top of page

Privacy & Cookies

Privacy Statement

This information relates to the collection and storage of personal data from members of the public and supporters of the charity. Click here to skip ahead to our Cookies Policy


What is personal and sensitive data?
Personal data is data which can be used to identify you. This may include your name, date of birth, address, telephone number etc.

Sensitive data is information related to any of the following: racial or ethnic origin, political opinions, religious beliefs, trade union membership, health, sexuality, offences and/or convictions.

Legal Basis
Under the General Data Protection Regulation (GDPR) there are six provisions given in Article 6 for the lawful processing of personal data: 


  1. Consent of the data subject 

  2. Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract 

  3. Processing is necessary for compliance with a legal obligation

  4. Processing is necessary to protect the vital interests of a data subject or another person;

  5. Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller 

  6. Necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject 

Our fundraising and marketing activity ensures that we have full consent (point one) of supporters to process their personal information.

Where will you store my data?

HARP gathers a variety of information from different sources.  Much of your data held by HARP is stored securely on electronic systems accessed by members of HARP. Some of these systems are trusted cloud based third parties, such as Enthuse who processes our donations, events and fundraising data, Sales Force who host our donor database, Google, Microsoft and Wix for form data (for example for registering your interest in one of our events or volunteering) and Mail Chimp who process our email marketing campaigns. HARP remains the data controller in all cases, and robust data sharing agreements are in place in all cases. 


 Where paper-based or other data is held, this is stored securely on HARP premises and accessed by HARP.
We have a clear data retention and destruction policy and do not hold data for longer than is necessary.

How do we look after your data?

  • We will always make sure you know why we need information and how it will be used.

  • We will keep your information safe and make sure nobody sees it who should not.

  • We will take it very seriously if your information is not used properly or kept safe.  

  • We will follow the Data Protection Act and any other relevant legislation about keeping your data secure.

  • We will not share your information without your permission unless required to do so by law or it is absolutely necessary. 

  • We will not sell your data or share it with commercial organisations.

What is a Data Controller?
A Data Controller is someone who is responsible for your data and who must make sure that your data is processed according to the law. For example they are responsible for making sure that the information held about you is accurate and that it is kept secure.

What does Data Controller in Common mean?
For the purpose of the Data Protection Act the members of HARP are Data Controllers in common. This means that the members of HARP are responsible jointly for your data. 

For example if you are receiving help from two different HARP sites then both sites may record your personal data and sensitive data. They will both have responsibility for ensuring your data is processed according to the law.

Can I withhold my consent?

Yes you can withhold your consent for future contact. This may however affect our ability to communicate with you effectively about your support.

If you donate to HARP, we will store information about your donations for reporting purposes. If you wish for us to not store this information, please contact us. 

We will not share your information with anyone else without your consent, unless required to do so by law.

Complaints handling procedure
HARP has a Feedback policy which outlines the complaints handling procedure. Full details of the complaints procedure are available on request.


Cookies Policy

Cookies are small pieces of code which are downloaded to your computer, mobile or other device when you visit websites. They allow website owners like HARP to understand the behaviour of their users and improve various aspects of the user experience. 


With user consent, HARP use cookies to provide features on our site and social media channels, and to analyse traffic and campaigns.

Cookies on our website

HARP use Wix as our website platform, and the cookies Wix deploy fall into four categories:

Essential Cookies
These cookies enable core functionality such as security, verification of identity and network management. These cookies can’t be disabled.

Marketing Cookies
These cookies are used to track advertising effectiveness to provide a more relevant service and deliver better ads to suit your interests.

Functional Cookies
These cookies collect data to remember choices users make to improve and give a more personalised experience.

Analytics Cookies
These cookies help us to understand how visitors interact with our website, discover errors and provide better overall analytics for website owners.

You can choose to opt-out of Marketing, Functional or Analytics Cookies by clicking "Cookies settings" at the bottom left of any page on our website. 

To read more detail about the specific Cookies deployed by Wix click here.



We share information about your use of our site with our partners, listed below. Third party partners have their own opt-out mechanisms, so in order to opt-out of Cookie usage from our partners, please click through to the link provided and follow the instructions. 



We use various Google services, such as Google Analytics and Google Ads, and we share information about your usage of our website anonymously with Google. To opt-out of all Google Analytics data collection you can download a browser extension here

Meta (Facebook & Instagram)

Meta is the company that owns Facebook and Instagram. We use a cookie called Meta Pixel to understand the behaviour of our site users in conjunction with behaviour on our social media platforms Facebook and Instagram. For example, we may use the Meta Pixel to determine how successful our social media campaigns have been. To learn about how Meta use cookies and the options you have for changing the settings, click here. You can also adjust how ads on Facebook are shown to you here

Controlling Cookies Within Your Browser

Controlling your cookie settings within your web browser can help to apply rules to all of the sites that you visit. The following links explain how to access cookie settings in various browsers:


Cookie settings in Firefox

Cookie settings in Internet Explorer

Cookie settings in Microsoft Edge

Cookie settings in Google Chrome

Cookie settings in Safari (OS X)

Cookie settings in Safari (iOS)

Cookie settings in Android


Learn more about Cookies here. 

bottom of page