Data Protection & Privacy Policy


The purpose of this privacy policy is to explain how KWMCC collects, protects, and uses personal data. KWMCC is committed to ensuring that any personal data supplied by its customers or is otherwise generated by its business activities is collected and processed fairly and lawfully within the requirements of the General Data Protection Regulation (GDPR).

About Cookies

This information is used to analyse overall patterns of web site use.

Cookies are tiny software files that are stored on a computer or mobile device when an individual visits a website. Cookies allow websites to recognise that a user on an individual computer has previously visited the site. The cookies save some information about that user for when they access the site again in the future. You can find out what cookies the KWMCC website use below.

For more information about the different types of cookie, visit the About Cookies website.

Cookie Cookie Name Description
KWMCC viewed_cookie_policy A cookie used to check if visitors have been made aware of this cookie policy.
Google analytics cookies __utma, __utmb, __utmc, __utmz Cookies used to collect information about how our visitors use our site. We use this information to improve your experience. More information can be found here

Who we are

KWMCC is committed to protecting and respecting your privacy and security. Whenever you provide us with your personal information via our website, we will treat that information in accordance with this policy, our terms and conditions and current UK Data Protection legislation.

By using the site and any services we offer via our site, you are agreeing to be bound by this policy.

Please read the following carefully regarding your personal data and how we will treat it. This policy may change from time to time, so please check this page periodically.

KWMCC is a registered charity (number 304779). The registered address is Twelve Acre Approach, Kesgrave, Suffolk, IP5 1JF.

If you have any questions around this privacy policy, you should contact the GDPR Officer on 01473 612648 option 2 or email

How do we collect information from you?

Information you give to us: This could be when you place a booking to hire KWMCC facilities, or attend an activity or event.

Information we get from your use of the KWMCC website: When you visit the site, we collect various personal information which may include your name, address, contact details, IP address, and information regarding which pages are accessed and when.

Who has access to your information?

We will not sell or rent your information to third parties.

We will not share your information with third parties for marketing purposes.

It may be necessary to pass your information to a 3rd party in order to process a service, but we will only share the personal information necessary to deliver the service.

We may use the Mailchimp email marketing platform to keep you up to date with what is happening at KWMCC and on occasion create online surveys via Survey Monkey to gain feedback from hirers regarding the KWMCC facilities and activities, this will help us to continue improving the services and facilities we provide for you. Please use the following links to view each of their privacy policies

How is your information used?

We may use your information to:

  • Process orders/bookings submitted by you;
  • to carry out our obligations arising from any contracts entered into by you and us;
  • verify your identity;
  • seek your views or comments on the services we provide;
  • notify you of changes to our services;
  • improve our services or marketing purposes;
  • Send you communications which you have requested and that may be of interest to you.

These may include information about our events and activities or updates regarding our facilities and services.

How long is your information kept for?

We keep your information for no longer than is necessary for the purposes it was collected for. The length of time we retain your personal information for is determined by operational and legal considerations. For example, we are legally required to hold some types of information to fulfil our statutory and regulatory obligations (e.g. tax/accounting purposes). We review our retention periods on a regular basis.

Lawful Processing

The General Data Protection Regulation (GDPR) requires us to rely on one or more lawful grounds to process your personal information. The following are the grounds we use:

Consent: we can show that an individual has performed a clear affirmative action (such as saying “yes” to a question or ticking an opt-in box) to allow us to process their personal data for a specific purpose.

Contract: the processing is necessary for a contract we have with the individual, or because they have asked us to take specific steps before entering into a contract.

Legitimate interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party unless the interests or rights and freedoms of the individual override those interests


We may use your contact details to provide you with information about our fundraising events as well as our services and facilities, if we think it may be of interest to you. We will only send you marketing communications by email, telephone or post if you have explicitly provided your prior consent. You may opt out of our marketing communications at any time.

Your choices

You have the right to opt out of receiving communications from us at any time by contacting 01473 612648

You can also change the way we contact you at any time by calling our marketing manager on 01473 612648 option 3 or by emailing

In order to opt you out of receiving communications, it is necessary to retain some of your details to ensure we don’t contact you again in future. Your details will only be used for this purpose.

Your rights

The GDPR provides the following rights for individuals, which our organisation provides to you:

  1. The right to be informed
  2. The right of access

You have the right to request to see what information we hold about you, free of charge and within 30 days. If you would like to do this, please contact the centre manager and GDPR officer on 01473 612648 option 2 or by email to

  1. The right to rectification
  2. The right to erasure
  3. The right to restrict processing
  4. The right to data portability
  5. The right to object

The KWMCC General Data Protection Regulation Policy and Procedure applies to all KWMCC Employees, Volunteers and Trustees of KWMCC and any other person contracted to work on behalf of the organisation.

Keeping your information safe

When you give us personal information, we take steps to ensure that it’s treated securely.  We use secure systems that are GDPR compliant to store client data. The measures we use include data encryption, virus/malware protection, hardware/software firewalls and site to site VPN’s to reduce the risk of hacking or data theft. All of our laptops, PC’s and server based user accounts are protected with strong passwords.

Use of ‘cookies’

When you visit the Site, we collect various personal information which may include your name, address, contact details, IP address, and information regarding which pages are accessed and when.  It is possible to switch off cookies by setting your browser preferences.

16 or Under

If you are aged 16 or under, please get your parent / guardian’s permission beforehand whenever you provide us with personal information.


We will always comply with the General Data Protection Regulation (GDPR) when dealing with your personal data.

If you have any concerns or complaints about how we are handling your data, please do not hesitate to get in touch with us on 01473 612648 option 2 or by email to You can also contact the Information Commissioner’s Office at:

Review of this Policy

This policy was last reviewed August 2020. This is kept under regular review and updated where necessary.

• Dependable • Friendly • Creative • One Team • Pride • Customer Focused •