Privacy Policy

Privacy Policy

Last Updated On 26-September-2025
Effective Date 26-September-2025

This Privacy Policy sets out how Calibre Audio (“Calibre Audio”, “we,” “our,” “us,”) collects, uses, and shares the information that you provide to us through our website located at https://calibreaudio.org.uk/ (our “Site”) or through our charitable activities and services (collectively, our “Services”).

Calibre Audio is a company limited by guarantee incorporated under the laws of England and Wales and a charity registered at the Charity Commission with charity number 286614. Our registered office is at New Road, Weston Turville, Aylesbury, Buckinghamshire, HP22 5XQ, United Kingdom. We provide a socially inclusive audiobook service that seeks to extend and enrich the lives of members by providing a high-quality personalised service.

At Calibre Audio we are committed to protecting your personal information and being transparent about what we do with it. The privacy and security of your personal information is extremely important to us.

We do: use your personal data to help us provide a great experience for you as a member or supporter. This includes tailoring the information we share to ensure you find it relevant, useful and timely.
We do: respect your privacy and work hard to ensure we meet strict legal and regulatory requirements.
We don’t: sell your personal data to third parties.

If you have any questions relating to this Privacy Policy or how we use your personal data, please send them to enquiries@calibre.org.uk or post them to Calibre Audio, New Road, Weston Turville, Aylesbury, Buckinghamshire, HP22 5XQ, United Kingdom.

Contents

  1. Personal information we process

  2. Sensitive personal information

  3. Why we process your personal information

  4. Our Lawful Basis for processing personal information

  5. How we share your personal information

  6. International data transfers

  7. How long your personal information is stored for

  8. Data Security

  9. Use of “Cookies”

  10. Your rights

  11. Other Websites

  12. Updates to this Notice

  13. Contact us

  14. Data Protection Lead

  15. Data Breaches

  16. Automated Decision-Making and Profiling

  17. School Members

  18. Compliance with the Data (Use and Access) Act 2025

  19. Accessibility

1. Personal information we process

We collect personal information about our members, donors, supporters, volunteers, or anyone else who accesses our Services. This may include:

  • Name

  • Address and contact information (telephone number and e-mail address)

  • Date of birth

  • Gender

  • Membership number and details

  • Donation history

  • Legacy information

  • Disability or health condition

  • Demographic information

  • Experiences of print disability, if you share these with us

  • Reasons for supporting Calibre Audio

It may also include:

  • Details of any opt-in and opt-out preferences you have communicated to us

  • Whether or not you are a UK tax-payer (so that we know whether or not we can claim Gift Aid)

  • Details of any gifts you have given to Calibre Audio

  • Notes relating to our relationship with you (correspondence, connections with other individuals/organisations, prospect research notes)

If you contact us, we may keep a record of that correspondence, including your contact details, name, interests, and related information.

If you are invited to or attend a Calibre Audio event, we may collect and store information such as your name and email address and keep a record of your interest in that event and topic.

We also collect and store information about your device and your visits to the Site such as your IP address, geographical location, browser type, referral source, length of visit, and number of page views.

If you use your credit or debit card to donate, buy something or pay online or over the phone, we ensure that we manage this securely and in accordance with the Payment Card Industry Data Security Standard (PCI DSS). We do not store your financial information for longer than necessary.

2. Sensitive personal information

We only collect and use sensitive personal information (special category data) if there is a valid reason for doing so and where the law allows it.

We ask for information about health conditions as part of membership sign-up to confirm eligibility and provide Services. We may also ask for religion or ethnicity for equality and diversity monitoring (optional).

If you provide any sensitive personal information, we will treat it with extra care.

We use sensitive data only to:

  • Help you with your enquiry/membership/request/donation

  • For internal training

  • For monitoring or evaluating our Services

If you share your story with us for publicity which includes health details, we will ask for your explicit consent.

3. Why we process your personal information

We process personal information to:

  • Administer and deliver membership services

  • Process sales, bookings, and event participation

  • Manage volunteers

  • Conduct research and surveys

  • Process donations, administer Gift Aid, manage legacy pledges, and communicate with donors

  • Send marketing communications where consent has been given

  • Tailor services and communications (profiling)

  • Conduct prospect research (using publicly available information, with opt-out rights)

4. Our Lawful Basis for processing personal information

We rely on:

  • Consent – e.g. for marketing

  • Contract – e.g. to provide the audiobook service

  • Legal obligation – e.g. Gift Aid, employment law

  • Legitimate interests – e.g. to administer services, manage relationships, evaluate and improve our work

5. How we share your personal information

We will never sell or trade your personal information.

