Privacy Policy

Last Updated: 17 November 2024

1. Introduction

This Privacy Policy explains how Crush Crime Limited (“Crush Crime,” “we,” “our,” or “us”), registered at 71-75 Shelton Street, Covent Garden, London, UK, WC2H 9LQ, processes and protects your personal information. We are committed to safeguarding the privacy of our service users, website visitors, and campaign supporters whilst providing the highest level of support to those affected by crime.

2. Our Commitment to Your Privacy

As an organisation dedicated to supporting those affected by crime, we understand the paramount importance of privacy and confidentiality. This policy explains in detail how we collect, use, maintain, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

3. Information We Collect

3.1 Personal Identifiers and Contact Information

Your name, postal address, email address, telephone numbers, and other contact details you provide to us. This information is essential for us to communicate with you and provide our services effectively.

3.2 Campaign and Petition Information

When you sign our petitions or participate in our campaigns, we collect your signature, opinions, and any additional information you choose to provide in support of the cause. This may include your personal experiences or views on specific issues related to crime and justice.

3.3 Website Usage Information

Through our website, we automatically collect technical data including your Internet Protocol (IP) address, browser type and version, time zone setting and location, operating system, and platform. We use cookies and similar technologies to enhance your browsing experience and analyse website usage. For more details, please refer to our separate Cookie Policy.

4. How We Use Your Information

4.1 Service Delivery

To provide you with information, support, and services you request from us. This includes responding to your enquiries, managing your participation in our campaigns, and keeping you informed about our initiatives that may be relevant to you.

4.2 Campaign Management

To process and record your support for our petitions and campaigns. This includes verifying signatures, analysing support levels, and using aggregated data to demonstrate the impact of our initiatives.

4.3 Inter-organisational Data Sharing

By providing your information to Crush Crime Limited, you explicitly consent to the sharing of your personal information between Crush Crime Limited and separate legal entities engaged in related campaigns and advocacy work. These entities may include:

  • Separate campaign organisations operating under different legal entities
  • Independent advocacy groups working on related initiatives
  • Partner organisations running complementary campaigns
  • Affiliated entities pursuing similar objectives, whether incorporated or unincorporated

Such data sharing between separate business entities is governed by:

  1. Formal data sharing agreements ensuring appropriate safeguards
  2. Compliance with UK GDPR and the Data Protection Act 2018
  3. Strict purpose limitation and data minimisation principles
  4. Regular security and compliance assessments

Each recipient organisation will act as an independent data controller for your personal information and will be subject to their own privacy policies. You have the right to request information about which entities have received your data.

4.4 Legal Compliance

To comply with our legal obligations, including maintaining appropriate records, responding to law enforcement requests, and fulfilling our data protection obligations.

4.5 Research and Analysis

To conduct research and analysis aimed at improving our services and understanding crime-related issues better. Any research outputs will be anonymised and aggregated to ensure individuals cannot be identified.

5. Data Security

5.1 Security Measures

We have implemented appropriate technical and organisational measures to protect your personal information from unauthorised access, accidental loss, or destruction. We have put in place procedures to deal with any suspected personal data breach and will notify you and applicable regulators where we are legally required to do so.

5.2 Specific Security Controls

Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Strict access controls and authentication procedures
  • Staff training on data protection and security
  • Regular backup procedures

6. Data Retention

6.1 Retention Periods

We retain your personal information only for as long as necessary to fulfil the purposes for which we collected it, including satisfying any legal, accounting, or reporting requirements.

6.2 Retention Criteria

To determine the appropriate retention period, we consider:

  • The amount, nature, and sensitivity of the personal data
  • The potential risk of harm from unauthorised use or disclosure
  • The purposes for which we process the data
  • Whether we can achieve those purposes through other means
  • The applicable legal requirements

7. Your Rights

7.1 Right to Access

You may request a copy of the personal information we hold about you, along with details of how we use that information. We will provide this information without charge, though we may charge a reasonable fee for additional copies or unfounded or excessive requests.

7.2 Right to Rectification

If you believe any information we hold about you is inaccurate or incomplete, you can request that we correct it.

7.3 Right to Erasure

In certain circumstances, you can request that we delete your personal information. This right is not absolute and depends on the legal basis for processing your information.

7.4 Right to Restrict Processing

You can request that we limit how we use your personal information in certain circumstances, such as when you contest the accuracy of the data.

7.5 Right to Data Portability

Where we process your information by automated means based on your consent or for contract performance, you can request a copy of that information in a structured, commonly used format.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes through our website or direct communication where appropriate.

9. Contact Us

9.1 Contact Details

If you have any questions about this Privacy Policy or how we handle your personal information, please contact us at:

Crush Crime Limited
71-75 Shelton Street
Covent Garden
London
UK
WC2H 9LQ

9.2 Complaints

If you are unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.