top of page

Privacy Policy

1. Who We Are

ANCHOR Inclusion provides early-help support, training, and guidance for schools, families, and professionals, with a focus on inclusion, wellbeing, and practical strategies.

 

ANCHOR Inclusion is the trading name of Early Help Support

Registered in England and Wales.

Company number: Pending

Registered office: Pending

Email: info@anchorinclusion.co.uk

 

We are the Data Controller for personal data collected through this website and in the delivery of our services.

 

We are not required to appoint a Data Protection Officer. Data protection responsibilities are overseen by S Asha. If this changes, this policy will be updated accordingly.

2. What Information We Collect

We may process personal data relating to:

  • Individuals making enquiries about our services

  • Parents or carers seeking support for their child

  • Children and young people (via parents, carers, or schools)

  • School staff and education professionals

  • Funders and partner organisations

 

The types of data we may collect include:

  • Name and contact details (email address, phone number)

  • Information provided through enquiries, referrals, or bookings

  • Information relevant to delivering support or training

  • Limited sensitive information where necessary (see Section 6)

  • Website usage data including IP addresses (see Section 12)

 

We apply the principle of data minimisation, ensuring that only the data necessary for each specific purpose is collected and used. We do not collect more information than we need.

3. How We Use Your Information

We use personal data to:

  • Respond to enquiries and communications

  • Deliver services, support, and training

  • Manage bookings and professional relationships

  • Maintain appropriate records

  • Send newsletters or service updates (where you have subscribed)

  • Improve and develop our services

4. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Legitimate interests : responding to enquiries and providing appropriate support

  • Contract : delivering agreed services or training

  • Consent : where information is provided voluntarily and specific consent is required

  • Legal obligation : where we are required to comply with safeguarding or legal duties. This includes safeguarding duties under relevant UK legislation and statutory guidance.

 

Where we rely on legitimate interests, we do so only where it is necessary for the operation of our services. We have carried out a Legitimate Interests Assessment (LIA) to ensure our processing is fair, balanced, and does not override your rights and interests.

5. Data Use Overview

We collect names, email addresses, and contact details in order to respond to enquiries. This information is processed under our legitimate interests and is retained for up to 12 months.

We collect contact and booking details to deliver services and training. This information is processed under a contractual basis and is retained for up to 6 years.

We may collect service-related information to provide appropriate support and tailor our services effectively. This information is processed under legitimate interests and/or contractual necessity and is retained for up to 6 years.

Where applicable, we may collect sensitive information for safeguarding and support purposes. This information is processed under legal obligation and/or consent and is retained for up to 6 years.

We collect funder and stakeholder contact details in order to manage funding relationships and communications. This information is processed under contractual necessity and/or legitimate interests and is retained for up to 6 years.

We collect website usage data, including analytics information, to help us understand how visitors use the website and improve user experience. This information is processed based on consent and is retained according to Google Analytics retention settings.

 

We may collect IP addresses and device-related data to support website functionality, security, and performance. This information is processed under legitimate interests and is retained in accordance with our website hosting provider’s retention policies.

6. Special Category Data (Sensitive Information)

In some cases, we may process limited sensitive information (for example, information relating to wellbeing, additional needs, or safeguarding concerns).

 

This is only done where:

  • it is necessary to provide appropriate support

  • explicit consent is given, or

  • there is a safeguarding or legal obligation

 

Where we process special category data, we do so under Article 9 UK GDPR, including substantial public interest (safeguarding) and explicit consent where applicable.

 

All such information is handled with strict confidentiality and care.

7. Safeguarding and Confidentiality

We operate within a safeguarding-informed framework.

 

Information shared in a professional context is treated respectfully and confidentially. However, if there are concerns about the safety or wellbeing of a child or individual, relevant safeguarding procedures will be followed in line with UK guidance.

8. Data Sharing

We do not sell personal data.

 

We may share information where necessary with:

  • Schools or professionals directly involved in support (where appropriate)

  • Safeguarding authorities if required

  • Trusted third-party service providers (see Section 12 for tools used)

 

All data sharing is purposeful, carefully considered, and carried out in line with our legal obligations.

 

Third-party providers act as data processors on our behalf under contractual agreements. Where information is shared with schools or safeguarding authorities, this may be as separate data controllers.

9. Data Retention

We retain personal data only for as long as necessary:

  • Enquiry data: up to 12 months after last contact

  • Service-related records: up to 6 years (in line with safeguarding and legal requirements)

  • Funding and financial records: up to 6 years

 

Data is securely deleted when no longer required.

10. Data Security

We take appropriate technical and organisational measures to keep personal data secure. This includes the use of secure email systems, access controls, and careful handling of any sensitive information.

 

We regularly review our data protection practices to ensure ongoing compliance with UK GDPR and ICO guidance. Data protection is treated as an active responsibility, not a one-time exercise.

11. International Data Transfers

Some of the third-party tools we use (listed in Section 12) may involve the processing of data outside the UK : primarily in the USA via Google and Eventbrite. Transfers are safeguarded through UK adequacy regulations or International Data Transfer Agreements (IDTAs) or standard contractual clauses where required, to ensure your data is protected to the same standard as within the UK.

 

We do not routinely transfer personal data outside the UK in the course of delivering our own services.

12. Cookies and Third-Party Technologies

What are cookies?

Cookies are small text files placed on your device when you visit a website. Some are essential for the site to work; others help us understand how visitors use it.

What we use and why

We use Google Analytics to help us understand website traffic and how visitors use our website. This may involve processing anonymised usage data and IP addresses. Data may be processed in the USA by Google LLC, with UK adequacy safeguards applying.

