Get Patterned CIC Privacy Statement

Last updated: 04/05/2026
Organisation: Get Patterned CIC
Contact: info@get-patterned.com
Website: www.get-patterned.com
Company number: 16685260
Registered office: Get Patterned CIC, Studio 9, 50-54 St Paul's Square, Birmingham, B3 1QS

1. Introduction

Get Patterned CIC is committed to protecting the privacy and personal data of the young people, parents/carers, schools, colleges, community partners, employers, funders, volunteers, suppliers and professionals we work with.

This Privacy Statement explains how we collect, use, store and share personal data in line with the UK General Data Protection Regulation, the Data Protection Act 2018 and relevant guidance from the Information Commissioner’s Office.

In this statement, “we”, “us” and “our” means Get Patterned CIC.

This statement applies to personal data we process in connection with our programmes, workshops, events, school and community delivery, employer partnerships, enquiries, website use, evaluation activity, marketing, recruitment, supplier relationships and general administration.

It does not replace any separate privacy notice we may issue for employees, contractors or specific funded projects where additional terms apply.

2. Who we are and our role

For the purposes of data protection law, Get Patterned CIC will usually act as the data controller for the personal data we collect directly from you, for example through our website, booking forms, consent forms, evaluation forms, email correspondence or event registration forms.

In some cases, where a school, college, funder, employer or partner organisation provides us with personal data so that we can deliver an agreed programme, we may act as a data processor or as an independent controller depending on the arrangement. Where needed, we will agree appropriate data-sharing or data-processing terms with the relevant organisation.

Questions about this Privacy Statement or how we use personal data should be sent to:

Get Patterned CIC
Email: info@get-patterned.com
Address: Get Patterned CIC, Studio 9, 50-54 St Paul's Square, Birmingham, B3 1QS

3. Who this Privacy Statement applies to

This Privacy Statement may apply to:

  • pupils, students and young people who take part in our programmes;

  • parents, carers and guardians;

  • school, college and education staff;

  • community partners and youth organisations;

  • employers, volunteers, mentors and guest speakers;

  • funders, commissioners and corporate partners;

  • suppliers, freelancers, facilitators and contractors;

  • job applicants, prospective staff and volunteers;

  • website visitors and people who contact us with enquiries;

  • alumni or former participants who choose to stay connected with our work.

4. The personal data we may collect

The personal data we collect will depend on your relationship with us.

4.1 Pupils, students and programme participants

We may collect:

  • full name;

  • school, college or organisation name;

  • year group, age or date of birth where needed;

  • contact details, where appropriate;

  • parent/carer contact details where consent or emergency contact information is required;

  • attendance information;

  • programme choices, interests, aspirations and feedback;

  • photographs, video or audio recordings, where appropriate consent has been obtained;

  • examples of work created during a programme, such as campaign ideas, presentations, social media concepts, videos, reflections or evaluation responses;

  • accessibility, dietary, medical or additional support information where needed to keep participants safe and included;

  • safeguarding information where a concern is raised;

  • demographic or equality monitoring information, where this is needed for evaluation, funding, reporting or inclusion purposes.

We will only collect information that is relevant and necessary for the programme, activity, evaluation or safeguarding purpose.

4.2 Parents, carers and guardians

We may collect:

  • name;

  • contact details;

  • relationship to the young person;

  • consent form responses;

  • emergency contact information;

  • relevant communications about participation, access needs, safeguarding or permissions;

  • photography, video and media consent decisions.

4.3 Schools, colleges and education partners

We may collect:

  • staff names, roles and contact details;

  • school or college address and general contact information;

  • booking information;

  • programme requirements;

  • timetables, rooming information and logistical details;

  • participant lists provided by the school or college;

  • safeguarding, risk assessment or access information relevant to delivery;

  • feedback, evaluation responses and communications.

4.4 Employers, volunteers, speakers and partners

We may collect:

  • name;

  • role and organisation;

  • work contact details;

  • professional biography or profile information;

  • DBS, safeguarding or safer recruitment information where relevant;

  • availability and event participation information;

  • accessibility or dietary information for events;

  • photos, videos or quotes where consent has been given;

  • communications and records relating to partnership activity.

4.5 Funders, commissioners and corporate partners

We may collect:

  • contact details of staff and representatives;

  • organisation details;

  • communications, proposals, agreements and reporting information;

  • due diligence information where required;

  • payment, invoice and finance information;

  • monitoring and evaluation data linked to funded programmes.

4.6 Suppliers, contractors and freelancers

We may collect:

  • contact details;

  • payment and bank details;

  • invoices and financial records;

  • contracts and service information;

  • insurance, safeguarding, DBS or right-to-work information where relevant;

  • professional qualifications, experience or references where needed.

4.7 Website visitors and people who contact us

We may collect:

  • name and contact details submitted through forms or emails;

  • enquiry details;

  • newsletter preferences;

  • IP address, browser type, device information and website usage data;

  • cookie and analytics information.

