PRIVACY & COOKIES
Privacy & Cookies Policy Document v1.0
Effective Date: 1 January 2025
Version: 1.0
1. Introduction
Renovate Community Repair C.I.C (“RCR,” “we,” “our,” or “us”) is committed to protecting your privacy. This policy explains how we collect, use, disclose, and safeguard your personal data in compliance with the UK GDPR, Data Protection Act 2018, and ICO guidelines.
By using our website (renovatecommunityrepair.co.uk) or services, you consent to the practices described in this policy.
This policy outlines and applies to all personal data collected via:
- All interactions with the Website
- Online forms, emails, telephone calls, or in-person interactions.
- Cookies and automated technologies when you use our website (renovatecommunityrepair.co.uk) or services.
- How we process, store, disclose, and protect this data;
- Your legal rights over your personal data.
We reserve the right to update this policy to reflect changes in law or best practices. Material changes will be notified via a notice on the website and updated version number. Continued use of our Website and services constitutes acceptance of updated terms.
You may withdraw consent by discontinuing use if you disagree with revisions.
2. Definitions
- Personal Data: Information that identifies you directly/indirectly (e.g., name, email, service history).
- Data Controller: RCR, responsible for determining how and why your data is processed.
- Cookies: Small text files stored on your device during website visits.
- Processing: Any operation performed on personal data (e.g., collection, storage, deletion).**
3. Data We Collect
3.1 Personal Data
- Identity Data: Full name, address, phone number.
- Financial Data: Payment details (processed via SagePay).
- Service History: Repairs, inspections, membership tier.
– Correspondence Records: Emails, phone calls, feedback forms.**
3.2 Non-Personal Data
- Technical Data: IP address, browser type, device information.
- Usage Data: Pages visited, session duration, click patterns.
4. Lawful Basis for Processing
We process data under the following UK GDPR lawful bases:
| Purpose | Lawful Basis |
| Service delivery (bookings) | Contractual necessity |
| Membership management | Contractual necessity |
| Marketing communications | Consent (opt-in required) |
| Fraud prevention | Legal obligation |
| Website analytics | Legitimate interests (to improve user experience) |
Legitimate Interests:
- Personalising content (e.g., repair tips).
- Network security and fraud detection.
- Administrative tasks (e.g., invoice generation).**
5. Data Sharing
We share data with:
- Service Providers: Payment processors (SagePay), IT support.
- Regulatory Bodies: HMRC (tax), ICO (legal compliance).
- Third Parties: Only with explicit consent (e.g., Trustpilot reviews).
Affiliates & Contractors:
- Logistics partners (parts delivery).
- Trade professionals (to fulfil repair services).
All third parties sign data processing agreements (DPAs) to ensure GDPR compliance.
6. Data Retention
| Data Type | Retention Period | Legal Basis |
| Financial records | 7 years | Companies Act 2006 |
| Service history | 6 years | Limitation Act 1980 |
| Marketing consents | 2 years after last interaction | ICO guidance |
Data is securely deleted or anonymised after retention periods.
7. Cookies
7.1 Types of Cookies
- Essential: Required for website functionality (e.g., login).
- Analytical: Google Analytics (anonymous usage tracking).
- Marketing: Facebook Pixel (retargeting ads – requires consent).
7.2 Consent Management
- Cookie Banner: Opt-in required for non-essential cookies. Adjust preferences via Cookie Settings.
– Browser Controls: Manage cookies via settings. Visit allaboutcookies.org for guidance.**
8. Your Rights
Under UK GDPR, you may:
1.Access your data (free DSAR within 30 days).
2.Correct inaccurate/incomplete data.
3.Delete data under specific conditions.
4.Object to marketing or legitimate interest processing.
5.Port data to another provider.
To exercise rights, contact our Data Protection Officer (DPO) at dpo@renovatecommunityrepair.co.uk. We may request ID verification.
9. Data Security
- SSL Encryption: Secures online transactions.
- Access Controls: Restricted to authorised personnel.
- Breach Protocol: Notify ICO within 72 hours and affected users within 48 hours of high-risk breaches.
10. Third-Party Links
Our website may link to external sites (e.g., payment portals). We are not responsible for their privacy practices. Review their policies before sharing data.
11. Complaints
- Contact our DPO at dpo@renovatecommunityrepair.co.uk.
- Lodge complaints with the ICO (ico.org.uk) if unsatisfied.
12. Contact Us
Data Protection Officer:
Download Full Policy | Privacy & Cookies
© 2025 Renovate Community Repair C.I.C. All rights reserved.