive)
• Our professional advisers, including lawyers, auditors and insurers
• Law enforcement or other government and regulatory agencies (e.g.NSPCC) or to other third parties as required by, and in accordance with applicable law or regulation
• Research partners
8. Do we transfer your personal data outside the European Economic Area?
We store personal data on servers located in the European Economic Area (EEA) and outside of the EEA, namely the US. We transfer personal data to reputable third party service providers, namely Google Drive, situated both inside and outside the EEA. Please refer to their websites for further information about their personal data handling. Each organisation is required to safeguard personal data in accordance with our contractual obligations and data protection legislation.
10. Your data protection rights
You have the following rights in relation to your personal data that we process. You can exercise your rights by emailing us at email@example.com including:
• Right to Withdraw Consent – You can withdraw your consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent. It may mean we are not able to provide certain products or services to you and we will advise you if this is the case.
• Right to rectification and erasure – You can ask us to correct our records if you believe they contain incorrect or incomplete information about you or ask us to erase your personal data after you withdraw your consent to processing or when we no longer need it for the purpose it was originally collected
• Right to restriction of processing – You can ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise, or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction
• Right to Object – You can object to our use of your personal data for direct marketing purposes, including profiling or where processing has taken the form of automated decision making. However, we may need to keep some minimal information (e.g., email address) to comply with your request to cease marketing to you
• Right to make a complaint to the UK Information Commissioner’s Office (https://ico.org.uk/concerns/handling/) regarding any concerns you may have about our data handling practices. We may need to request specific information from you to help us ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it.
11. How long do we retain personal data?
We retain personal data to comply with applicable laws, regulations, and professional obligations that we are subject to. Unless a different time frame applies as a result of business needs or specific legal, regulatory, or contractual requirements, we retain personal data for a period of 5 years.
12. Do we link to other websites?
Our websites may contain links to other sites, including sites maintained by Comprehensive Future that are not governed by this Privacy Notice. Please review the destination websites’ privacy policies before submitting personal data on those sites. Whilst we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content, security, or privacy practices employed by other sites.
13. Do we change this Privacy Notice?
We regularly review this Privacy Notice and will post any updates to it on this webpage. This Privacy Notice was last updated 8th August 2022.
14. Contact us
If you have any concerns as to how your data is processed, you can contact us by emailing firstname.lastname@example.org or by using our contact form. We will respond to your queries within 30 days from when we receive them.