We may share your data with trusted third parties who provide services to us under contract. These include:

  • IT and cloud hosting providers – such as Microsoft 365 and Amazon Web Services, who securely host our systems and data.

  • Email and communications providers – such as SendGrid, which we use to send newsletters and service updates where you have opted in.

  • Payment processors – such as Stripe and PayPal, for handling donations and online payments.

  • Specialist systems providers – such as platforms used to manage our library services and member records.

  • Auditors, advisors and regulators – where required by law or regulation (e.g. HMRC for Gift Aid, the Charity Commission).

All suppliers are required to act only on our instructions, keep your information secure, and comply with UK data protection law.

We may also share anonymised, aggregated data for reporting and research, but this will not identify you.

6. International data transfers

Where data is transferred outside the UK, we use safeguards such as:

  • Adequacy regulations

  • International Data Transfer Agreement (IDTA) or UK Addendum to SCCs

  • The UK-US Data Bridge (where applicable)

We monitor changes to adequacy arrangements and update safeguards accordingly.

7. How long your personal information is stored for

  • Gift Aid and donation records – 6 years

  • Member records – kept while active, then deleted after 2 years of inactivity

  • Volunteer records – 3 years after service ends

  • Job applications – 1 year after recruitment closes

Our Data Retention Policy provides further detail.

8. Data Security

We use appropriate technical and organisational measures, including:

  • Encryption and secure servers

  • Role-based access and staff training

  • Regular audits and monitoring

  • Supplier contracts requiring robust security standards

9. Use of “Cookies”

We use cookies for:

  • Strictly necessary – required for the site to work

  • Performance – to improve site use

  • Analytics – e.g. Google Analytics

  • Marketing – where consent has been given

You can manage your preferences via our cookie banner.

10. Your rights

You have the right to:

  • Access your data

  • Correct inaccurate or incomplete data

  • Erasure (“right to be forgotten”)

  • Restrict processing

  • Data portability

  • Object to processing based on legitimate interests

  • Withdraw consent where applicable

You may complain to the ICO (www.ico.org.uk).

11. Other Websites

Our Site may contain links to other websites. We are not responsible for their privacy practices.

12. Updates to this Notice

We may update this Privacy Policy. If we make significant changes, we will aim to notify you and update the version on our Site.

13. Contact us

  • Phone: 01296 432339

  • Email: enquiries@calibre.org.uk

  • Post: Calibre Audio, New Road, Weston Turville, Aylesbury, Buckinghamshire, HP22 5XQ, United Kingdom

14. Data Protection Lead

Our Data Protection Lead is the Chief Operating Officer (COO). Contact details as above.

15. Data Breaches

If a personal data breach poses a risk to your rights, we will inform you and the ICO without undue delay. We maintain breach procedures in line with our Data Protection Policy.

16. Automated Decision-Making and Profiling

We do not make decisions based solely on automated processing that have a legal or similarly significant effect. Where we use profiling (e.g. to tailor fundraising), it is subject to human review, and you may object at any time.

17. School Members

We collect and process data about pupils and school staff when schools register pupils as members.

For pupils, this may include: name, date of birth, eligibility information, borrowing history.
For staff, this may include: name, role, email, phone, and correspondence.

We process this data to administer memberships, confirm eligibility, and support schools.

Lawful basis: legitimate interests (Article 6(1)(f)), with safeguards for children’s data.
Special category data (health/disability): Article 9(2)(d).

Safeguards include:

  • Minimum data collected

  • Pupil data used only for service delivery (never for fundraising or marketing)

  • Secure storage with limited staff access

  • Deletion after membership ends or inactivity (2 years)

  • Parents/guardians informed of rights

We rely on schools to ensure they have a lawful basis before providing pupil data. Parents/guardians may also exercise rights on behalf of their child.

18. Compliance with the Data (Use and Access) Act 2025

We comply with the Data (Use and Access) Act 2025, ensuring any use or sharing of personal data for research, reporting, or statistical purposes is lawful, transparent, and safeguarded.

19. Accessibility

This Privacy Policy is available in alternative formats including audio or large print. Please contact us if you require it in another format.