Logo
Get Involved

Privacy Policy

How We Handle Your Information

Last updated: June 2026

Friends of Wellbeing (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. This policy explains how we collect, use, store, and protect your personal data, and sets out your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Friends of Wellbeing is a Charitable Incorporated Organisation (CIO) registered in England and Wales. We advance health education and relieve those in need within West African-origin communities and beyond.

For the purposes of data protection law, Friends of Wellbeing is the “data controller” of personal data provided to us. If you have any questions about this policy or how we handle your data, please contact us at info@friendsofwellbeing.co.uk or via our Contact Us page.

2. What Personal Data We Collect

We may collect and process the following categories of personal data about you:

  • Identity and contact information: your name, email address, phone number, and any other details you provide when you fill in a form on our website (for example, when registering for an event, signing up as a volunteer, or making a general enquiry).
  • Volunteer information: details about your skills, interests, availability, and any other information you share with us when applying to volunteer.
  • Event registration information: details you provide when registering for our community events, workshops, or awareness sessions.
  • Technical data: your IP address, browser type and version, time zone setting, operating system, and information about your visit, including pages viewed and navigation paths. This is collected automatically via cookies and analytics tools (see our Cookie Policy for details).
  • Communication data: records of correspondence if you contact us directly by email, post, or through our website.

3. How We Collect Your Data

We collect data in the following ways:

  • Directly from you: when you fill in forms on our website, sign up as a volunteer, register for an event, or contact us by email or post.
  • Automatically: as you navigate our website, certain technical information is collected automatically using cookies, server logs, and analytics tools such as Google Analytics.

4. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we use your data in the following circumstances:

  • To respond to your enquiries, process your volunteer application, or manage your event registration.
  • To send you information you have requested about our activities, events, or volunteering opportunities.
  • To improve our website and services by analysing how visitors use our site.
  • To comply with our legal and regulatory obligations as a Charitable Incorporated Organisation.
  • To protect the security and integrity of our website and systems.

5. Legal Basis for Processing

Under UK GDPR, we rely on the following lawful bases for processing your personal data:

  • Consent: where you have given us clear consent to process your data for a specific purpose (for example, when you opt in to receive communications from us).
  • Legitimate interests: where processing is necessary for our legitimate interests as a charitable organisation — for example, responding to your enquiries, managing volunteer relationships, and improving our services — provided those interests are not overridden by your rights and freedoms.
  • Legal obligation: where we need to comply with a legal or regulatory obligation (for example, maintaining records for charity governance).

6. How We Store and Protect Your Data

We take the security of your personal data seriously. We have put in place appropriate technical and organisational safeguards to protect your data from accidental loss, unauthorised access, alteration, or disclosure. These measures include:

  • Encryption of data in transit using HTTPS/TLS.
  • Secure form submissions protected by reCAPTCHA to prevent spam and abuse.
  • Restricted access to personal data on a need-to-know basis.
  • Regular review of our data collection and storage practices.

Your data is stored on secure servers located within the United Kingdom or the European Economic Area (EEA). We do not transfer your personal data outside the UK or EEA unless adequate safeguards are in place.

7. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including to satisfy any legal, accounting, or reporting requirements. The specific retention period will vary depending on the nature of the data and the purpose for which it was collected:

  • Enquiry and contact data: retained for up to 12 months after your last interaction with us.
  • Volunteer records: retained for the duration of your volunteering relationship and for up to 3 years afterwards for reference and safeguarding purposes.
  • Event registration data: retained for up to 12 months after the event.
  • Analytics data:retained in accordance with Google Analytics’ data retention settings (typically 14 to 26 months).

8. Who We Share Your Data With

We do not sell, rent, or trade your personal data to third parties for marketing purposes. We may share your data with trusted third-party service providers who help us operate our website and deliver our services, including:

  • Email service providers (such as Resend) to send you communications related to your enquiries, registrations, or volunteer applications.
  • Google Analytics to understand how visitors use our website.
  • Professional advisers (such as lawyers or accountants) where necessary for compliance or governance.

We require all third parties to respect the security of your personal data and to process it only in accordance with our instructions and the law. We do not allow our third-party service providers to use your personal data for their own purposes.

9. Your Rights

Under UK data protection law, you have the following rights regarding your personal data:

  • Right of access: you can request a copy of the personal data we hold about you.
  • Right to rectification: you can ask us to correct any inaccurate or incomplete data.
  • Right to erasure:you can ask us to delete your personal data in certain circumstances (also known as the “right to be forgotten”).
  • Right to restrict processing: you can ask us to limit the processing of your data in certain situations.
  • Right to data portability: you can request a copy of your data in a structured, machine-readable format.
  • Right to object: you can object to the processing of your data where we rely on legitimate interests as the legal basis.
  • Right to withdraw consent: where we rely on your consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us at info@friendsofwellbeing.co.uk. We will respond to your request within one month. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection.

10. Cookies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and to analyse website traffic. For detailed information about the cookies we use, please see our Cookie Policy.

11. Links to Third-Party Websites

Our website may contain links to external websites, such as social media platforms or partner organisations. This privacy policy only applies to our website. We are not responsible for the privacy practices of third-party sites, and we encourage you to read their privacy policies before submitting any personal data.

12. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal obligations. Any changes will be posted on this page with an updated “Last updated” date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or how we handle your personal data, please contact us: