top of page

Privacy Policy

Drama In Mind CIC 

Privacy Policy

 

Last updated: February 2026

Drama In Mind CIC is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Organisation name: Drama In Mind CIC
Email: info@dramainmind.co.uk

Drama In Mind CIC is the data controller responsible for your personal data.

 

2. Our Commitment to Your Privacy

We take your privacy seriously and are committed to ensuring your personal data is:

  • Used lawfully, fairly, and transparently

  • Collected only for legitimate purposes

  • Accurate and kept up to date

  • Stored securely

  • Not kept longer than necessary

We will never sell your data or share it for marketing purposes.

 

3. What Information We Collect

We may collect and process the following personal data:

  • Name

  • Email address

  • Postal address

  • Telephone number

  • Date of birth (where required)

  • Emergency contact details (where relevant)

  • Volunteering, training or programme participation information

  • Donation and financial transaction details

  • Communication preferences

  • Safeguarding-related information (where required for legal and safety reasons)

 

4. How We Collect Your Information

We collect information when you:

  • Contact us via email, phone, website forms, or social media

  • Sign up for events, workshops, or programmes

  • Apply to volunteer or work with us

  • Make a donation

  • Subscribe to our mailing list

  • Participate in our projects or activities

 

5. Why We Collect Your Information (Lawful Basis)

Under UK GDPR, we must have a lawful reason for using your data. We rely on:

a) Consent

When you explicitly agree for us to contact you, send newsletters, or store your details.

b) Legitimate Interests

To manage our relationship with you, deliver our services, run programmes, communicate about activities, and improve our work.

c) Contract

When processing information required to deliver services, training, or projects you have signed up for.

d) Legal Obligation

To comply with financial, safeguarding, employment, or regulatory requirements.

 

6. How We Use Your Information

We use your information to:

  • Communicate with you

  • Deliver workshops, training, and programmes

  • Process donations and financial records

  • Manage volunteering and participation

  • Provide information about events and resources

  • Maintain internal records

  • Improve our website and services

 

7. Marketing & Communications

We will only send you marketing emails if you have opted in.

You can unsubscribe at any time by:

 

8. Who We Share Your Information With

We do not sell or share your data for marketing purposes.

We may share limited information with trusted service providers who support our operations, such as:

  • Email platforms (e.g. Mailchimp)

  • Payment processors

  • Event booking platforms

  • IT and website support services

All third-party providers are required to keep your data secure and use it only for agreed purposes.

 

9. International Data Transfers

Some of our service providers (e.g. Mailchimp, Google Analytics) may store data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, including:

  • UK International Data Transfer Agreements (IDTAs)

  • Standard contractual clauses

  • Strong security protections

 

10. How Long We Keep Your Data

We only keep your data for as long as necessary:

  • General enquiries: up to 2 years

  • Programme participants: up to 7 years

  • Financial records: minimum 6 years (12 years for Gift Aid)

  • Safeguarding records: retained securely in line with safeguarding legislation

 

11. Children & Young People’s Data

We work extensively with children and young people and take additional care to protect their data.

  • Parental or guardian consent is obtained where legally required

  • Safeguarding data is handled with strict confidentiality

  • Access to sensitive data is strictly limited

 

12. Data Security

We take appropriate technical and organisational measures to protect your data, including:

  • Secure password systems

  • Encrypted storage

  • Restricted staff access

  • Secure cloud platforms

 

13. Data Breaches

In the unlikely event of a data breach, we will:

  • Investigate immediately

  • Notify the Information Commissioner’s Office (ICO) within 72 hours if required

  • Inform affected individuals where there is a high risk to their rights

 

14. Your Rights Under UK GDPR

You have the right to:

  • Access your personal data

  • Request corrections

  • Request deletion

  • Restrict processing

  • Object to processing

  • Request data portability

  • Withdraw consent at any time

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

ICO website: https://www.ico.org.uk

To exercise any of your rights, please email: info@dramainmind.co.uk

 

15. Cookies

We use cookies to improve your website experience and analyse usage.

This includes services such as:

  • Google Analytics

  • Vimeo

  • YouTube

  • Facebook

You can manage your cookie preferences through our website cookie banner.

For more information, please see our Cookie Policy.

 

16. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page.

Next review due: February 2027

bottom of page