Privacy Policy

Last updated: 2 June 2025

1. Introduction

Welcome to Meaty Runners (“we”, “our” or “us”). We respect your privacy and are committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or subscribe to our newsletter.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services. We may update this Policy from time to time; any changes will be posted here with a revised “Last updated” date.

2. Data We Collect

2.1 Email Address

When you sign up for our newsletter, we collect your email address. We do not require any additional personal data at the point of newsletter signup.

2.2 Name & Contact Details (Optional)

If you register for an event or make a purchase through our website, we may also collect your name, postal address, phone number, and payment-related information. Such data is collected only when you voluntarily provide it during the registration or checkout process.

2.3 Analytics & Cookies

We use cookies and similar tracking technologies (e.g. Google Analytics, Facebook Pixel) to automatically collect information about your browsing behaviour, device, IP address, and referring/exit pages. For details on cookies, see Section 9 below.

3. How We Collect Your Data

We collect information you provide directly through forms on our site (newsletter signup, contact form, event registration, checkout). We also gather certain information automatically via cookies and server logs when you visit our pages.

4. Legal Basis for Processing

We rely on the following lawful bases under UK GDPR to process your personal data:

• Consent: When you tick the checkbox to receive our newsletter, you explicitly consent to us sending periodic emails. You may withdraw consent at any time by clicking “unsubscribe.”
• Contract: If you register for an event or purchase a product, processing your name, address, and payment details is necessary to fulfil our contract (e.g. sending tickets, shipping goods).
• Legitimate Interests: We use cookies and analytics to improve site performance, prevent fraud, and protect our website from security threats. We believe these interests do not override your fundamental rights and freedoms.

5. How We Use Your Data

• Newsletter Distribution: We forward your email address to our Email Service Provider (ESP) so that you receive our regular newsletters and occasional promotional emails.
• Event Registration & Purchases: We use your name, address, and payment data to process your booking, send confirmation emails, and—if applicable—ship physical goods.
• Marketing & Analytics: We analyse website traffic via Google Analytics (or similar) to understand user behaviour, improve our pages, and customise marketing campaigns. Any data collected for analytics is aggregated and anonymised where possible.
• Legal Compliance: We may use your information to comply with anti-fraud, tax, and other legal obligations (e.g., retaining financial records required by HMRC).

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, subject to your rights, and any applicable legal, tax, or accounting requirements.

• Newsletter Emails: We keep your email address in our ESP until you unsubscribe. After unsubscribing, we retain a hashed record of your email for 6 months (for audit purposes) and then permanently delete it.
• Event & Order Data: We keep name, address, and purchase history for 3 years for tax and warranty purposes, in compliance with HMRC guidelines. After 3 years, we anonymise or delete the data.
• Analytics Data: Google Analytics retains aggregated metrics for up to 26 months. We do not store any personally identifiable analytics data on our own servers.

7. Disclosure to Third Parties

7.1 Email Service Provider (ESP)

We use a reputable ESP (e.g. Mailchimp/Sendinblue/ConvertKit) to send our newsletters. When you opt in, your email address is securely transmitted to the ESP, which processes the data on our behalf. The ESP is GDPR-compliant and only uses your email to deliver messages; they do not share or sell your information.

7.2 Local Subscriber Log (Backup)

In addition to the ESP, we maintain a local “subscriber log” in our own database as a backup. This log contains:

• Your email address (stored in hashed form whenever possible).
• The date and time you subscribed.
• The date and time you unsubscribed (if applicable).

This local log is stored on an encrypted database and accessible only to authorised staff. We keep this log for 6 months after a subscriber has unsubscribed, then permanently delete their record.

7.3 Payment Processors & Shipping Partners

If you place an order, we share your name, address, and payment details with our chosen payment gateway (e.g. Stripe/PayPal) and, when shipping physical goods, with our delivery partner (e.g. Royal Mail/DPD). Each of these third parties is required to process your data solely for the purpose of completing your order and is obligated under GDPR to protect it.

8. Security Measures

We implement administrative, technical, and physical safeguards to protect your personal data. These include:

• Encryption of data in transit (HTTPS/TLS) and at rest (database encryption).
• Access controls: only authorised personnel can view or export personal data.
• Regular security audits, software updates, and strong password policies.

However, no system can guarantee 100% security. If you suspect a data breach affecting your information, please contact us immediately (see Section 13).

9. Cookies & Tracking Technologies

We use cookies to distinguish you from other users, improve your browsing experience, and compile aggregate data about website traffic:

• Essential Cookies: Required for basic site functionality (e.g. keeping you logged in, preventing fraud).
• Analytics Cookies: We use Google Analytics (or similar) to understand how visitors use our site. This data is aggregated and does not personally identify you.
• Marketing Cookies: Third-party pixels (e.g. Facebook Pixel) to measure ad performance. You can opt out at any time by adjusting your browser settings or visiting www.youronlinechoices.com.

When you first arrive on our site, a banner prompts you to accept cookies. You may disable non-essential cookies via that banner or in your browser’s privacy settings.

10. Your Rights Under GDPR

Under the UK GDPR, you have the following rights regarding your personal data:

• Right of Access: You can request a copy of any personal data we hold about you.
• Right to Rectification: If you believe any information we hold is inaccurate or incomplete, you can ask us to correct it.
• Right to Erasure (“Right to be Forgotten”): You can request that we delete your personal data, subject to certain legal obligations (e.g. tax records).
• Right to Restrict Processing: You can ask us to limit how we use your data (for example, if you contest its accuracy).
• Right to Data Portability: You can request your data in a structured, machine-readable format to transfer to another controller.
• Right to Object: You can object to processing based on legitimate interests (e.g. analytics), or to direct marketing at any time.
• Right to Withdraw Consent: Where we rely on consent, you can withdraw it at any time (e.g. unsubscribing from our newsletter).

To exercise any of these rights, please contact us as described in Section 13. We will respond within one month of receiving your request (or two months if your request is complex).

11. International Data Transfers

Our ESP (e.g., Mailchimp) may store or process your personal data on servers located outside the UK/EEA. Whenever such transfers occur, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses) to maintain an adequate level of protection for your data.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we do, we will revise the “Last updated” date and, if the changes are material, post a notice on our homepage and/or send a notification to our newsletter subscribers.

13. Contact Information

If you have any questions about this Privacy Policy or wish to exercise your GDPR rights, please contact us:

• Email: privacy@meatyrunners.co.uk
• Mailing Address:
  Meaty Runners Running group
  42 Carnaby Street
  London W1F 9QS
  United Kingdom
• Phone: +44 (0) 20 1234 5678 (optional)

Thank you for trusting Meaty Runners with your personal information. We are committed to safeguarding your privacy and handling your data responsibly.