Privacy Policy

---

1 / 8PRIVACY POLICY FOR DON’T DRINK CHALLENGE LTD
Thank you for reading our privacy policy. We respect your privacy and are committed to protecting your personal information. This privacy policy document contains types of information that is collected and recorded by us and will tell you tell you about your privacy rights and how the law protects you.
This privacy policy aims to give you information on how we collect and process your personal information, including any data you may provide to us directly via our website or otherwise.  
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR).  
We may update our privacy policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new privacy policy on this page. These changes are effective immediately, after they are posted on this page.
Privacy policy last updated in October 2024.  
1. Important information and who we are
DON'T DRINK CHALLENGE LTD (a company incorporated in England with registeredcompany number 15789214) is the controller and responsible for your personal data(collectively referred to as the Company, "we", "us" or "our" in this privacy policy).  
Our full details are:

• • Full name of legal entity: DON'T DRINK CHALLENGE LTD
  
• • Name or title of data privacy manager: Jonathan Rees
  
• • Registered business address: 40 Peartree Crescent, Newton-Le-Willows, United Kingdom, WA12 8EH
  
• • Email address: contact@dontdrinkchallenge.co.uk
  

2. The information we collect about you
2 / 8Personal information or data means any information about an individual from which that person can be identified. The personal data that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

• • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
  
• • Contact Data includes billing address, delivery address, email address telephone numbers, information from social media accounts you provide us.  
  
• • Financial Data includes bank account and payment card details.
  
• • Transaction Data includes details about payments to and from you and other details of events and services we have provided.
  
• • Technical Data includes internet protocols (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.  
  
• • Usage Data includes information about how you use our website and services.  
  
• • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
  

Special Category Data
Certain personal data we collect is treated as a special category to which additional protections apply under data protection law, including data concerning health.  

• • Where we process special category personal data, we will also ensure we are permitted to do so under data protection laws, e.g.:
  
• • we have your explicit consent;
  
• • the processing is necessary to protect your (or someone else’s) vital interests where you are physically or legally incapable of giving consent; or
  

3 / 8

• • the processing is necessary to establish, exercise or defend legal claims.
  
• 3. How is your personal information collected?
  

We use different methods to collect data from and about you, including through direct communications, automated technologies or interactions and/or via third parties.  

Direct interactions

You may give us your Identity, Contact and Financial Data in person, by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

• • Complete the application form when you avail of our services;
  
• • subscribe to our services or publications;  
  
• • request marketing to be sent to you; or
  
• • give us some feedback.  
  

Automated technologies or interactions  

As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.

Third parties or publicly available sources  

We may receive personal data about you from various third parties and public sources Including Identity and Contact Data from publicly availably sources such as Companies House, the Electoral Register and social media.

• 4. How we use your personal information
  

4 / 8We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• • Where we need to perform the contract, we are about to enter into or have entered into with you.
  
• • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  
• • Where we need to comply with a legal or regulatory obligation.
  

A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own.
Our purposes
Purpose/Activity
Type of data
Lawful basis for processing including basis of legitimate interest
To set you up with an account as a customer of our services
(a) Identity  
(b) Contact
Performance of a contract with you
To process your order or request and to deliver services to you including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
(a) Identity  
(b) Contact  
(c) Financial  
(d) Transaction  
(e) Marketing and Communications
(a) Performance of a contract with you  
(b) Necessary for our legitimate interests (to recover debts due to us)
5 / 8To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy notice
(b) Asking you to leave a review, take a survey or provide other feedback
(c) Provide you with milestone updates
(a) Identity  
(b) Contact  
(c) Marketing and Communications
(d) Special category data
(a) Performance of a contract with you  
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated and to study how clients use our services)
To administer and protect our business and our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)  
(a) Identity
(b) Contact
(c) Technical
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
(b) Necessary to comply with a legal obligation
To use data analytics to improve our website, services, marketing, client relationships and experiences
(a) Technical  
(b) Usage  
Necessary for our legitimate interests (to define types of clients for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about services that may be of interest to you
(a) Identity  
(b) Contact  
(c) Technical  
(d) Usage  

Necessary for our legitimate interests (to develop our services and grow our business)
6 / 8

• 5. Who we share your personal information with
  

We may share your personal information with external services providers to help us provide our services and fulfil our contracts with you (e.g. website hosting service providers, email service providers, payment service providers and delivery/postage service providers).  

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party data processors to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

• 6. International transfers
  

It is sometimes necessary for us to transfer your personal data to countries outside the UK (e.g. website hosting service providers, email service providers, payment service providers and delivery/postage service providers who are based outside of the UK). This may include countries which do not provide the same level of protection of personal data as the UK.

We will transfer your personal data outside the UK only where:

• • the UK government has decided the recipient country ensures an adequate level of protection of personal data (known as an adequacy decision);
  
• • or there are appropriate safeguards in place (e.g. an international data transfer agreement or standard contractual data protection clauses published or approved by the relevant data protection regulator), together with enforceable rights and effective legal remedies for you;  
  
• • or a specific exception applies under data protection law.
  

7. Cookies  
7 / 8Like any other website, we use "cookies". These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimise the users' experience by customising our web page content based on visitors' browser type and/or other information.
Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on Don’t Drink Challenge, which are sent directly to users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalise the advertising content that you see on websites that you visit.
Note that we have no access to or control over these cookies that are used by third-party advertisers.

• 8. Data security  
  

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instruction, and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

• 9. Data retention
  

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.  
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes8 / 8for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for at least six years after they cease being customers for tax purposes.

• 10. Your legal rights
  

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

• • The right to access – You have the right to request copies of your personal information. We may charge you a small fee for this service.
  
• • The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
  
• • The right to erasure – You have the right to request that we erase your personal information, under certain conditions.
  
• • The right to restrict processing – You have the right to request that we restrict the processing of your personal information, under certain conditions.
  
• • The right to object to processing – You have the right to object to our processing of your personal information, under certain conditions.
  
• • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.