Privacy Policy

Privacy Policy

Effective Date: 20th October 2023

1. Introduction

Welcome to Potential Kids, a charity dedicated to providing learning, social, and sports opportunities to neurodiverse children and young people in the United Kingdom. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in compliance with data protection laws, including the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and other applicable regulations in England and Wales.

2. Definitions

  • “Potential Kids,” “we,” “our,” or “us” refers to the charity organisation, Potential Kids.
  • “You” or “your” refers to individuals, including parents or guardians of neurodiverse children and young people, who interact with Potential Kids.

3. Information We Collect

We collect various types of personal information, including but not limited to:

  • Names and contact information of individuals and parents/guardians.
  • Data related to neurodiverse children and young people, such as their names, ages, and relevant medical information.
  • Payment and financial information for donations and payments made through Stripe, SumUp, and other payment processors, in compliance with UK financial processing legislation, which includes the Payment Card Industry Data Security Standard (PCI DSS).

4. How We Use Your Information

We use personal information for the following purposes:

  • Providing learning, social, and sports opportunities to neurodiverse children and young people.
  • Processing donations and payments through Stripe, SumUp, and other payment processors, in accordance with UK financial processing legislation, including PCI DSS.
  • Analysing website traffic and user behaviour using Google Analytics to improve our website and services.
  • Managing events and bookings through Ticket Tailor.
  • Sending newsletters, updates, and information about our activities via Mailchimp.
  • Responding to enquiries and requests.
  • Complying with legal obligations and regulations.

5. Data Security

We implement security measures to protect personal information from unauthorised access, disclosure, alteration, and destruction. Access to personal information is restricted to authorised personnel only. While we make every effort to maintain the highest standards of data security, it’s important to understand that no system is completely immune to risks. We cannot guarantee absolute security, but we are committed to continuously improving and updating our security practices to safeguard your personal information to the best of our abilities.

6. Data Retention

We retain personal information for as long as necessary to fulfil the purposes for which it was collected and to comply with applicable laws.

7. Your Rights Under GDPR

Under GDPR, you have rights regarding your personal information, including:

  • Access to your data.
  • Correction of inaccurate information.
  • Deletion of your data under certain circumstances.
  • Restriction of processing.
  • Objection to processing.
  • Data portability.

You can exercise these rights by contacting us at [email protected]. Please note that some GDPR requests related to third-party processors may need to be made directly to those processors in accordance with their respective policies.

8. Third-Party Processors

We may use third-party processors to handle personal information on our behalf. These processors are required to maintain data protection standards and not use your information for their own purposes. Please review the privacy policies of these third-party processors for further information on how they handle your data.

9. Social Media Use

When you interact with us on social media platforms, we may collect and process information you share with us. We will handle this data in accordance with this Privacy Policy.

10. Marketing via Mailchimp

We use Mailchimp, an email marketing platform, to send newsletters and updates to subscribers who have provided their consent. Subscribers can opt out at any time by following the unsubscribe link in our emails or by contacting us.

11. Contacting Us

If you have questions or concerns about this Privacy Policy or your personal information, please contact us at:

  • Email: [email protected]
  • Charity Number: 1182917
  • Company Number: 10912345
  • Registered Address: Potential Kids, Welwyn Hatfield CVS, Gracemead House Woods Avenue, Hatfield, Herts, United Kingdom, AL10 8HX

12. Contacting Us via Social Channels

You can also reach out to us via our official social media channels. Please note that any information shared through social media may be subject to the respective platform’s privacy policies and terms of use.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal compliance purposes. Any updates will be posted on our website, and the “Effective Date” at the beginning of this policy will be revised accordingly.