Privacy Policy

Last Updated: September 3, 2025

Introduction

This Privacy Policy describes how kidderminsterfootball.co.uk collects, uses, processes, and protects your personal information when you visit our website or use our services related to Drop The Boss.

We are committed to protecting your privacy and ensuring the security of your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

By using our website, you consent to the collection and use of your information as described in this Privacy Policy.

Data Controller Information

Data Controller: kidderminsterfootball.co.uk
Address: 42 Kensington High Street, London W8 4PE, United Kingdom
Email[email protected]

Information We Collect

Personal Information You Provide

We may collect personal information that you voluntarily provide to us, including:

  • Contact Information: Name, email address when you contact us or subscribe to updates
  • Communication Data: Messages, feedback, questions, or comments you send to us
  • Account Information: Username, preferences if you create an account
  • Survey Data: Responses to surveys or questionnaires you choose to complete

Information We Collect Automatically

When you visit our website, we automatically collect certain information:

  • Technical Data: IP address, browser type and version, operating system, device information
  • Usage Data: Pages visited, time spent on pages, click-through rates, referral sources
  • Location Data: General geographic location based on IP address
  • Cookie Data: Information collected through cookies and similar technologies (see our Cookie Policy)

Third-Party Information

We may receive information about you from third-party sources:

  • Analytics Providers: Website usage statistics from Google Analytics
  • Social Media Platforms: Information when you interact with our social media content
  • Advertising Networks: Data for targeted advertising and campaign measurement

How We Use Your Information

We use your personal information for the following purposes:

Service Provision

  • Providing access to website content and services
  • Responding to your inquiries and support requests
  • Processing account creation and management
  • Delivering requested information about Drop The Boss

Website Improvement

  • Analyzing website usage patterns and user behavior
  • Improving website functionality and user experience
  • Developing new features and content
  • Troubleshooting technical issues

Marketing and Communication

  • Sending newsletters and updates (with your consent)
  • Providing personalized content and recommendations
  • Conducting market research and surveys
  • Measuring advertising campaign effectiveness

Legal Compliance

  • Complying with legal obligations and regulatory requirements
  • Protecting our rights and interests
  • Preventing fraud and ensuring website security
  • Enforcing our terms of service

Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal grounds:

PurposeLegal Basis
Service provision and website functionalityLegitimate interests
Responding to inquiriesContract performance or legitimate interests
Marketing communicationsConsent
Analytics and website improvementLegitimate interests
Legal complianceLegal obligation
Security and fraud preventionLegitimate interests

Data Sharing and Disclosure

We may share your personal information with:

Service Providers

  • Web hosting and cloud storage providers
  • Analytics services (Google Analytics)
  • Email marketing platforms
  • Customer support tools
  • Security and fraud prevention services

Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes, court orders, or regulatory requests
  • Protect our rights, property, or safety
  • Prevent or investigate fraud or security breaches
  • Enforce our terms of service

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

Third Countries

Some of our service providers may be located outside the UK/EEA. When transferring data internationally, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by the UK authorities
  • Standard contractual clauses
  • Binding corporate rules
  • Other approved transfer mechanisms

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Contact inquiries: 3 years from last communication
  • Website analytics data: Up to 26 months
  • Marketing data: Until you withdraw consent or request deletion
  • Legal compliance data: As required by applicable laws
  • Security logs: Up to 12 months

Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you and information about how it’s processed.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure (“Right to be Forgotten”)

Request deletion of your personal data in certain circumstances.

Right to Restrict Processing

Request that we limit how we use your personal data in certain situations.

Right to Data Portability

Request a copy of your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests, including direct marketing.

Right to Withdraw Consent

Withdraw consent for processing where consent is the legal basis.

Right to Lodge a Complaint

Contact the Information Commissioner’s Office (ICO) if you have concerns about our data processing.

Exercising Your Rights

To exercise your rights, contact us at [email protected]. We will:

  • Respond to your request within one month
  • Verify your identity before processing requests
  • Provide information in a clear and understandable format
  • Not charge fees unless requests are excessive or unfounded

Data Security

We implement appropriate technical and organizational security measures to protect your personal data:

Technical Measures

  • Encryption of data in transit and at rest
  • Secure hosting infrastructure
  • Regular security updates and patches
  • Access controls and authentication systems
  • Backup and recovery procedures

Organizational Measures

  • Staff training on data protection
  • Privacy impact assessments
  • Data processing agreements with service providers
  • Regular security reviews and audits
  • Incident response procedures

Children’s Privacy

Our website is not intended for children under 18 years old. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will delete it promptly.

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. Material changes will be communicated by:

  • Posting the updated policy on our website with a new effective date
  • Sending email notifications to registered users
  • Displaying prominent notices on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Email[email protected]
Address: 42 Kensington High Street, London W8 4PE, United Kingdom

For data protection inquiries specifically, please include “Data Protection” in your email subject line.

Regulatory Authority

If you have concerns about our data processing practices, you can contact the UK’s data protection authority:

Information Commissioner’s Office (ICO)
Websiteico.org.uk
Helpline: 0303 123 1113