Privacy Policy
This Privacy Policy explains how Epping for Everyone collects, uses, and protects your personal data in compliance with the UK GDPR and Data Protection Act 2018.
Throughout this policy, "we" refers to Epping for Everyone, while those using our services are referred to collectively "you" or "your".
Last Updated: 25/11/2025
What data we collect
-
Website: Hosted on Wix; may collect basic analytics data (non-identifiable).
-
Newsletter: email addresses (via Wix).
-
Event tickets: data collected by Eventbrite (we do not store this data locally).
-
Merchandise orders: name, sizes and delivery address. Only sizes are shared with our third party supplier. We delete this data after delivery.
-
Donations: data processed through Collectiv (we do not store payment details).
How we use your data
-
To send newsletters (with your consent).
-
To process event registrations and merchandise orders.
-
To fulfil legal obligations related to donations.
-
To improve our website and services.
We do not sell or share your data for marketing purposes.
Legal basis for data processing
We process your data based on:
-
Consent (newsletter subscription).
-
Contract (merchandise delivery).
-
Legitimate interest (event participation and charity operations).
Data sharing
We use trusted third-party providers. Each has its own GDPR-compliant privacy policy:
Data retention
We retain your data for a certain period depending on the use:
-
Newsletter emails: until you unsubscribe.
-
Merchandise delivery details: deleted after fulfilment.
-
Event and donation data: retained only as required by law by our third-party providers.
Data retention
Under UK GDPR, you have the right to:
-
access your data
-
correct inaccuracies
-
request deletion
-
withdraw consent
We take appropriate measures to protect your data against unauthorized access, loss, or misuse.
For questions or to exercise your rights, contact eppingforeveryone@gmail.com.