Privacy Policy

Harry’s Legacy of Light is committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and, where applicable, the EU GDPR. This Privacy Policy explains how we collect, use, store, and protect your personal data.

 

 

1. 

Who We Are

 

This Website is operated by Harry’s Legacy of Light, a non-profit initiative based in the United Kingdom. For GDPR purposes, we are the “data controller” of your personal information.

 

Contact: info@harrywithers.org

 

 

2. 

What Personal Data We Collect

 

We may collect and process the following data:

 

• Contact Information: Name, email address, and any message you send via our forms

• Submitted Content: Personal stories, images, or tributes you choose to share

• Donation Details: Payment information handled via a secure third-party processor

• Technical Data: IP address, browser type, device, and usage data via cookies and analytics

 

We do not knowingly collect personal data from children under 13.

 

 

3. 

Legal Basis for Processing

 

Under GDPR, we rely on one or more of the following lawful bases:

 

• Consent: When you voluntarily provide information or opt into communications

• Legitimate Interest: To improve the website, respond to enquiries, and preserve Harry’s legacy

• Legal Obligation: To comply with applicable laws (e.g. charity regulations or data requests)

 

 

4. 

How We Use Your Information

 

We may use your data to:

 

• Respond to your messages or enquiries

• Display your submitted stories or tributes (with your consent)

• Process and acknowledge donations

• Send optional updates (only if you opt in)

• Monitor website usage for improvements and security

 

 

5. 

Your Data Rights 

 

You have the right to:

 

• Access the personal data we hold about you

• Request correction or deletion of your data

• Withdraw your consent at any time

• Object to or restrict processing

• File a complaint with the Information Commissioner’s Office (ICO)

 

To exercise your rights, email us at info@harrywithers.org

 

 

6. 

Data Retention

 

We only retain personal data for as long as necessary for the purposes for which it was collected, or as required by law. Submissions used on the site may be kept unless you request removal.

 

 

7. 

Data Sharing and Storage

 

We do not sell or share your personal data with third parties for marketing.

We may share data with:

 

• Our secure donation/payment processor (e.g. Stripe, PayPal, etc.)

• Website hosting and analytics providers under strict confidentiality terms

 

Data is stored securely and may be transferred to trusted providers outside the UK/EU only if adequate safeguards (e.g. Standard Contractual Clauses) are in place.

 

 

8. 

Cookies and Analytics

 

We use cookies for essential functionality and basic analytics. By using the site, you consent to our use of cookies unless you disable them in your browser.

 

A cookie banner will appear on first visit to inform you and give you control over tracking.

 

 

9. 

Changes to This Policy

 

We may update this policy from time to time. Any changes will be posted here with the revised effective date.

 

 

10. 

Contact Us

 

If you have questions or would like to exercise your rights under GDPR, contact:

info@harrywithers.org