We use Google Workspace, including Gmail and Google Drive, for email communication and secure document storage. This may involve processing names, email addresses, and the content of communications. Data may be processed in the USA by Google LLC, with UK adequacy safeguards applying.

We use Wix Bookings to manage sessions, appointments, and training bookings. This may involve processing names, contact details, and booking information. Data may be processed internationally through Wix infrastructure.

We use Eventbrite for event registration and ticketing. This may involve processing names, email addresses, and booking details. Data may be processed in the USA by Eventbrite Inc under standard contractual clauses.

We use Wix Email Marketing to send newsletters, updates, and service-related communications. This may involve processing names and email addresses through Wix infrastructure.

We use Google Forms to collect enquiry information, feedback, and submitted responses. This may involve processing any information you choose to provide. Data may be processed in the USA by Google LLC, with UK adequacy safeguards applying.

Your consent

Non-essential cookies: including those used for analytics : will only be set after you have given your consent via our cookie banner when you first visit the site.

 

You can withdraw or change your cookie preferences at any time by clicking the cookie settings in the footer of our website, or by adjusting your browser settings. Please note that disabling certain cookies may affect how the website functions.

Lawful basis for cookies

  • Essential cookies: legitimate interests (necessary for the site to operate)

  • Analytics and marketing cookies: consent

 

We comply with the Privacy and Electronic Communications Regulations (PECR) in relation to cookies and electronic communications.

Email marketing

​​If you subscribe to our newsletter or email updates, we will only send you communications where you have actively opted in. Every communication will include a clear and easy unsubscribe option. We do not use pre-ticked opt-in boxes.

13. Your Rights

Under UK data protection law, you have the right to:

  • Access your personal data : you can request a copy of the information we hold about you

  • Request correction of inaccurate or incomplete data

  • Request deletion of your data where there is no lawful reason for us to continue holding it

  • Object to processing in certain circumstances, including where we rely on legitimate interests

  • Restrict processing : you can ask us to pause the use of your data, for example while accuracy is being disputed or an objection is being considered

  • Data portability : where we process your data by automated means and on the basis of consent or contract, you have the right to receive that data in a structured, commonly used, machine-readable format

  • Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing before withdrawal

 

To exercise any of these rights, please contact us using the details in Section 16. We will respond within one calendar month.

14. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling in the way we deliver our services or process personal data.

 

All decisions relating to support, referrals, or professional recommendations are made by a person, not by an automated system.

 

If this changes in the future, this policy will be updated to reflect it and to explain your rights in that context.

15. Children's Data and Information Shared by Parents or Carers

Our work with children and families

Some of our services involve working with or on behalf of children and young people. We take the privacy and safety of children very seriously and handle any information relating to them with particular care, in line with the ICO's Children's Code and UK GDPR.

Information shared by parents or carers

Where a parent or carer contacts us about their child, we may collect:

  • The child's name, age, and year group

  • Information about their needs, wellbeing, or circumstances

  • Details relevant to the support being sought

 

This information is used solely to provide appropriate early help support and is not shared beyond those directly involved without consent, except where safeguarding duties require it.

 

Parents and carers have the right to know what information we hold about their child, request correction or deletion of that information, and withdraw consent for non-essential processing at any time.

 

Where a child is old enough to understand, we aim to involve them appropriately in decisions about their own information, in line with their age and capacity.

 

Where appropriate, we consider the best interests of the child in line with the ICO's Children's Code (Age Appropriate Design Code).

A note on children using out website

Our website is not directed at children. We do not knowingly collect personal data directly from children under the age of 13. If you believe a child has submitted personal data to us without appropriate consent, please contact us and we will delete it promptly.

16. Schools as Data Controllers

When we work with schools, both ANCHOR Inclusion and the school may act as separate data controllers in respect of the individuals involved. In some cases, we may act as a data processor on behalf of the school. The nature of the relationship will be clarified at the point of engagement where relevant.

 

In practice this means:

  • Schools remain responsible for their own data protection obligations in relation to pupils, families, and staff

  • Where we receive information from a school about a pupil or family, we use it only for the purpose for which it was shared

  • We do not retain school-shared information beyond what is necessary for the service provided

  • Any data sharing is proportionate, lawful, and in line with both parties' safeguarding responsibilities

 

Schools should ensure that their own privacy notices reflect any data sharing arrangements with external providers, including ANCHOR Inclusion, where appropriate.

17. Funders and Professional Stakeholders

Where we work with funders, commissioners, or other professional stakeholders, we may collect and process contact and organisational information such as:

  • Names and job titles of relevant contacts

  • Email addresses and phone numbers

  • Information relevant to grant applications, reporting, or professional partnerships

 

This information is used to manage funding relationships and reporting requirements, communicate about services and impact, and meet any contractual or legal obligations associated with funding agreements.

 

Processing in this context is carried out under contract (where a funding or service agreement is in place) and legitimate interests (for ongoing professional communication). Records are retained for up to 6 years in line with financial and legal best practice.

18. Complaints

If you have concerns about how your data is handled, please contact us in the first instance using the details below.

 

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

19. Contact

For any questions about this policy or your personal data:

 

ANCHOR Inclusion | Early Help Support

Email: info@anchorinclusion.co.uk

Registered office: Pending

20. Updates to This Policy

This policy may be updated from time to time to reflect changes in services, legal requirements, or best practice. The version number and date at the top of this document will be updated accordingly.

 

We recommend checking this page periodically for any changes.

Privacy Policy

ANCHOR Inclusion, Early Help Support

Last updated 11th May 2026, Version 1.0

bottom of page