Noa's Place

Privacy Policy

Last updated: 1st January 2024

Noa's Place CIO ("we", "our", "us") is committed to protecting your personal data and respecting your privacy. This policy explains how we collect, use, and store your personal information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

We are Noa's Place CIO, a Charitable Incorporated Organisation registered in England and Wales. Our mission is to create an inclusive community hub for families, with a special focus on supporting neurodivergent children, young people, and adults.

Contact us:
📧 hello@noasplace.org.uk

2. Information we collect

We may collect and process the following types of personal data:

  • Contact details (name, email address, phone number, postal address)
  • Supporter information (sign-ups, donations, Gift Aid declarations, event attendance, volunteering)
  • Website usage data (via cookies and analytics tools such as Google Analytics and Meta Pixel)
  • Communications (emails, messages, or feedback you provide to us)

We will always collect the minimum amount of personal information necessary for our activities.

3. How we use your information

We will only use your data where the law allows. Typically, we use your information to:

  • Keep you updated about Noa's Place and our activities (with your consent)
  • Process donations, Gift Aid claims, or event registrations
  • Manage volunteer and supporter relationships
  • Improve our website and communications through analytics
  • Comply with legal and regulatory requirements

4. Our lawful bases for processing

We rely on one or more of the following lawful bases under UK GDPR:

Consent

where you have actively given permission (e.g., subscribing to our mailing list)

Contract

where processing is necessary to deliver a service or agreement you've entered into with us

Legal obligation

to meet our legal or regulatory duties (e.g., Gift Aid records)

Legitimate interests

for activities that are necessary to run and develop Noa's Place in a way that doesn't override your rights (e.g., improving communications)

5. Who we share your data with

We do not sell your data. We may share your information with:

  • Service providers who help us run our website, communications, or fundraising (e.g., Mailchimp, web hosting providers)
  • Regulators such as the Charity Commission or HMRC where legally required
  • Event or campaign partners, only with your consent

All third-party providers are required to comply with UK GDPR.

6. How long we keep your data

We only keep personal data for as long as necessary:

  • Supporter records: up to 6 years after last contact (for Gift Aid/legal obligations)
  • Mailing list subscriptions: until you unsubscribe
  • Volunteer data: for the duration of involvement + 3 years

After this, your data will be securely deleted or anonymised.

7. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Request deletion of your data ("right to be forgotten")
  • Withdraw consent at any time
  • Object to or restrict processing in certain cases
  • Request transfer of your data (data portability)

To exercise your rights, please contact hello@noasplace.org.uk.

8. Security of your data

We take appropriate technical and organisational measures to protect your data from loss, misuse, or unauthorised access.

9. Cookies and tracking

We use cookies and similar technologies (Google Analytics, Meta Pixel). For details, please see our Cookies Policy.

10. Changes to this policy

We may update this Privacy Policy from time to time. Any significant changes will be communicated on our website.

11. Complaints

If you have concerns about how we handle your data, please contact us. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO): www.ico.org.uk.

Privacy Policy | Noa's Place