Positive Footprints logo
0333 207 2220
Facebook-f Twitter Linkedin-in Youtube
Positive Footprints white version logo

Privacy Notice

Positive Footprints Privacy Notice

Positive Footprints is part of the Regenda Group and provides personal development programmes for young people. This notice explains how and why we use your personal information, and the rights you have.

We are committed to handling your information fairly, transparently and in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Data (Use and Access) Act 2025 (DUAA).

1. Personal data we collect
We collect information about you when you apply to us either directly or through one of our partners. This may include:

Personal data

  • Programme material i.e. testimonials
  • Images / videos
  • School contact information
  • Website usage, IP address and device data

2. How we collect your information
We collect personal data from:

  • Phone contact, emails and letters
  • Our website, portals and digital tools
  • Automated tools (e.g., sentiment analysis, web analytics)

We will always explain what information is required and why.


3. How we use your personal data
We use your information to:

  • Manage your contract with Positive Footprints
  • Provide resources and support
  • Market products and services  
  • Analyse customer needs, shape services and collect feedback


4. Legal bases for processing
We rely on one or more of the following:

Contract
To manage your contract with Positive Footprints.

Legal obligation
Where processing is required by law.

Legitimate interests
Including:

  • Communicating with you
  • Quality monitoring and staff training
  • Customer surveys through approved partners

We always balance legitimate interests against your rights.

Consent
Where required, such as optional surveys or marketing communications.

You can withdraw consent at any time.

Vital interests
Protecting life or preventing serious harm.

Public interest / substantial public interest
Including safeguarding, preventing fraud, and equality monitoring.

Recognised legitimate interests
We may rely on this basis for:

  • Cybersecurity and system integrity – protecting our digital systems and preventing cyber threats
  • Crime prevention and detection
  • Safeguarding vulnerable individuals – where information is required to protect someone at risk
  • Disclosures to public bodies – where a public body (e.g., local authority, police, fire service) confirms it needs information to carry out its statutory public task
  • Responding to emergencies – such as fires, floods, structural hazards or risks to human welfare


5. Who we share your personal data with
We may share information with:

To deliver services

  • Schools
  • School Partners
  • Business Partners
  • Media
  • Third‑party IT providers
  • Independent research companies


6. International transfers
Where data is processed outside the UK or EEA, we ensure:

  • A UK‑approved adequacy decision is in place, or
  • UK‑approved International Data Transfer Agreements or Standard Contractual Clauses (Article 46 UK GDPR) are used


7. How long we keep your data
We only keep your information for as long as necessary to:

  • Deliver services
  • Meet legal and regulatory requirements
  • Defend legal claims

All information is securely disposed of when no longer required and some data may be anonymised for statistical purposes.


8. Protecting your personal data
We use organisational, technical and physical measures to safeguard data. These include:

  • Identity checks
  • Access controls
  • Encryption and secure systems
  • Incident and breach response procedures

No communication method is completely secure, but we take reasonable measures to reduce risk.


9. Cookies and website analytics
Our website uses cookies to:

  • Improve performance and user experience
  • Personalise content
  • Deliver relevant advertising
  • Understand user behaviour

Google Analytics and Google Signals may be used with your consent. No identifiable Google account data is shared with us.

You can change your cookie preferences at any time.


10. Your rights
You can ask us to:

  • Provide a copy of the personal data we hold (Subject Access Request)
  • Explain how your data is used
  • Correct or update inaccurate information
  • Delete your information (where applicable)
  • Restrict or object to processing
  • Transfer data to another organisation (where applicable)
  • Withdraw consent
  • Challenge automated decision‑making or request human intervention
  • Request explanation of algorithmic tools
  • Raise a complaint if you believe we have not met data protection standards, including fairness, transparency or data access rights

Data protection requests or queries can be made via the contact details below.


11. Contact us
Data Protection Team
The Regenda Group
The Foundry, 42 Henry Street, Liverpool, L1 5AY
Tel: 0151 703 3000
Email: dataprotection@regenda.org.uk


12. Information Commission
You can contact the Information Commission at:

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Telephone number: 0303 123 1113

Website: ico.org.uk

This privacy notice was last updated 22 April 2026