Last updated: May 2018

This Privacy Policy sets out how Prior’s Court collects, handles, stores and protects any personal information that you provide when you use this website.

Prior’s Court is committed to ensuring that your privacy is protected and respected. Should we ask you to provide certain information by which you can be identified when using this website, you can be assured that it will only be used in accordance with this Privacy Policy.

Prior’s Court may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

A Data Controller is an individual or organisation that determines the purposes and means of processing personal data. Our Data Controller is Prior’s Court Foundation and the Data Protection Officer is Neil Atherton, Director of Finance.

Contact details for the Data Controller and Data Protection Officer:

Information Requests
Prior’s Court Foundation
RG18 9NU

Email: [email protected]

What information do we collect, how do we collect it and how do we use it?

  • When you visit our website we may gather usage information to help us improve our website experience for our visitors. This information may include your IP address, geographical location, browser type and version, operating system, how you found our website, the length of time you spent on our site, which pages you visited and website navigation paths. We use cookies to help us track these activities, but wherever possible use aggregated or anonymous data that does not identify individuals. We will ask you to consent to our use of cookies when you first visit our website. For more information about the cookies we use or how to opt-out of tracking, please visit our Cookies Policy. Usage information is processed through Google Analytics and is processed for the purposes of analysing the use of the website. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website. 
  • We collect personal information when you submit a form, register with our website, make a donation, complete a job application or otherwise provide us with personal information, such as your name, address, telephone number and email address. We only collect this information if you have given your consent for us to do so and will only use it for the purposes stated at the point of collection, for example, processing your job application or donation, or booking your place on a training course.

  • We may also receive personal information about you from third parties, for example when you sign up to fundraise for us using a site such as JustGiving. We will only use this information for the purpose it has been given.

Who has access to your information and where is it stored?

  • The information you submit will be passed to the relevant department at Prior’s Court, based on the nature of your enquiry. For example, donations will be passed to Fundraising, job applications to Recruitment and training course bookings to the Training department. Electronic data stored at Prior’s Court is stored in line with our General Data Protection Policy: protected by a strong password, only on a designated server which is sited in a secure location. Data on these servers is backed up regularly and all servers and computers are protected by approved security software and a firewall. Prior’s Court’s full General Data Protection Policy outlining in detail how data must be stored at Prior’s Court is available on request from the Data Controller. Prior’s Court is located within the United Kingdom.

  • Financial transactions relating to our website will be handled by our payment services providers, Stripe and GoCardless. We will share transaction data with our payment services providers only for the purposes of processing your payments, refunding payments and dealing with queries or complaints relating to payments and refunds. You can find information about the payment services providers' privacy policies and practices at and

  • Your data is processed by and will be available to our website provider, RaisingIT. The hosting facilities for our website are situated in Ireland and Amsterdam. Transfers to each of these countries will be protected by appropriate safeguards, namely adherence to the GDPR. RaisingIT will store your data for a maximum of 7 years from the date it was provided or last updated.

  • If you sign up to receive our newsletter or to receive emails about training courses, your data will be stored with our email service provider, MailChimp. Data stored with MailChimp is stored outside of the EU in the United States. MailChimp certifies to the Privacy Shield framework, and as such can lawfully receive EU data. Your data will be deleted from MailChimp if you have not opened an email within the last 3 years.

  • We will not share your personal information with any third party not listed within this privacy policy without your consent, unless we are required to do so by law.

Withdrawing consent or changing your information

You can change or withdraw your consent for us to hold or to use your personal data for the purposes at any time by emailing [email protected] 

We try to ensure that any changes to your personal data are enacted as soon as possible, which is usually within five working days.

You can change your profile details for your website account by logging into your account and selecting “My details” at the top, left hand side of the website.

You may opt to update your details or unsubscribe from any newsletter or training mailing lists you have previously subscribed to by clicking the link which in included within all emails we send.

Please be aware that if you withdraw your consent, we may still send you administrative communications if necessary, for example, to provide you with information about a booking you have made on a training course.

Subject access requests

You have the right to ask for a copy of any information we hold about you and to have any incorrect information in your personal details updated. You can request that we remove your records from our database or ask us to stop using your information for a specific purpose.

Subject Access Requests should be made in writing by emailing the Data Controller at [email protected] We will aim to provide the relevant data within 30 working days. The Data Controller will always verify the identity of anyone making a Subject Access Request before handing over any information.