Privacy Policy for
Invisible Journeys Limited
and
Refined Compliance
Effective date: 18 October 2025
Last updated: 18 October 2025
1. Introduction
This Privacy Policy explains how Refined Compliance
and Invisible Journeys Limited (“we”, “our”, “us”) collect, use,
store, and protect personal information.
Invisible Journeys Limited
(Company No. 16358532, registered in England & Wales) is a
non-profit company limited by guarantee and acts as the
Data Controller.
Refined Compliance is
an unincorporated commercial identity used by Róbert Izsák for
consultancy and hosting functions. Refined Compliance acts as
Data Processor on behalf of Invisible Journeys Limited.
2. Contact Details
Email:
invisible-journeys [at] refinedcompliance.com
Postal:
Invisible Journeys Limited, 631, South Ninth Street, Milton
Keynes, MK9 3DF, United Kingdom
You may contact us
regarding any privacy questions or to exercise your rights under
data-protection law.
3. What Data We Collect
• Identity and contact information (name,
email address, organisation).
• Professional
information (role, affiliation, area of expertise).
• Website analytics (IP address, browser type, usage
statistics).
• Research participant or stakeholder
data submitted voluntarily.
4. How We Use Your Data
We process personal data to:
• Respond
to enquiries and provide information about our work.
•
Manage research and stakeholder engagement activities.
•
Maintain website security and performance.
• Comply with
legal and regulatory obligations.
5. Donor Data
When you donate, we collect your name, email
address, donation amount, payment reference, and any optional
message. Payment information itself is handled securely by our
chosen crowdfunding or payment-processing partners (for example,
GoFundMe). We use these data to issue receipts, maintain statutory
accounts, and communicate with donors about the use of funds.
Our lawful bases for processing are legitimate interests
(maintaining financial records) and legal obligation (compliance
with accounting law). Donor records are retained for six years
after the close of the relevant accounting period. For further
information, please see our
Donations - Full Terms
page or contact us by email at invisible-journeys [at]
refinedcompliance.com.
6. Lawful Basis for Processing
Depending on context, we rely on: consent (Article
6(1)(a) UK GDPR), legitimate interests (Article 6(1)(f)), and
legal obligation (Article 6(1)(c)). Where consent is relied
upon, you may withdraw it at any time.
7. Sharing and Transfers
Data may be shared with trusted service providers
(e.g. website host, email infrastructure, analytics) under
contractual data-processing terms.
We do not sell
personal data. If data is transferred outside the UK or EEA, we
use appropriate safeguards (such as UK International Data
Transfer Addendums).
8. Retention Period
Personal data is retained only for as long as
necessary to fulfil its purpose or as required by law. Routine
enquiry records are deleted after six years unless continued
communication is expected.
9. Your Rights
You have the right to access, rectify, erase,
restrict processing, object to processing, and portability of
your data. You may withdraw consent at any time.
You
also have the right to complain to the Information
Commissioner’s Office (ICO) at
www.ico.org.uk
10. Cookies
We use essential and
analytical cookies to maintain website functionality and
understand visitor interactions. You can adjust your browser
settings to reject non-essential cookies.
11. Security
We apply appropriate technical and organisational
measures (encryption, restricted access, regular reviews) to
protect your data.
12. Changes to This Policy
We may update this policy periodically. Any
significant changes will be posted on this page with an updated
date.