Privacy Policy

Enactus UK respects your privacy and is committed to protecting your personal information. The EU General Data Protection Regulation (GDPR) came into force in the EU, including the UK, on 25th May 2018. This privacy policy will inform you how we collect and look after your personal information in accordance with GDPR and tell you about your privacy rights.

Controller

Enactus UK is the controller and responsible for your personal data(collectively referred to as “COMPANY”, “we”, “us” or “our” in this privacy notice).

Contact Details

If you want to request information about our privacy policy or your personal data that we hold you can email us at: 

Amy Brereton, Executive Director abrereton@enactus.org.

Changes to This Privacy Notice

We regularly review our privacy policies which you can find on our website at www.enactusuk.org/privacy-policy.

This version was last updated in January 2025.

How/Where we Collect your Personal Data, What Personal Information we Collect and Why we Collect it

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

Enactus UK will collect your personal data when you: 

  • Deal with Enactus UK in person, by telephone, letter, fax, email or via our website

  • Join the Enactus UK Community as either a Student, Alumni, University Adviser, Partner Organisation, or Business Adviser 

  • Register to attend one of our events

  • Sign up to our mailing list on our website

Enactus UK Events

We collect your personal information and contact details when you register for one of our Enactus UK Events. Relevant personal data will be collected in order to ensure you are fully able to engage in the activities at the event and in order to ensure we have the relevant information to properly protect you whilst on site at our events. Once you have signed up we will share event related news and updates and may contact you about any future events we think you may be interested in. We use a third-party service provider, Eventbrite, for our events and to register your details: for more information please see Eventbrite’s Privacy Policy here.

Enactus UK Newsletter and Mailing list

We collect your contact details when you sign you up to the Enactus UK Newsletter and Mailing List. Once you have signed up we will send you newsletters and information from Enactus UK which will include, but will not be limited to: initiatives such as campaigns and information on our events programme. We use a third-party service provider, Mailchimp, to collect your information and to send our newsletters: for more information please see Mailchimp’s Privacy Policy here.

Mentors, Coaches, Advisors and Students

If you register as a member of Enactus UK (which includes but is not limited to: Student Team Member, University Advisor/Business Adviser/Business Coach/Alumni Mentor or Partner Organisation), we will collect your personal data in order to be able to identify you as a Enactus Member. We will collect information only where relevant and send you news, updates and relevant communications. Where necessary, we may share your details with other Enactus UK Members in order to effectively deliver the services to each member as part of the Enactus UK Programme. Occasionally we will ask you to participate in surveys which help us to assess our work and the programme delivery. 

Interactions with Enactus UK

If you meet an employee of Enactus UK, for example, at an event and give them your contact details they will keep this information in order to contact you in the future about topics which might be of interest to you and surveys which you might wish to participate in. They may also share this information with other staff members at Enactus UK. 

Data Processing

In line with the GDPR, we must have a legal basis for processing your personal information. In the situations described above, we process your personal information for one of the legal bases set out below:

  • Legitimate interests - We may process your information where it is in our legitimate interests to do so as an organisation and without prejudicing your interests or fundamental rights and freedoms.

  • Consent - We may process your information where you give us your consent to do so. You have the right to withdraw this consent at any time by contacting us. 

Transferring Data to Other Countries

Enactus UK will not rent or sell your personal information to other third-party organisations.

However, where you have given us permission, we may share your details with partner organisations both in and outside of the EU (Including USA) on the basis anyone to whom we pass it protects it in accordance with applicable laws. We are in the process of ensuring that, in the event that we transfer information to countries outside of the EU, your personal information receives an adequate level of protection in a way that is consistent with and which respects the EU and UK laws. 

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request by contacting us.

Change of Purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

We will notify you and any applicable regulator of a breach where we are legally required to do so.

Your Rights

You have the right to request access to your personal information at any time. You also have the right to request a correction of any personal data or ask us to delete any of your personal data from our records at any time. To do this you can follow any of the opt-out links on any marketing message sent to you or by contacting us at any time.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. 

Please click on the link below to find out more about the GDPR Regulations: https://ico.org.uk/for-the-public/.

Complaints or Queries

If you have any questions about this Privacy Policy, please contact us at: 

Amy Brereton, Executive Director, Enactus UK abrereton@enactus.org.