Privacy Policy & GDPR Statement
Last updated: December 2025
Hinckley Wharf CIC
Hinckley Wharf CIC (“we”, “us”, “our”) is committed to protecting the privacy and personal data of everyone who interacts with our organisation. This Privacy Policy explains how we collect, use, store and safeguard your information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all applicable privacy laws.
1. Who We Are
Hinckley Wharf CIC
Registered Office:
The Atkins Building,
Lower Bond Street,
Hinckley,
Leics,
LE10 1QU
Operating Address:
The Wharf,
Coventry Road,
Hinckley,
LE10 0NQ
Data Protection Manager:
Mr George Seward
Email: info@hinckleywharf.org.uk
Mr Seward is responsible for overseeing compliance with this Privacy Policy and for handling all data protection enquiries.
2. What Personal Data We Collect
We may collect and process the following categories of personal data:
2.1 Data You Provide Directly
-
Name
-
Email address
-
Telephone number
-
Postal address
-
Enquiry details submitted through contact forms or emails
-
Information provided when applying for membership, volunteering, or booking facilities
-
Information relating to safeguarding or incident reports
2.2 Automatically Collected Data
When you visit our website, we may collect:
-
IP address
-
Browser type and version
-
Device information
-
Pages visited and time spent on the site
-
Cookie preferences
2.3 Data from Partner Organisations
As a CIC supporting community groups, we may receive limited data from:
-
Brookfield Fishers
-
Hinckley Sea Cadets
-
Hinckley Water Activities Club
-
Hinckley Boat Club
This data is only shared where necessary for operational, safety, or safeguarding purposes.
3. How We Use Your Personal Data
We use your data for the following purposes:
-
To respond to enquiries and provide information
-
To manage membership, bookings, and access to facilities
-
To coordinate activities with partner organisations
-
To maintain safety and safeguarding records
-
To send important operational updates
-
To comply with legal and regulatory obligations
-
To improve website functionality and user experience
We do not use your data for unsolicited marketing and we do not sell your data to third parties.
4. Lawful Bases for Processing
Under UK GDPR, we rely on the following legal bases:
-
Consent – when you voluntarily submit a form or request information
-
Legitimate interests – to operate and manage the Wharf safely and effectively
-
Contract – where we enter into an agreement with you
-
Legal obligation – for safeguarding, incident reporting or compliance with CIC regulation
-
Vital interests – where processing is necessary to protect someone’s life or safety
5. How We Store and Protect Your Data
We take data security seriously. Measures include:
-
Encrypted email services
-
Secure password-protected systems
-
Access controls restricting data to authorised personnel only
-
Regular security reviews
-
Secure disposal of digital and paper records
-
SSL encryption on our website
We do not store payment card information on our website.
6. Data Sharing & Third Parties
We may share data with:
-
Partner organisations (only when necessary for operational or safety reasons)
-
Emergency services or safeguarding authorities
-
IT providers who manage our website or email systems
-
Legal or regulatory bodies when required
Any third-party providers are contractually obliged to comply with UK GDPR.
We do not share your information with advertisers or unrelated organisations.
7. Cookies & Website Analytics
Our website uses cookies to ensure basic site functionality and to improve user experience.
Cookies include:
-
Essential cookies – required for the site to work
-
Analytical cookies – e.g., Google Analytics (only used with consent)
-
Preference cookies – to remember your cookie settings
You can manage or withdraw cookie consent at any time.
8. Your Data Protection Rights
Under UK GDPR you have the following rights:
-
Right to be informed – about how your data is used
-
Right of access – request a copy of your data
-
Right to rectification – correct inaccurate information
-
Right to erasure (“right to be forgotten”)
-
Right to restrict processing
-
Right to data portability
-
Right to object
-
Rights relating to automated decision-making (not used on this site)
To exercise any of these rights, contact:
info@hinckleywharf.org.uk
9. Data Retention
We only keep personal data for as long as necessary for the purpose it was collected.
Typical retention periods include:
-
Enquiries: up to 12 months
-
Membership/booking records: up to 6 years
-
Safeguarding or incident reports: in accordance with statutory requirements
-
Financial or legal records: 6 years
After this period, data is securely deleted or anonymised.
10. Children’s Data
As we support youth organisations, including Hinckley Sea Cadets, we may handle limited data relating to young people.
We ensure:
-
Safeguarding compliance
-
Minimal data collection
-
Secure storage
-
Access limited to authorised, DBS-checked individuals
We never publish or share children’s data publicly.
11. Links to External Websites
Our website links to partner organisations and other third-party sites.
We are not responsible for the privacy practices of these external websites.
12. Complaints
If you have concerns about how we manage your data, please contact:
Data Protection Manager:
Mr George Seward
Email: info@hinckleywharf.org.uk
You also have the right to complain to the Information Commissioner’s Office (ICO):
https://ico.org.uk/
13. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be published on this page with an updated “last modified” date.
Last updated: December 2025