Last updated: 12th September, 2025.
Bridging the Gap (“we,” “our,” “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website, subscribe to our newsletter, take part in our programmes, or otherwise engage with us.
1. Who We Are
Bridging the Gap is a community-led initiative supporting refugees and asylum seekers in accessing and progressing in higher education and research.
We are the data controller for personal data collected through this website and related services.
Contact details:
Email: bridgingthegap.wales@gmail.com
Address: [insert organisation address]
If you have any concerns, you may also contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.
2. What Data We Collect
We may collect and process the following information:
– Contact details: name, email address, phone number (if provided).
– Subscription details: preferences for newsletters, updates, and opportunities.
– Programme participation data: application forms, feedback, or mentoring records.
– Technical information: IP address, browser type, cookies, and site usage (via analytics tools).
– Donation or event data (if applicable): payment details are processed securely by third-party providers—we do not store full card details.
3. How We Use Your Data
We use your personal data to:
– Send you newsletters, updates, and opportunities (only if you consent).
– Manage participation in our programmes and events.
– Respond to enquiries and provide support.
– Monitor and improve our website and services.
– Meet legal or regulatory obligations.
We will not use your personal data for marketing by third parties.
4. Legal Basis for Processing
We rely on the following lawful bases under the UK GDPR:
– Consent – when you subscribe to our newsletter or agree to receive communications.
– Contract – when you engage with us to participate in our programmes.
– Legitimate interests – for running our website and improving services.
– Legal obligation – where we must comply with law (e.g., financial reporting).
5. How We Share Your Data
We do not sell your data. We may share it with:
– Service providers (e.g., email and IT providers) who support our work.
– Regulators or authorities, if required by law.
If we transfer data outside the UK (for example, email services based in the US), we ensure appropriate safeguards (such as standard contractual clauses) are in place.
6. How Long We Keep Data
We keep your data only for as long as necessary:
– Newsletter data – until you unsubscribe.
– Programme data – for the duration of the programme plus up to [X years] for reporting.
– Website analytics – typically anonymised and retained for [e.g., 26 months].
After these periods, data will be securely deleted or anonymised.
7. Your Rights
Under UK GDPR, you have the right to:
– Access the personal data we hold about you.
– Request correction of inaccurate or incomplete data.
– Request deletion of your data where appropriate.
– Withdraw consent at any time (e.g., unsubscribe from emails).
– Object to processing based on legitimate interests.
– Lodge a complaint with the ICO (www.ico.org.uk).
8. Cookies
Our website may use cookies to enhance user experience and collect anonymous analytics. You can set your browser to refuse some or all cookies. For more details, see our Cookie Policy.
9. Data Security
We take steps to ensure your personal information is secure, including encryption, access controls, and secure hosting. However, no online transmission is completely secure, and you provide data at your own risk.
10. Updates to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page, and if the changes are significant, we will notify you by email or through the website.