Privacy Policy
Last Updated: 23 January 2026
Effective Date: 23 January 2026
Introduction
GAIGNetwork ("we", "us", "our") operates the website gaignetwork.co.uk and provides an exclusive membership platform for ethical health charities in the United Kingdom (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or use our Service.
We are committed to protecting your privacy and complying with the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (as amended).
By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.
Data Controller
For the purposes of UK data protection legislation, the data controller is:
GAIGNetwork
Email: [contact email to be inserted]
Address: [registered office address to be inserted]
Information We Collect
Account Information
When you create an account, we collect your name, email address, and login credentials provided through our authentication system (Manus OAuth). We also collect information about your organisation, including organisation name, your role within the organisation, and website URL if you choose to provide it.
Profile Information
Members may choose to provide additional information in their profiles, including a biographical statement, professional background, areas of expertise, and contact preferences. This information is used to facilitate networking and collaboration within the GAIGNetwork community.
User-Generated Content
We collect content that you post to the Service, including forum posts, comments, replies to discussions, uploaded resources, and any other materials you choose to share with the community. This content may be visible to other members depending on your privacy settings.
Usage Data
We automatically collect certain information when you visit, use, or navigate the Service. This information does not reveal your specific identity but may include device information (such as IP address, browser type, and operating system), usage patterns, pages viewed, time spent on pages, and referring URLs. This data is collected through cookies and similar tracking technologies.
Communications Data
When you contact us directly (via email or through the Service), we collect the contents of your message, your contact details, and any attachments you send. We also maintain records of our correspondence with you.
Legal Basis for Processing
Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following legal bases:
Contract Performance: Processing is necessary for the performance of our membership agreement with you, including providing access to the members-only area, resources library, and community forum.
Legitimate Interests: We process certain data based on our legitimate interests in operating and improving our Service, preventing fraud and abuse, ensuring network security, and communicating with members about Service-related matters. We have assessed that these interests are not overridden by your rights and freedoms.
Consent: Where required by law, we obtain your explicit consent before processing certain categories of data, such as sending marketing communications. You may withdraw consent at any time by contacting us or using the unsubscribe mechanism provided in our communications.
Legal Obligation: We may process your data where necessary to comply with legal obligations, such as responding to lawful requests from public authorities or complying with tax and accounting requirements.
How We Use Your Information
We use the personal information we collect for the following purposes:
Service Provision: We use your account and profile information to create and maintain your membership account, authenticate your identity, provide access to members-only features, and personalise your experience on the Service.
Community Facilitation: Your profile information and user-generated content are used to enable networking, knowledge sharing, and collaboration among members. Other members may view your profile and contributions to facilitate professional connections.
Communications: We use your contact information to send you Service-related notifications, respond to your enquiries, provide customer support, and inform you about changes to our policies or Service features. With your consent, we may also send you newsletters, updates about new resources, and information about community events.
Service Improvement: We analyse usage data to understand how members interact with the Service, identify areas for improvement, develop new features, troubleshoot technical issues, and enhance overall user experience.
Security and Fraud Prevention: We process certain data to detect, prevent, and respond to security incidents, fraudulent activity, abuse of the Service, and violations of our Terms of Service.
Legal Compliance: We may use and disclose your information as necessary to comply with applicable laws, regulations, legal processes, or governmental requests.
Data Sharing and Disclosure
We do not sell, rent, or trade your personal information to third parties. We may share your information in the following limited circumstances:
Within the Community: Your profile information and forum contributions are visible to other verified members of GAIGNetwork. You control what information you include in your profile and what content you post to the community.
Service Providers: We engage trusted third-party service providers to perform functions on our behalf, such as hosting infrastructure (Manus platform), email delivery, data analytics, and customer support. These providers have access to personal information only as necessary to perform their functions and are contractually obligated to maintain confidentiality and security.
Business Transfers: If we are involved in a merger, acquisition, asset sale, or bankruptcy proceeding, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or use of your personal information.
Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (such as a court order or subpoena), or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with legal obligations.
With Your Consent: We may share your information for any other purpose with your explicit consent.
Your Data Protection Rights
Under UK GDPR and the Data Protection Act 2018, you have the following rights regarding your personal data:
Right of Access: You have the right to request copies of your personal data. We may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete. You can update most information directly through your account settings.
Right to Erasure: You have the right to request that we erase your personal data under certain conditions, such as when the data is no longer necessary for the purposes for which it was collected or when you withdraw consent.
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions, such as when you contest the accuracy of the data or object to processing.
Right to Data Portability: You have the right to request that we transfer the data we have collected to another organisation, or directly to you, in a structured, commonly used, and machine-readable format.
Right to Object: You have the right to object to our processing of your personal data where we are relying on legitimate interests, including for direct marketing purposes.
To exercise any of these rights, please contact us using the details provided in the "Contact Us" section below. We will respond to your request within one month, though we may extend this period by two further months where necessary, taking into account the complexity and number of requests.
Security of Your Information
We implement appropriate technical and organisational measures to protect your personal information against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include encryption of data in transit using industry-standard SSL/TLS protocols, secure authentication mechanisms, regular security assessments, and access controls limiting employee access to personal data on a need-to-know basis.
However, please be aware that no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of your account credentials.
Cookies and Tracking Technologies
We use cookies and similar tracking technologies to track activity on our Service and hold certain information. Cookies are files with small amounts of data that are sent to your browser from a website and stored on your device.
Essential Cookies: These cookies are strictly necessary to provide you with services available through our website and to use some of its features, such as access to secure areas. We use session cookies to authenticate your identity and maintain your logged-in state.
Analytics Cookies: We use analytics services to help us understand how visitors interact with our Service. These cookies collect information such as pages visited, time spent on pages, and navigation paths. This information is aggregated and anonymous.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Changes to This Privacy Policy
We may update our Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this document.
For significant changes that materially affect your rights, we will provide more prominent notice (such as email notification or a notice on our homepage) at least 30 days prior to the changes taking effect. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
GAIGNetwork
Email: [contact email to be inserted]
Address: [registered office address to be inserted]
We will respond to your enquiry within a reasonable timeframe, typically within 5 business days for general enquiries and within one month for data subject access requests.
Complaints and Regulatory Authority
If you have concerns about how we handle your personal data, please contact us first using the details above. We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your personal information.
If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO), the supervisory authority for data protection matters in the United Kingdom.
Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
United Kingdom
Telephone: 0303 123 1113
Website: https://ico.org.uk/make-a-complaint/
