Privacy Policy 

Leys Community Development Initiative (Hereinafter “We” “Us” “Our”) take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR).

What personal data do we collect?

We currently collect and process the following personal data:

Name, Contact Information including email address, Telephone Numbers and company details, Payment card information for billing

Why do we collect personal data 

Under UK GDPR, the lawful basis we rely on for collecting and processing your personal data is:

We collect Personal Data for Recruitment, employment and selection for Volunteers. We collect personal data for safeguarding. You may provide us with information about you when you submit an enquiry form on our website, write to us, call us, or when you make or enquire about making a donation or Projects you wish to support, gift aid status etc. and information you provide in any correspondence with us. You may also provide us with marketing and communications preferences and in some cases an indication of your consent for us to perform certain processing activities on your personal data. Information that is of vital importance to the future protection of an individual e.g. safeguarding notes will be securely archived and stored as long as express agreement is obtained from the data subject or in the case of children and young people up until the age of 21 or for 5 years, dependant on which is later. 

How we collect personal data

Under UK GDPR, the lawful basis we rely on for collecting and processing your personal data is Consent. You are able to remove your consent at any time by contacting us (See “How to contact us”), Contractual obligation, Legal obligation, To perform a public task, Legitimate interest, or Vital interest.

If you would like to find out more or contact us, please see How to Contact Us at the bottom of the document.

Usage Data

We may also collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. 

Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

• We use Session Cookies to operate our Service.
• Preference Cookies – We use Preference Cookies to remember your preferences and various
• Security Cookies – We use Security Cookies for security purposes.

Who do we share your personal data with 

We will only share your data with Personal Data is only shared within Individuals of the organisation , Public government organisations and services and Other Third Party organisations It includes voluntary and community organisations (both registered charities and other organisations such as associations, self-help groups and community groups), social enterprises, mutuals and co-operatives. .

We may also need to:

  • disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations;
  • share some personal data with other parties, such as potential buyers of some or all of our business or during a restructuring—usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations.

If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).

If you would like to find out more or contact us, please see How to Contact Us at the bottom of the document.


We may use third-party Service Providers to monitor and analyse the use of our Service.

Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.

You can opt out of having your activity on the Service made available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

Google Analytics also collects Internet Protocol (IP) addresses to provide and protect the security of the service, and to give website owners a sense of which country, state or city in the world their users come from (known as geo-location).

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page:

Where we store your personal data 

We will only store your data with/on Leys CDI store data in our own offices.

How long your data will be kept 

We will keep your personal data as long as it’s necessary. 

We may require your data to respond to any questions, complaints or claims made by you or on your behalf; to show that we treated you fairly; to keep records required by law. 

When your personal data is no longer necessary, we will dispose of your personal data by deleting or anonymising it.

Please contact us if you have any questions (see “How to contact us”).

Your rights

You have the following rights, which you can exercise free of charge:

  • Access – The right to be provided with a copy of your personal data
  • Rectification – The right to require us to correct any mistakes in your personal data
  • Erasure (also known as the right to be forgotten) – The right to require us to delete your personal data—in certain situations
  • Restriction of processing – The right to require us to restrict the processing of your personal data in certain circumstances, eg if you contest the accuracy of the data
  • Data portability – The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
  • To object – The right to object:
    • at any time to your personal data being processed for direct marketing (including profiling);
    • in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.
  • Not to be subject to automated individual decision making – The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. 

For further information on each of those rights, If you would like to find out more or contact us, please see How to Contact Us at the bottom of the document.

Or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights.

If you would like to exercise any of the above rights, please see How to Contact Us at the bottom of the document With enough details about yourself, as well as what right you want to exercise and to what information.

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures in place to deal with any suspected data security breach. We will notify you and the ICO of a suspected data security breach where we are legally required to do so.

Changes to this policy

This privacy notice was published on 13-04-2023 and last updated on 13-04-2023.

We may change this privacy notice from time to time—when we do we will inform you via Email or Website.

How to complain

If you have any concerns about our use of your personal information, if you would like to make a complaint, please see How to Contact Us at the bottom of the document.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:            

Information Commissioner’s Office

Wycliffe House,

Water Lane,




Helpline number: 0303 123 1113

ICO website:

How to contact us

The person responsible for our organisation’s GDPR processes:

Name: Kirk Wheeler

Number: 01865 395908


Address: The Clockhouse, Long Ground, Greater Leys, OX4 7FX, United Kingdom