Privacy policy

Our contact details

Name: Neurodiverse Connection

Email: support@ndconnection.co.uk

Dated: October 2022

The type of personal information we collect

In running and maintaining our website, newsletters, forms and events we may collect and process the following data about you:

  • Personal identifiers, contacts and characteristics (e.g. name and contact details) 

  • Demographic information for equalities monitoring (e.g. gender, ethnicity, sexuality) 

  • Bank details if we need to make a payment to you or if you make a donation or a purchase 

  • Your personal health and social care experiences for projects, research and consultations. This data is anonymised unless otherwise agreed 

  • Your opinion and feedback in relation to any surveys or questionnaires issued by Neurodiverse Connection that you complete, such as feedback on our charitable activities and events. This data is anonymised unless explicitly agreed 

  • Website user statistics and cookies – When you use the Neurodiverse Connection website, like most websites, we receive and store certain details. Cookies mean that a website will remember you and any preferences you have entered. It also helps us to understand how you use our website, and where we can make improvements. 

  • Members’ videos, blogs or articles for publishing on our media such as our website, bulletin and YouTube channel which may contain personal information. 

Why we collect personal information

We may use the information that we collect from you to provide our services to you. In addition to this we may use the information for one or more of the following purposes:

  • To provide news, guidance or information to you that you request from us relating to our services.

  • To provide information to you relating to other services or guidance that may be of interest to you, when we have your permission to do so.

  • To inform you of any changes to our website, services or events.

  • To process and respond to requests, enquiries and complaints that we receive.

  • To send statements, invoices and payment reminders to you.

  • To keep our database up to date.

  • To meet statutory or regulatory requirements. 

  • To contact relevant authorities in the event of a safeguarding issue (we will always endeavour to get your agreement before doing so). 

How we collect personal information

We collect this information via systems including: 

  • Our website enquiry forms, which pass the information through to our membership database (what happens when people add their email to the webpage?) 

  • Information emailed by you, received by us via Microsoft Outlook 

  • Online surveys 

  • Event management system 

  • Website statistics 

  • Payment mechanisms/ financial systems 

  • Focus groups and interviews (for projects, research and consultations) 

  • Social media (rarely and only if necessary) 

We may share this information with third parties, that is: 

  • Neurodiverse Connection Associates and other third parties who may be contracted to do work for us on relevant projects 

  • Our payment services provider only to the extent necessary for the purposes of processing payments 

  • Relevant statutory bodies in the event of a safeguarding concern (see Safeguarding policy) 

Your information will only be used for Neurodiverse Connection’s purposes and will never be passed on to third parties for marketing purposes.  

We will only disclose your personal information: 

  • If required to do so by law; 

  • In connection with any ongoing or prospective legal proceedings; 

  • In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk). 

  • If we feel that you are at risk from harm (see Safeguarding policy)

Lawful basis for processing

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are: 

(a) Your consent. We will only process personal data after being given express permission by you, after having explained what we will use the personal information for. You are able to remove your consent at any time. You can do this by contacting us at support email address

(b) We have a contractual obligation. We sometimes enter into contractual working agreements with individuals which requires us to process personal data supplied by them.  

(c) We have a legal obligation. This refers to our holding of data on our associate team. 

(d) We have a vital interest. If we are in contact with someone whose life we believe may be at risk, we reserve the right to share their data with appropriate organisations to try to mitigate this risk. 

Storing your data

We do our utmost to ensure that all reasonable steps are taken to make sure that your data is treated and stored securely.

Unfortunately, the sending of information via the internet is not totally secure and on occasion such information can be intercepted. We cannot guarantee the security of data that you choose to send us electronically. Sending such information is entirely at your own risk. An NHS email address is available for the sharing of confidential health files - please ask and we will share this. 

We may use Microsoft Forms as part of our survey and information gathering. You can read Microsoft’s Privacy Notice for information about how they will look after your data here: https://privacy.microsoft.com/en-gb/privacystatement.

We update and review our records on a regular basis to ensure that it remains accurate. We only keep your data for the purposes for which it is being processed. If you withdraw consent your data will be permanently deleted from our records.

How we keep data up to date 

We want to make sure the information we hold about you is accurate. To do this we are reactive – responding to your requests to update or remove your data, and also proactive – sometimes contacting you to ask if your information is up to date. 

How long we store your data for 

We hold membership data until we are either reactively made aware by you that it is to be removed, or by proactively finding out that the data is no longer valid e.g. by performing a database cleaning exercise trying to contact members to validate the information and being unsuccessful. We then delete the contact record from our database. 

Other personal information that we process for any purpose or purposes will not be kept for longer than is necessary for that purpose or those purposes. 

Unsuccessful applications for job vacancies will be kept for 6 months after the time of recruitment.

Your data protection rights 

Under data protection law, you have legal rights over your personal information. For example, you can see it, amend it, ask us to change the way we handle it or have it removed from our records completely. If you want to do any of these things, you can email and we will respond to you within two weeks at the very latest. You can unsubscribe from our newsletter and mailings by clicking Unsubscribe at the foot of the newsletter, although this will not remove your data from our records. If you wish for all of your data to be removed, please email us at 

How to complain

If you have any questions or concerns about our use of your personal information, you can contact us at support@ndconnection.co.uk

You can also complain to the ICO if you are unhappy with how we have used your data. 

The ICO’s address:             

Information Commissioner’s Office 
Wycliffe House 
Water Lane 
Wilmslow 
Cheshire 
SK9 5AF 

Helpline number: 0303 123 1113 

ICO website: https://www.ico.org.uk