Privacy Policy

Effective date:16/09/2025
Reviewed:16/09/2025

Forcer Protocol CIC (“we”, “us”, “our”) is committed to protecting your privacy and respecting your personal data. This policy explains what information we collect, how we use it, and the rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Controller: Forcer Protocol CIC
Company number: 16232107
Registered office: 18 Althorne Way, Canewdon, Rochford, England, SS4 3PS
Responsible person: Claire Lilly
Email: claire@forcerprotocol.org

For certain services, we work closely with trusted partners. Where they act as controllers in their own right (e.g., Safe & Found Online), we will make this clear.

2. What this policy covers

This Privacy Policy applies to information collected via:

• Our website forcerprotocol.org
• Our donation system (GiveWP/Stripe)
• Our contact forms (Elementor Pro)
• Comments left on our website (WordPress)
• Email communication with us

It does not cover the processing of sensitive health or personal safety information shared with Safe & Found Online, who are independent controllers. You can read their privacy information here: Safe & Found Online Privacy Policy.

3. Information we collect and how we use it

4. Cookies

Our website uses cookies. Please see our full Cookie Policy for details of what cookies are used and how you can manage them.

5. Who we share your data with

• Safe & Found Online – if you choose to register with them, they are the controller of any sensitive data.
• Payment processor: Stripe (for donations).
• Website platform & plugins: WordPress, GiveWP, Elementor Pro, Automattic (comments).
• Hosting provider: IONOS.
• Email provider: Microsoft.

All third-party providers are bound by data protection obligations.

6. International transfers

Some service providers (e.g., Stripe, Automattic, Microsoft) may process data outside the UK/EEA. Where they do, they rely on safeguards such as adequacy regulations or standard contractual clauses to protect your data.

7. Data retention

• Contact form enquiries: Retained up to 12 months unless needed longer for ongoing support.
• Comments: Retained as long as the comment remains published.
• Donations: Financial records retained for 6 years in line with UK law.
• Emails: Normally no more than 7 years.

8. Security

We use appropriate technical and organisational measures to protect your data, including secure hosting with IONOS, SSL encryption, restricted admin access, regular software updates, and two-factor authentication for accounts. However, no transmission over the internet can be guaranteed as completely secure.

9. Your rights

You have the following rights under UK data protection law:

• Access – to request a copy of your personal data.
• Rectification – to correct inaccurate or incomplete data.
• Erasure – to ask us to delete your data in certain circumstances.
• Restriction – to limit how we use your data.
• Portability – to receive your data in a structured, machine-readable format.
• Objection – to object to our processing.
• Withdraw consent – where consent is the lawful basis.

To exercise your rights, contact us at claire@forcerprotocol.org.

10. Complaints

If you are unhappy with how we handle your data, please contact us first. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

https://ico.org.uk/
Tel: 0303 123 1113

11. Children

This website is not directed at children under 18, and we do not knowingly collect their data.

12. Changes to this policy

We may update this Privacy Policy from time to time. Any significant changes will be posted on this page with a new effective date.