1. WHO WE ARE – DATA CONTROLLER
Second Act Fifty Empower (SAFE) CIC is a Community Interest Company operating in the United Kingdom.

Legal name: Second Act Fifty Empower (SAFE) CIC
Trading names: “Second Act Fifty Empower (SAFE) CIC” “2nd Act 50 Empower” “Second Act 50 Empower (SAFE) CIC”
Company number: 16864580
Registered office: Suite RA01, 195-197 Wood Street, London, E17 3NU
Website: secondactfiftyempower.org.uk
Contact email for data protection: Jacqueline@secondactfiftyempower.org.uk

For the purposes of data protection law, we are the Data Controller. This means we decide how and why your personal data is used and are responsible for keeping it safe and used lawfully.

If we ever act as a Data Processor for another organisation, this will be clearly set out in a separate agreement.

2. HOW WE COLLECT YOUR PERSONAL DATA
We may collect personal data about you when you:
Visit or browse our website;
Complete a contact form, survey or feedback form;
Sign up for a programme, event, workshop or coaching;
Subscribe to our newsletters or mailing lists;
Communicate with us by email, phone, post or social media;
Provide a testimonial or quote;
Work with us as a partner, volunteer, contractor or supplier.

We may also receive information about you from third parties where it is lawful to do so, for example:
Referral partners or funders;
Event booking platforms;
Publicly available sources such as Companies House and professional profiles.

3. TYPES OF PERSONAL DATA WE COLLECT
Depending on your relationship with us, we may collect and use the following categories:

3.1 Identity and Contact Data
Name, title, date of birth if needed, gender if provided;
Address, email address, telephone number;
Organisation name and role if relevant.

3.2 Programme or Service Data
Information related to your participation in our programmes, events, coaching, training or other services;
Feedback, survey responses, goals and outcomes;
Any reasonable adjustments or accessibility needs you choose to share.

3.3 Special Category Data (Only Where Necessary)
In some cases and only where necessary and lawful, we may collect information about your:
Health or wellbeing;
Ethnicity or demographic information for monitoring or inclusion purposes.

We will only process special category data where we have a lawful basis and a relevant additional condition under UK GDPR and the Data Protection Act 2018.

3.4 Technical and Usage Data
IP address, browser type and version, device information;
Pages visited, time and date of visits, clickstream data;
Cookie data (see our Cookie Policy).

3.5 Marketing and Communications Data
Your preferences for receiving marketing and updates;
Records of your consent and any opt out requests.

4. PURPOSES AND LEGAL BASES FOR PROCESSING
We will only process your personal data where we have a lawful basis under UK GDPR. The main legal bases include consent, contract, legal obligation and legitimate interests.

We typically use your data for:
Running our programmes and services
To register you or manage participation.
Legal basis: Contract, Legitimate interests.

Providing support and responding to enquiries
To respond to emails, calls and messages.
Legal basis: Legitimate interests, Contract.

Monitoring, evaluation and reporting
To measure impact and report in anonymised form.
Legal basis: Legitimate interests, sometimes Legal obligation.

Marketing and communications
To send newsletters, invitations or updates where you have consented.
Legal basis: Consent or Legitimate interests.

Compliance, safeguarding and risk management
To meet legal, audit or safeguarding requirements.
Legal basis: Legal obligation, Substantial public interest.

Website operation and improvement
To maintain and protect our website.
Legal basis: Legitimate interests.

Where we rely on consent, you may withdraw it at any time.

5. CHILDREN’S DATA
Our services are aimed at adults. We do not knowingly collect personal data from children under 16 without parental or guardian consent. If collected unintentionally, we will delete it promptly.

6. SHARING YOUR PERSONAL DATA
We never sell your personal data. We may share your data with:
Service providers such as IT and email platforms;
Professional advisers such as auditors or legal advisers;
Funders or partners, usually in anonymised form;
Regulators or safeguarding bodies where required by law.

Third party providers are required to keep your data secure and use it only according to our instructions.

7. INTERNATIONAL TRANSFERS
Some service providers may operate outside the UK. Where data is transferred, we ensure safeguards such as adequacy decisions or approved contractual clauses.

8. DATA RETENTION – HOW LONG WE KEEP YOUR DATA
We retain personal data only as long as needed for our services or legal obligations. When no longer needed, data is deleted securely or anonymised.

9. DATA SECURITY
We use appropriate measures to protect your data including secure storage, access controls, encryption and staff training. No system is completely secure and internet transmission is at your own risk.

10. YOUR DATA PROTECTION RIGHTS
Under UK GDPR, you have rights including access, rectification, erasure, restriction, portability, objection and rights related to automated decision making. You may exercise these rights by contacting us.

We may verify your identity before responding. You may withdraw consent at any time by using the unsubscribe link or contacting us.

11. COOKIES AND TRACKING TECHNOLOGIES
Our website uses cookies to function, analyse usage or improve experience. See our Cookie Policy for details.

12. THIRD PARTY WEBSITES
Links to external sites are not covered by our Privacy Policy. Those sites have their own policies.

13. CONTACT US – QUESTIONS OR COMPLAINTS
Data Protection Contact
Second Act Fifty Empower (SAFE) CIC
Email: Jacqueline@secondactfiftyempower.org.uk
Postal address: Suite RA01, 195-197 Wood Street, London, E17 3NU

You may also lodge a complaint with the Information Commissioner’s Office (ICO).

14. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy as needed. The “Last updated” date will reflect any changes.

Last updated: 1st December 2025

This Privacy Policy explains how Second Act Fifty Empower (SAFE) CIC collects, uses and protects your personal data. By using our website or providing personal data, you confirm that you have read and understood this Privacy Policy.

Last updated: 1st December 2025

This Privacy Policy explains how Second Act Fifty Empower (SAFE) CIC, (“we”, “us”, “our”) collects, uses and protects your personal data when you interact with us, including when you use our website, contact us, take part in our programmes or receive our services.

We are committed to protecting your privacy and complying with our obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using our website or providing us with your personal data, you acknowledge that you have read and understood this Privacy Policy.