Effective Date: October 22, 2025

At Safe Online Space Cymru (the “Organisation”), we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, interact with our services, or engage with our online safety initiatives in Wales. We operate as a nonprofit promoting digital literacy and combating cyberbullying, and we handle data responsibly under UK data protection laws.

1. Information We Collect

We collect the following types of personal data:

  • Personal Identifiers: Name, email address, postal address (e.g., when you sign up for newsletters, volunteer, or donate).
  • Usage Data: IP address, browser type, pages visited, and time spent on the site (via cookies—see Cookie Policy).
  • Event/Donation Data: Payment details (processed securely via third-party providers like Stripe), preferences for events or pledges.
  • Sensitive Data: In rare cases, details about vulnerabilities (e.g., for safeguarding support), which we handle with extra care.

We do not collect data from children under 13 without parental consent, in line with our safeguarding commitments.

2. How We Use Your Information

We use your data for:

  • Delivering services (e.g., sending event invites or safety resources).
  • Improving our website and programs (e.g., analyzing usage to enhance digital literacy content).
  • Communications (e.g., newsletters on cyberbullying prevention).
  • Legal obligations (e.g., fraud prevention for donations).
  • Fundraising and reporting impact (anonymized where possible).

3. Sharing Your Information

We share data only when necessary:

  • With trusted service providers (e.g., email platforms like Mailchimp, payment processors).
  • With Welsh government partners for collaborative online safety projects.
  • In aggregated/anonymized form for research or reports. We never sell your data. In the event of a merger or acquisition, we’ll notify you.

4. Data Security

We use encryption, firewalls, and access controls to protect your data. However, no system is 100% secure—we’ll notify you of any breach affecting your rights.

5. Your Rights

Under GDPR and UK law, you have rights to:

  • Access, correct, or delete your data.
  • Object to processing or withdraw consent.
  • Request data portability. Contact us at [email protected] to exercise these rights. We’ll respond within one month.

6. International Transfers

Data is stored in the UK/EU; any transfers (e.g., to US-based tools) use Standard Contractual Clauses.

7. Retention

We keep data only as long as needed (e.g., 6 years for donation records) or as required by law.

8. Changes to This Policy

We’ll update this policy and notify you via email or site notice for material changes.

By using our site, you consent to this policy. Questions? Email [email protected].