5. Special category data and sensitive information

Some information is more sensitive under data protection law. This may include health information, disability or access needs, ethnicity, religious belief, safeguarding information, biometric information, or information relating to criminal records.

We will only collect this type of information where there is a clear reason to do so, for example:

  • to keep a young person safe;

  • to make reasonable adjustments;

  • to support safeguarding procedures;

  • to meet funder or equality monitoring requirements;

  • to comply with legal obligations;

  • to complete safer recruitment, DBS or suitability checks where relevant.

Where we process special category data, we will rely on an appropriate lawful basis and a special category condition under UK GDPR and the Data Protection Act 2018.

6. How we collect personal data

We may collect personal data:

  • directly from you;

  • through schools, colleges or community organisations;

  • through parents, carers or guardians;

  • through employers, funders or programme partners;

  • through booking, consent, registration or evaluation forms;

  • through email, telephone, video calls, meetings or events;

  • through surveys and feedback forms;

  • through our website, cookies or analytics tools;

  • from publicly available sources, such as an organisation’s website, Companies House, LinkedIn or professional profiles, where relevant to partnership, supplier or due diligence activity.

7. Why we use personal data

We use personal data to:

  • deliver workshops, programmes, events and activities;

  • manage bookings, registers, attendance and logistics;

  • communicate with schools, parents/carers, participants and partners;

  • obtain and manage consent, including media consent;

  • support safeguarding and welfare;

  • make reasonable adjustments and support inclusion;

  • manage employer encounters, work experience-style activities and careers-related learning;

  • create, review and evaluate programme impact;

  • produce anonymised or aggregated reports for schools, funders, partners and commissioners;

  • manage volunteers, mentors, facilitators, suppliers and contractors;

  • process payments, invoices and financial records;

  • promote our work, where we have consent or another lawful basis;

  • send newsletters or updates where permitted;

  • respond to enquiries;

  • manage complaints or incidents;

  • comply with legal, safeguarding, insurance, accounting and regulatory obligations;

  • keep our website and systems secure;

  • improve our services and develop future programmes.

8. Lawful bases for using personal data

We will only use personal data where we have a lawful basis to do so. Depending on the circumstances, we may rely on:

Consent

For example, where you have given clear permission for us to use photography, video, case studies, testimonials, marketing communications or certain optional data.

You can withdraw consent at any time by contacting us at jacob@get-patterned.com. Withdrawing consent will not affect anything we have already lawfully done before consent was withdrawn.

Contract

For example, where processing is needed to deliver a programme, manage a booking, provide services, pay a supplier, or fulfil an agreement with a school, funder, employer, contractor or partner.

Legal obligation

For example, where we need to keep accounting records, respond to legal requests, meet safeguarding duties, support safer recruitment or comply with regulatory requirements.

Legitimate interests

For example, where we need to run and improve our organisation, communicate with partners, manage enquiries, evaluate our work, protect our systems, develop programmes, maintain records, or promote our services in a proportionate way.

Where we rely on legitimate interests, we will consider your rights and freedoms and will not use your data where our interests are overridden by your rights.

Vital interests

In rare cases, we may use personal data to protect someone’s life or immediate safety, for example in an emergency.

Public task

In some funded or commissioned projects, there may be circumstances where processing supports a task in the public interest. Where this applies, it will usually be set out in the relevant project or funding arrangement.

9. Photography, video, audio and participant-created content

As part of our programmes, we may take photographs, record video or audio, or collect examples of participant-created content.

We may use this material for:

  • programme delivery;

  • evaluation and reflection;

  • internal learning and quality improvement;

  • funder or partner reporting;

  • promotional content;

  • social media, website or printed materials;

  • case studies, testimonials or impact reports.

We will only use identifiable images, video, audio or quotes of young people for promotional, marketing or public-facing purposes where appropriate consent has been obtained.

Where a school or partner organisation is responsible for obtaining consent, we will ask them to confirm that appropriate consent has been collected before we use the material.

If consent is not given, we will take reasonable steps to avoid using identifiable images, video, audio or quotes of that person in public-facing materials.

10. Safeguarding and welfare

Get Patterned CIC works with young people and takes safeguarding seriously.

Where a safeguarding concern arises, we may need to record and share relevant information with appropriate people or organisations, such as:

  • the school or college safeguarding lead;

  • parents/carers, where appropriate;

  • local authority safeguarding teams;

  • social care;

  • the police;

  • emergency services;

  • other relevant safeguarding professionals.

We will only share safeguarding information where it is necessary, proportionate and lawful, and where doing so supports the safety and welfare of a child, young person or adult at risk.

11. Evaluation, monitoring and impact reporting

We may collect feedback, survey responses, attendance records, reflections, skills assessments or other evaluation information to understand the quality and impact of our programmes.

