1. What is your personal data and how does the law regulate our use of it?

“Personal data” is information relating to you as a living, identifiable individual. We refer to this as “your data”.

The UK-GDPR and Data Protection Act 2018, (DPA 2018) requires The Happy Confident Company as data controller for your data to:

2. Information about you

We may collect personal information from you when you:

This personal information may include but is not limited to the following information about you:

3. How we use this information

(a) Your personal information will only be used by us to:

(b) When you subscribe to our e-newsletter we ask you for consent to store your information and to contact you. We will only send you our newsletter for as long as you continue to consent.

(c) If you do not want to receive information from us, contact us by email at contact@happyconfident.com with the word “unsubscribe” in the subject field.

(d) The Happy Confident Company will not share your personal details with third parties, except where companies are providing services on our behalf, such as processing donations or orders. For example, when you make an online donation via JustGiving, or any of our charity partners directly, you are going through to a partner company and the information you give, such as your credit card number and contact information, is provided so that the transaction can take place.

(e) We use Klaviyo as our marketing automation platform. The information you provide when signing up to any of our mailing lists will be transferred to Klaviyo for processing in accordance with their Privacy Policy and Terms.

4. Your rights under Data Protection Law

You have the following rights under Data Protection Law:

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at: contact@happyconfident.com

Further guidance on your rights is available from the Information Commissioner’s Office.

6. The lawful basis on which we process your data

The UK-GDPR and DPA 2018 require that we provide you with information about the lawful basis on which we process your personal data, and for what purpose(s).

The lawful basis for processing your personal data is contained within Article 6 of the UK-GDPR which states:

Processing shall be lawful only if and to the extent that at least one of the following applies:

  1. The data subject has given consent to the processing of his or her personal data for one or more specific purposes
  2. Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
  3. Processing is necessary for compliance with a legal obligation to which the controller is subject
  4. Processing is necessary in order to protect the vital interests of the data subject or of another natural person
  5. Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  6. Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

7. Sharing your data

We do not, and will not, sell your data to third parties. We will only share it with third parties if we are allowed or required to do so by law.

Examples of bodies to whom we are required by law to disclose certain data include, but are not limited to:

UK agencies with duties relating to the prevention and detection of crime, apprehension and prosecution of offenders, safeguarding, or national security.

We may share data with government departments, crime prevention and law enforcement agencies when required or considered appropriate in the circumstances and with the proper consideration of your rights and freedoms (in cases where the law places a duty on us to report).

Where personal information is shared with third parties, we will seek to share the minimum amount of information necessary to fulfil the purpose.

8. Data retention

We retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purpose of satisfying any legal, accounting, regulatory, disciplinary or reporting requirements.

9. Security

We adopt data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored with respect to our Site. Data that we have collected is held on protected devices, including where it is held as part of a back-up version. We use layered security software to prevent unauthorised access, alteration, disclosure or destruction of the data. Our security system is subject to regular audit and testing.

10. Cookies

Our Cookie Policy is in the process of being rewritten, if you have any questions regarding our policy please contact: contact@happyconfident.com

If you would prefer that we do not use cookies, you should adjust your browser settings to reject cookie use. Where we use cookies for site security, or to ensure the proper functioning of the site (for example via the use of load-bearing cookies), we do not require your consent to the use of these cookies. We have a legitimate interest in their use and we process all data, as collected by those cookies, on that basis.