Skip to content

The legal bits

Privacy Policy




Your privacy is very important to us. We want to make you experience on the Internet as enjoyable and rewarding as possible, and we want you to use the Internet’s vast array of information, tools, and opportunities with complete confidence. 

This privacy policy (‘the Privacy Policy’) discloses the information gathering and dissemination practices for this website. We will notify you of changes to our Privacy Policy by posting the new policy on this website. Review our Privacy Policy regularly so that you can stay informed of our practices, as they may change in the future.



This Data Protection Policy sets out how, Victoria’s Promise, a registered charity handles the Personal Data of our clients, prospective clients, suppliers, employees, volunteers, interns, workers, business contacts and other third parties.

Victoria’s Promise is the data controller responsible for your personal data.

This Data Protection Policy applies to all Personal Data (as defined in Data Protection Act 2018) we Process regardless of the media on which that data is stored or whether it relates to past or present employees, workers, customers, clients or supplier contacts, shareholders, website users, or any other Data Subject.

The Board of trustees has overall responsibility for this policy. The Data Protection officer is Fiona Eastman, Chief Executive Officer.

Data protection is the responsibility of everyone within Victoria’s Promise and this Data Protection Policy sets out what we expect from you when handling Personal Data to enable the organisation to comply with applicable law. We recognise this will permit stakeholders to maintain trust and confidence in our charity. This policy applies to all of our personnel. Your compliance with this Data Protection Policy is mandatory.

Related Policies and Privacy Guidelines are available to help you interpret and act in accordance with this Data Protection Policy. You must also comply with all those Related Policies and Privacy Guidelines. Any breach of this Data Protection Policy may result in disciplinary action.

Where you have a specific responsibility in connection with Processing, such as capturing Consent, reporting a Personal Data Breach or conducting a DPIA as referenced in this Data Protection Policy or otherwise, then you must comply with the Related Policies and Privacy Guidelines.

This Data Protection Policy (together with Related Policies and Privacy Guidelines) is an internal document and cannot be shared with third parties, clients or regulators without prior authorisation from the DPO.


Our contact details

Name: Victoria’s Promise Charity
Registered Charity Number: 1156377
Address: G2 Landmark House, Station Road, Hook RG27 9HA
Phone Number: 01256 592081

The Data Protection Officer is Fiona Eastman who can be contacted at

If your personal data we have is inaccurate or changed please contact us to let us know.


The Type of Personal Information We Collect

We currently collect and process the following information:

  • Name (marital name, status, maiden name, title etc).
  • Date of birth (VP Ladies)
  • Email Address
  • Phone Numbers
  • Home Address (VP Ladies)
  • Diagnosis (VP Ladies)
  • Primary Cancer (VP Ladies)
  • Hospital (VP Ladies)
  • Marital Status (VP Ladies)
  • Financial data (Sponsors etc)
  • Profile Data – user name, password. In-App purchases, feedback, survey responses.
  • Location Data – includes [your current location disclosed by GPS technology
  • Usage Data – details of your use of any of our Apps or your visits to any of Our Sites including, but not limited to, traffic data, and the resources that you access.
  • Marketing and Communications Data – includes your preferences in receiving marketing from us and our third parties and your communication preferences

This comprises both personal data and special category data.

We do not knowingly collect data about children under the age of 13 years without parental consent.


How We Get The Personal Information and Why We Have It

We may receive information by:

  • You contacting us directly, whether by email, phone, letter, via Instagram, our website etc.
  • Your family or friends providing us with your contact details
  • You submitting your information via our website, including via our application form, or mobile app
  • You applying for a job Via a recruitment agency
  • Through events, sponsor events, networking events etc.
  • Through sponsorship opportunities
  • From suppliers

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • To contact you about future Victoria’s Promise events
  • Share VP news and updates=
  • Add you to our VP App where applicable
  • Contact you and to offer in-person services (VP Ladies)


Principles for Collecting Data

We will ensure that all personal data is:

  1. Processed lawfully, fairly and in a transparent manner (lawfulness, fairness and transparency);
  2. Collected only for specified, explicit and legitimate purposes (purpose limitation);
  3. Adequate, relevant and limited to what is necessary in relation to the purposes for which it is Processed (data minimisation);
  4. Accurate and where necessary kept up to date (accuracy);
  5. Not kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the data is Processed (storage limitation);
  6. Processed in a manner that ensures its security using appropriate technical and organisational measures to protect against unauthorised or unlawful Processing and against accidental loss, destruction or damage (security, integrity and confidentiality);
  7. Not transferred to another country without appropriate safeguards in place (transfer limitation); and
  8. Made available to data subjects and allow data subjects to exercise certain rights in relation to their personal data (data subject’s rights and requests).