Where possible, reports shared with funders, schools, employers, commissioners or partners will be anonymised or aggregated. This means individuals should not be identifiable from the report.

Where identifiable case studies, quotes, photographs or videos are used, we will seek appropriate consent.

12. Who we may share personal data with

We may share personal data with:

  • schools, colleges or education providers;

  • parents, carers or guardians where appropriate;

  • employers, mentors, volunteers or speakers involved in delivery;

  • funders, commissioners or corporate partners, usually in anonymised or aggregated form unless otherwise agreed and lawful;

  • freelance facilitators, photographers, videographers, evaluators or delivery partners;

  • venues, transport providers or event hosts where needed for access, safeguarding, attendance or safety;

  • IT, website, email, cloud storage, form, database, payment, accounting and administrative service providers;

  • professional advisers, such as accountants, lawyers or insurers;

  • safeguarding authorities, local authorities, social care, police or emergency services where required;

  • regulators, government bodies or courts where legally required.

We do not sell personal data.

Where third-party service providers process data on our behalf, we will take reasonable steps to ensure appropriate contractual, security and data protection safeguards are in place.

13. International transfers

Some of the systems or service providers we use may process data outside the United Kingdom.

Where personal data is transferred internationally, we will take reasonable steps to ensure appropriate safeguards are in place, such as adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, or another lawful transfer mechanism.

14. How long we keep personal data

We will only keep personal data for as long as necessary for the purpose it was collected, unless we are required to keep it for longer by law, contract, insurance, safeguarding, finance or regulatory requirements.

Typical retention periods may include:

Type of informationTypical retention periodGeneral enquiriesUp to 2 years after last contactSchool, partner and programme recordsUp to 6 years after the end of the relationship or programmeConsent formsUp to 6 years after the relevant programme or use of materialSafeguarding recordsIn line with safeguarding requirements and professional guidanceFinance, invoice and accounting recordsUsually 6 yearsRecruitment records for unsuccessful applicantsUsually up to 6–12 monthsContractor, supplier and partnership agreementsUsually up to 6 years after the relationship endsMarketing mailing listsUntil you unsubscribe or withdraw consentWebsite analyticsIn line with the relevant analytics or cookie settings

These periods may vary depending on the context of a project, funder requirement, legal obligation or safeguarding need.

15. Keeping personal data secure

We use appropriate technical and organisational measures to protect personal data. These may include:

  • password-protected systems;

  • access controls;

  • secure cloud storage;

  • limited access to personal data on a need-to-know basis;

  • staff and contractor confidentiality expectations;

  • secure deletion or archiving;

  • safeguarding procedures;

  • data protection checks with relevant suppliers;

  • secure transfer methods where appropriate.

No system can be guaranteed to be completely secure, but we take reasonable steps to protect personal data from unauthorised access, loss, misuse, alteration or disclosure.

16. Cookies and website use

Our website may use cookies and similar technologies to make the website work, understand how visitors use it and improve the user experience.

Cookies may include:

  • strictly necessary cookies;

  • performance or analytics cookies;

  • functionality cookies;

  • marketing or embedded media cookies, where applicable.

You can manage cookies through your browser settings or any cookie consent tool available on our website.

Our website may include links to other websites. We are not responsible for the privacy practices of external websites, so you should check their privacy notices before providing personal data.

17. Marketing and communications

We may contact schools, colleges, employers, partners, funders or professionals about programmes, services, opportunities, updates or events where we have consent or a legitimate interest to do so.

We will not send direct marketing to pupils or young people without appropriate consent or another lawful basis.

You can opt out of marketing communications at any time by contacting info@get-patterned.com or using any unsubscribe option provided.

18. Automated decision-making and profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.

19. Data breaches

If a personal data breach occurs, we will assess the risk and take appropriate action.

Where a breach is likely to result in a risk to people’s rights and freedoms, we will report it to the Information Commissioner’s Office where required. Where a breach is likely to result in a high risk to individuals, we will also notify affected individuals where required.

20. Your data protection rights

Depending on the circumstances, you may have the right to:

  • request access to your personal data;

  • ask us to correct inaccurate or incomplete data;

  • ask us to delete your personal data;

  • ask us to restrict how we use your data;

  • object to certain uses of your data;

  • withdraw consent where we rely on consent;

  • request transfer of your data in a portable format;

  • object to direct marketing;

  • complain to the Information Commissioner’s Office.

To exercise your rights, contact:

info@get-patterned.com

We will usually respond within one month. In some cases, we may need to ask for proof of identity before responding.

21. Complaints

We would welcome the opportunity to resolve any concern directly. Please contact us first at:

info@get-patterned.com

You also have the right to complain to the Information Commissioner’s Office:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113
Website: ico.org.uk/make-a-complaint

22. Changes to this Privacy Statement

We may update this Privacy Statement from time to time to reflect changes in our work, legal requirements, systems or data protection practices.

The latest version will be made available on our website or provided on request.