Superhighways, (a project of Kingston Voluntary Action), respects your privacy and considers the security of your personal information extremely importantly, taking all reasonable measures to safeguard any data we collect from you. The following information outlines what information we collect, for what purpose we process it and where and how long we store it for


Information we collect and how we use it

We collect personal information from you when you or your organisation enquires about our services, joins our membership package, books on our training or events, accesses our advice services or subscribes to our eNews. This may typically include your name, email address, job title, address and phone number. We also often collect further information about your organisation eg client group you support, borough you are based in, deemed as non personal data.

We only use this information to process requests, deliver our services or to provide you with information about our services and any other related services or resources. We will not share this information with other organisations unless we gain prior consent, or as outlined below, or where we are required to do so for legal reasons.  Organisational data may sometimes be shared with our funders to satisfy reporting requirement,usually as anonymous statistics, but sometimes identifying organisation names and for example which borough they are based in.


Tech support 

We collect and store some personal data when providing advice and assistance to both member and non member organisations accessing our tech support service. This is logged in our Tech support portal which links to our CRM (AIDE) and is used to reference past IT issues and look up contact details so we can get back to you. 


Training & events

We collect some personal data from people booking on our training and events so we can administer bookings and e.g. contact attendees with webinar links, update on any session cancellations or send out follow up resources. We may also ask about any additional support needs so we can ensure our training is accessible and report back attendance information to funders as above.

We use our CRM system (AIDE) for booking administration, having previously used Eventbrite (which also processed payments for those opting to pay online). Find further information about Eventbrite's privacy policy here.


Photos, audio & video

We may take photos at training sessions or events and use to post on social media or in our other communications including our eNews, website and annual review. We will ask for verbal consent before doing so. We also sometimes take audio or videos from beneficiary organisations to showcase our own impact. In these cases we have a case study consent form which we will ask individuals to agree to and sign.


Monitoring & evaluation

We often use online survey tools (usually Survey Monkey or Office 365 forms) to collect feedback about our services (or to provide evidence of need).  These are usually completed anonymously, but we often optionally ask for an email address so we can contact those who have requested follow up e.g. further training.  Read more about Survey Monkey’s privacy and security policies.  In future we will be using inbuilt surveys from our CRM system (AIDE).



Our website is built on the Voice platform. You can find out further information about Voice’s use of Cookies and their Privacy policy. We collect some information via web forms e.g. Membership application form (an Office 365 form) or general enquiries via a Voice form, where submission data is securely emailed to us. We also use Google Analytics to track site usage (anonymously) to inform future improvements of the website e.g. making information easier to find.



When you subscribe to our eNews, we collect your name, email address and organisation and use this information only for the purpose of communicating and targeting updates about our services in our monthly eNews and ad hoc training alerts. We do not share your information with other organisations.

We use Mailchimp as our provider and personal data will therefore be stored in the United States - find out more about Mailchimp’s privacy policy. Messages you receive from us may be trackable at an individual level, allowing us to determine, for example, opens and link clicks. This information is generally used by us to help assess the effectiveness of our communications so that we can improve them and may occasionally be used to send relevant further communications in response to your actions (e.g. opening an email) or your inaction (e.g. not opening an email).

You can subscribe to our mailing list here and if subscribed already, you can unsubscribe at any time by either emailing or by clicking the unsubscribe link in the footer of the eNews.



If you fill out our volunteer application form we use the information provided to verify your identity and contact you to progress your application. We will keep basic details after you have finished volunteering with us to enable us to act as a reference in future, should this be requested.


Third party data processors

As outlined above, we use a number of 3rd party providers to process your data e.g. for booking on training and sending out our eNews.  Where data hosting is possible in the UK, we opt for this.  But some providers will store your data on our behalf in the EU or United States. We carry out reasonable due diligence checks where data is transfered outside the UK.



We will only retain your personal information for as long as necessary for the purposes we collect it, as outlined above.



We use all reasonable technical, physical and organisational safeguards to maintain security of the personal data we hold about you, to protect against loss, theft or unauthorised access, use, modification or disclosure. We also carry out reasonable due diligence checks on the security notices of any data processors that we use.


Your rights

Under GDPR, you have a number of data rights: the right to access; right to rectification; right to erasure; right to object; right to restrict processing and the right to data portability.

Please contact us with any questions you may have about our Privacy policy and processing of your personal data. If you wish to access or update the personal information we hold about you or to correct any errors in our records, please contact us by emailing or phoning 020 8255 8040. You also have the right to request removal of your data from our systems.

You can also contact the Information Commissioner's Office via if you have any concerns.


We may periodically update this Privacy policy - any changes made will be posted here and the date of modification recorded.

Updated February 2022.