We use the information that you have given us in order to contact you about future events and to share VP news or add you to our VP app as and when requested. VP Ladies info will be used to organise in-person services and to aid where possible.

We share this with volunteers, employees, agency workers, interns as required to perform our services. We may need to share it with the Charity Commissioner, our trustees and ambassadors, professional advisors and suppliers, e.g. lawyers, accountants, HMRC.

We may disclose your personal data to suppliers for example, counsellors, cleaners in order to provide you with services.

We may disclose the information for a lawful or regulatory purpose for example, to the Charity Commissioner.

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

(a) Your consent. You are able to remove your consent at any time. You can do this by contacting / G2 Landmark House, Station Road, Hook, RG27 9HA / 01256 592081

(b) We have a vital interest.

(c) We have a legitimate interest, i.e. a legitimate interest of our organisation in conducting and managing our business to enable us to give you the best service and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

(d) We need it to perform our services, i.e. a task such as in-person services (VP Ladies).

(e) to comply with any law or regulation.

When submitting any information on our website you expressly authorise us to use your personal information as explained in this privacy policy, and you consent to receiving commercial email from us, Victoria’s Promise –, and all of Victoria’s Promise – ‘s Companies. You can expect to receive newsletters, promotions, and other similar offers. Should you wish to discontinue receiving these e-mailings simply unsubscribe using the link in the email you receive.

We automatically collect certain information from visitors to the site, such as Internet addresses browser type, Internet Service Provider (ISP), referring and exit page, operating system, time-stamps, and clickstream data. We also track and analyse non-identifying and aggregate usage and volume statistical information from our visitors and customers. This information is logged to help diagnose technical problems, and to administer our site so that we can constantly improve it.

If you pay for anything on our Site using a credit or debit card, we collect the personal information needed to complete the transaction. This information includes your name, card number, and other necessary information, all of which is clearly labelled on the form you use to submit payment. We use an unaffiliated, credit card processing company to process your payment. We transfer your payment information and you authorise us to do so to this company solely for this purpose. The company does not retain, share, store, or use personally identifiable information for any other purposes.

Anything you send us, post on our Site, or use with our service, such as blog postings or videos, or if others send us anything about your activities or postings, we may collect such information into a file specific to you. We use this information to resolve disputes, troubleshoot problems, and enforce our customer agreements.


Third Party Links

Our Site and App may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates.

Please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.


How We Store Your Personal Information

All your information is securely stored within our online database (Copper) and we will keep this on record unless we are instructed otherwise by yourself.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being clients.

In some circumstances you can ask us to delete your data, please see “Your Data Protection Rights” below for further information.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

In the event that you do not use the App for an extended period of time then we may treat the account as expired and your personal data may be deleted.

We do not store or transfer your personal data outside of the UK.


Your Data Protection Rights

Under data protection law, you have rights including:

Your right of access – You have the right to ask us for copies of your personal information.

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at / G2 Landmark House, Station Road, Hook, RG27 9HA / 01256 592081 if you wish to make such a request.


How to Complain

If you have any concerns about our use of your personal information, you can make a complaint to us at / G2 Landmark House, Station Road, Hook , RG27 9HA / 01256 592081.

You can also complain to the ICO (the UK regulator for data protection issues) if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF Helpline number: 0303 123 1113 ICO website:


Changes to Our Policy

We keep our privacy policy under regular review. It may change and if it does, these changes will be posted on this page. The new policy may be displayed on-screen and you may be required to read and accept the changes to continue your use of the App or the Services.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during our relationship with you.

Last Review: March 2024
Next Review: March 2025

Who we are

Our website address is:

What personal data we collect and why we collect it


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Additional information

How we protect your data

What data breach procedures we have in place

What third parties we receive data from

What automated decision making and/or profiling we do with user data

Industry regulatory disclosure requirements

Get notified when we launch

We’ll be going live on August 1st at 9:30pm BST. If you want to be notified when we officially launch, fill in your information below and we’ll email you on launch day.