Why this Policy Exists

This privacy policy sets out how Good Faith processes and protects the personal information of our clients, those we work with and those we engage with electronically.

Privacy Notice (UK GDPR Compliant)

This privacy notice explains how Good Faith Solutions Ltd, trading as Good Faith Partnership (“we”, “us”, “our”) collects and uses personal data in accordance with UK data protection law, including the UK GDPR and Data Protection Act 2018.

Who We Are

Company number: 16727684
Registered address: 128B The Street, Rustington, Littlehampton BN16 3DA

Good Faith Solutions Ltd is a company registered in England & Wales.
Email: dataprotection@goodfaith.org.uk

We are the data controller.

Scope
This notice applies to:
- Clients and prospective clients
- Project participants and beneficiaries
- Partners and collaborators
- Website users

Data We Collect
We collect:
- Identity and contact data
- Professional information

- Project and engagement data
- Technical/usage data
- Recruitment data

Special Category Data
Where necessary (e.g. safeguarding, inclusion work), we process special category data under Article 9 UK GDPR with appropriate safeguards.

Purposes of Processing
We process data to:
- Deliver consultancy services
- Design and operate programmes
- Manage relationships and partnerships
- Monitor impact and evaluate outcomes
- Ensure safeguarding and risk management
- Comply with legal obligations

Lawful Bases
We rely on:
- Article 6(1)(a) Consent
- Article 6(1)(b) Contract
- Article 6(1)(c) Legal obligation
- Article 6(1)(f) Legitimate interests

Where special category data is processed:
- Article 9(2)(a) Explicit consent
- Article 9(2)(g) Substantial public interest

Data Sharing
We may share data with:
- Processors (IT, cloud providers)
- Clients (where required for delivery)
- Delivery partners
- Regulators or law enforcement

All sharing is subject to contracts and safeguards.

International Transfers
Where data is transferred outside the UK, we use:
- UK adequacy regulations
- Standard contractual clauses

Retention
We retain data only as long as necessary, with exceptions for safeguarding. This is based on:
- Contractual need
- Legal obligations
- Safeguarding considerations

Your Rights
You have rights to access, rectify, erase, restrict, object, portability, and withdraw consent.

Complaints
You can complain to the ICO (ico.org.uk).

Safeguarding
We may process data to protect individuals from harm.

Research & Impact
We may use anonymised or pseudonymised data for research and evaluation.

Marketing
We only send marketing where it is lawful. You can opt-out at any time.

Cookies
See Cookie Policy.

Automated Decision-Making
We do not use automated decision-making.

Diversity Policy
Available on request.

Changes
We review this notice regularly.