Privacy Policy

Last updated: 26 March 2026

1. Introduction

The Neumark Foundation respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store and protect your personal data, and your rights in relation to that data.

It applies to:

  • Visitors to our website
  • Individuals who contact us
  • Clients, applicants, grantees and partners
  • Suppliers and service providers

Our website is not intended for children and we do not knowingly collect data relating to children.

2. Data Controller and Contact Details

The Neumark Foundation is the Data Controller responsible for your personal data.

Organisation: The Neumark Foundation
Address: Ivy House, 37 Kennedy Road, Shrewsbury, SY3 7AA, United Kingdom
Email: [email protected]

Data Protection Contact: Rebecca Neumark

You have the right to make a complaint to the Information Commissioner’s Office (ICO). We would, however, appreciate the opportunity to address your concerns first.

3. The Data We Collect

We may collect, use, store and transfer the following types of personal data:

Identity and Contact Data

  • Name
  • Job title
  • Email address
  • Telephone number
  • Postal address

Financial Data (where relevant)

  • Bank details where required for payments or grants

Communication Data

  • Records of correspondence including emails and enquiries

Technical and Usage Data

  • IP address
  • Browser type and version
  • Device information
  • Website usage data

This data may be collected directly from you or automatically through your use of our website.

4. How We Collect Your Data

We collect data in the following ways:

  • Direct interactions, including emails, phone calls, forms and meetings
  • Automated technologies such as cookies and analytics tools
  • Third party sources, including publicly available information where relevant

5. How We Use Your Data

We will only use your personal data where the law allows us to.

We may use your personal data to:

  • Provide services and fulfil obligations
  • Respond to enquiries
  • Manage our relationship with you
  • Process applications, grants or funding relationships
  • Send communications where appropriate
  • Comply with legal or regulatory obligations
  • Improve and protect our website

We will not use your personal data for purposes that are incompatible with those listed above.

6. Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Contract – to provide services or respond to requests
  • Legal obligation – to comply with legal and regulatory requirements
  • Legitimate interests – to manage relationships and improve our services
  • Consent – for marketing communications and non-essential cookies where required

Where consent is required, it will be requested clearly and separately.

7. Cookies

Our website uses cookies and similar technologies.

Non-essential cookies, including analytics and marketing cookies, are only placed with your consent through our cookie banner.

For full details on the cookies we use and how to manage your preferences, please refer to our Cookie Policy.

8. Disclosure of Your Data

We may share your personal data with:

  • Professional advisers such as legal, financial and insurance providers
  • Service providers who support our operations
  • Regulatory bodies such as HMRC where required

All third parties are required to respect the security of your personal data and to process it in accordance with the law.

9. International Transfers

Some of our service providers may store or process personal data outside the United Kingdom.

Where this occurs, we ensure appropriate safeguards are in place, such as UK adequacy regulations or standard contractual clauses, to protect your data.

10. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way.

Access to your personal data is limited to those who need it for legitimate business purposes.

Devices and systems used to access personal data are protected by appropriate security controls.

11. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting or reporting requirements.

Typical retention periods include:

  • Enquiries: up to 12 months
  • Client or grant-related data: up to 6 years
  • Financial records: up to 6 years
  • Marketing data: until consent is withdrawn

We regularly review retention periods to ensure data is not kept longer than necessary.

12. Your Legal Rights

Under UK GDPR, you have the right to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request erasure of your data where applicable
  • Object to processing of your data
  • Request restriction of processing
  • Request transfer of your data
  • Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us using the details above.

13. Third Party Links

Our website may include links to third party websites or services.

We do not control these third party websites and are not responsible for their privacy practices. We recommend reviewing their privacy policies separately.

14. Changes to This Policy

We may update this Privacy Policy from time to time.

Any changes will be posted on this page with an updated revision date.