Introduction
We are committed to protecting the privacy and security of your personal data. This policy outlines how we collect, use, and safeguard your information in accordance with data protection laws.
Purpose of this Privacy and Confidentiality Policy
This privacy policy aims to give you information on how CS-GB CIC collects and processes your personal data through your interaction with our events, including any data you may provide through registration, communication, or participation.
Who we are
CS-GB CIC is the organiser of the Justice for All Series 2025–2026. We are a not-for-profit organisation dedicated to promoting justice, equality, and human rights through educational events and public engagement.
Data Controller
CS-GB CIC is the data controller and responsible for your personal data. If you have any questions about this policy, please contact us at info@justiceseries.org.
Changes to the Privacy and Confidentiality Policy and your duty to inform us of changes
We keep our privacy policy under regular review. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Third-party Links
Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
The data we collect about you
We may collect, use, store, and transfer different kinds of personal data about you including identity data, contact data, financial data, transaction data, technical data, profile data, usage data, and marketing data.
If you fail to provide personal data
Where we need to collect personal data by law or under the terms of a contract and you fail to provide that data, we may not be able to perform the contract we have or are trying to enter into with you.
How we collect your personal data
We use different methods to collect data from and about you including through direct interactions, automated technologies, and third parties or publicly available sources.
How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data to register you for events, manage our relationship with you, administer and protect our organisation, and deliver relevant content. We do not transfer your personal data outside the UK or European Economic Area (EEA).
| Purpose/Activity | Type of data | Lawful basis for processing including basis of legitimate interest |
|---|---|---|
| Registering you as an attendee | Identity, Contact | Performance of a contract with you |
| Processing payments | Identity, Contact, Financial, Transaction | Performance of a contract with you |
| Sending event updates | Identity, Contact | Necessary for our legitimate interests (to keep you informed) |
| Collecting feedback | Identity, Contact, Profile | Necessary for our legitimate interests (to improve our services) |
| Marketing communications | Identity, Contact, Marketing | Consent |
Marketing
We will provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
Promotional offers from us
You will receive marketing communications from us if you have requested information or attended our events and have not opted out.
Opting out
You can ask us to stop sending you marketing messages at any time by following the opt-out links or contacting us.
Cookies
Our website uses cookies to distinguish you from other users. This helps us provide good experience to our users and improve our site.
Disclosures of your personal data
We may share your personal data with internal and external third parties for the purposes set out in this policy.
Data security and retention
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. We retain your data for up to 6 years for legal, accounting, or reporting requirements. You will not have to pay a fee to access your personal data or to exercise any of your rights. We try to respond to all legitimate requests within one month.
What we may need from you
We may need to request specific information to help us confirm your identity and validate the right to access your personal data.
You have the legal right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object to processing your personal data
- Request restriction of processing your personal data
- Request transfer of your personal data
- Withdraw consent at any time
Glossary
Data Controller
A data controller is an individual or organisation that determines the purposes and means of processing personal data. The data controller decides why personal information is collected and how it will be used, stored, or shared. The data controller carries primary responsibility under data protection laws, such as the General Data Protection Regulation (GDPR), for ensuring that personal data is processed lawfully, transparently, and securely.
Personal data
Personal data refers to any information relating to an identified or identifiable individual. This includes details such as your name, contact information, identification number, online identifiers, or any data that can be used to recognise you as a unique person.
Lawful basis
The lawful basis for processing includes consent, contract, legal obligation, vital interests, public task, and legitimate interests.
External Third Parties
Service providers, IT and system administration services, professional advisers, and regulators.