© 2026 Shaper CIC

Privacy Policy

Privacy Policy

Last updated: 09/01/2026

Shaper CIC (“we”, “us”, “our”) is committed to protecting your privacy and handling your personal data responsibly and transparently. This Privacy Policy explains how we collect, use, store, and protect your personal information when you interact with our website, programmes, and services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Shaper CIC is a community-driven organisation dedicated to transforming lives through education, employment, and clean energy. We deliver training programmes, vocational development, and sustainable technology initiatives in partnership with communities, employers, governments, and NGOs in the UK and internationally.

For data protection purposes, Shaper CIC is the Data Controller.

2. What Personal Data We Collect

We may collect and process the following types of personal data:

a) Information You Provide to Us

  • Name
  • Email address
  • Phone number
  • Postal address
  • Date of birth (where required for training or safeguarding)
  • Education, employment, or skills information
  • Application details for training programmes, volunteering, or employment
  • Enquiries or messages submitted via contact forms
  • Donation or funding-related information (excluding full card details)

b) Information We Collect Automatically

  • IP address
  • Browser type and version
  • Device and operating system
  • Pages visited and time spent on the website
  • Referral sources

This information is collected using cookies and similar technologies (see our Cookie Policy).

3. How We Use Your Personal Data

We use your personal data to:

  • Deliver training, education, and employment programmes
  • Process applications for courses, academies, or placements
  • Communicate with learners, partners, volunteers, and supporters
  • Respond to enquiries and provide support
  • Monitor and improve our website and services
  • Meet safeguarding, regulatory, and reporting obligations
  • Administer donations, grants, and funding programmes
  • Promote our charitable activities (where consent is given)

We will only use your data for the purposes for which it was collected.

4. Lawful Bases for Processing

Under UK GDPR, we rely on one or more of the following lawful bases:

  • Consent – where you have given clear permission
  • Contract – where processing is necessary to deliver a service or programme
  • Legal obligation – where required by law or regulation
  • Legitimate interests – where necessary for our charitable objectives and operations, without overriding your rights

5. Sharing Your Information

We may share personal data with trusted third parties where necessary, including:

  • Training partners and accreditation bodies
  • Employers and placement providers (with appropriate safeguards)
  • Funding bodies, donors, and regulators (where required)
  • IT and website service providers
  • Professional advisers (e.g. legal, accounting, safeguarding)

We do not sell personal data and only share information on a need-to-know basis.

6. International Data Transfers

Some of our programmes operate internationally. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as:

  • Adequacy decisions
  • Standard contractual clauses
  • Secure data-handling agreements

7. Data Security

We take data security seriously and use appropriate technical and organisational measures to protect your information, including:

  • Secure servers and access controls
  • Encrypted communications where appropriate
  • Limited access to personal data
  • Regular system reviews and updates

8. How Long We Keep Your Data

We retain personal data only for as long as necessary, depending on the purpose:

  • Training and programme records – in line with funding and regulatory requirements
  • Enquiry data – typically up to 12 months
  • Financial and donation records – as required by law
  • Safeguarding records – retained securely for statutory periods

9. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Restrict or object to processing
  • Withdraw consent at any time
  • Request data portability
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, please contact us using the details below.

10. Cookies and Tracking

Our website uses cookies to improve functionality and user experience. For full details, please see our Cookie Policy.

You can manage or disable cookies through your browser settings.

11. Safeguarding and Children’s Data

We take safeguarding seriously. Where we process data relating to children or vulnerable adults, we apply enhanced protections and only collect data necessary for programme delivery and safeguarding obligations.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or regulatory changes. The latest version will always be published on our website.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact:

Shaper CIC
Email: info@shapercic.org

You also have the right to contact the Information Commissioner’s Office (ICO) if you believe your data has been handled improperly.

Community empowerment via education, skills, and sustainable energy for opportunity, innovation, and sustainability.

Menu
Homepage
About us
Training
Contact
Services
Education & Training
Empowering Communities
Renewables Adoption
Economy & Sustainability
Contact

© 2026 Shaper CIC. All rights reserved. Created by iProTech.

Cookie policyPrivacy PolicyTerms & conditions