Skip to main content

Privacy Policy

The General Data Protection Regulation (GDPR) is a law on data protection and privacy for all individuals, which becomes enforceable on 25 May 2018.

This privacy policy sets out how the LEGS Project uses and protects any information that you give the Project, when you use the LEGS website or through other communications.

The LEGS Project is committed to ensuring that your privacy is protected. This policy may be revised from time to time and will be posted on the LEGS website. You should check this page to ensure that you are happy with any changes. This policy is effective from 18th May 2018.

What Information We hold And How We Use It

The LEGS Project holds personal data in the following ways:

1. LEGS Mailing List

What we hold: The only information required to join the LEGS Mailing List is an email address. By clicking on the ‘sign up’ button on the LEGS website, users consent to joining the LEGS Mailing List. Alternatively, the List can be joined by making a request to the LEGS Project via email.

How we use it: Mailing List members’ email addresses are stored and used by the LEGS Project solely for the purpose of sending out mailings to the members of the List. The contacts are not accessible by anyone else. When a user chooses to unsubscribe from the List (using the unsubscribe option at the bottom of each mailing), their details are deleted from the mailing programme.

2. LEGS Trainers

What we hold: The LEGS Project holds contact information for all participants of LEGS Training of Trainers courses (‘LEGS Trainers’). This information comprises: name, position, organisation, postal address, country of passport, and email address.

How we use it: This information is held in the LEGS Trainers Database, which is only accessible by LEGS Project personnel. Names and email addresses are passed to parties enquiring about the availability of LEGS Trainers in a particular country, but not made publicly available. The LEGS Project uses this information to record the number of trainings carried out by each LEGS Trainer, in order to generate general statistics on the success of the Training of Trainers programme.

By participating in a LEGS Training of Trainers course, participants consent to the LEGS Project holding this information, and passing it to relevant parties. This is communicated to all participants at the beginning of each Training of Trainers course, and is included in the Trainers Guide that each participant receives. The existing entries in the Trainers Database are being contacted to obtain their consent to the LEGS Project continuing to hold their information in this way.

3. Accredited LEGS Trainers

What we hold: LEGS Trainers who have successfully completed two LEGS Trainings become ‘Accredited LEGS Trainers’. Upon accreditation, they are requested to provide email consent to their information (name, country and email address) being posted on the LEGS website Accredited Trainers page.

How we use it: The information on Accredited Trainers is available to all users of the LEGS website. All existing Accredited Trainers are being contacted to obtain their consent to the LEGS Project continuing to maintain their personal data in this manner.

4. Consultants and Steering Group Members

What we hold: The LEGS Project holds CVs and contact information on all consultants contracted by the LEGS Project, and for current Steering Group members. Where relevant this can also include passport details, travel insurance details and emergency contacts.

How we use it: The LEGS Project continues to hold this personal information on all current and ongoing consultants and Steering Group members, with the consent of the individuals concerned obtained by email. This information is not shared with any other parties. Any personal data from unsuccessful applicants for consultant positions is deleted after the recruitment process has been completed. Passport information is deleted as soon as the relevant travel has been completed.

How This Information Can Be Accessed, Updated Or Deleted

Individuals can request access to, or the updating or deletion of any of their personal data held by the LEGS Project by emailing the LEGS Coordinator []. Mailing List members can unsubscribe as outlined above, and their data will be deleted from the mailing programme.

Third Party Websites and Google Analytics

We may publish a link on our website to a third-party website, perhaps to provide you with access to important information or another resource. We are not responsible, or liable, for the management, content or security of those third-party sites. We would actively encourage visitors to review any such site’s privacy policy before disclosing any personal information.

The LEGS Project website uses Google Analytics to understand and monitor the use of the site, generating general data on numbers of users, language and country of origin. Google Analytics generates this statistical information by using cookies. Google may store this anonymous data on its servers in multiple locations across the world.  The Google privacy policy and further information is available here.

Google Analytics cookies used on this site:

Cookie Name Default Expiration Time Description
__utma 2 years from set/update Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmt 10 minutes Used to throttle request rate.
__utmb 30 mins from set/update Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmc End of browser session Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
__utmz 6 months from set/update Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
__utmv 2 years from set/update Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics.

Data Storage and Security

The LEGS Mailing List data is stored in a mailing programme, only accessible by LEGS Project staff. The remaining data held is stored on LEGS personnel laptops, which are backed up regularly, held securely, and not accessible to anyone else. In the event of a data breach (theft of laptop or backup drive, or hacking of the mailing programme), the LEGS Project will report to the UK Information Commissioner’s Office within 72 hours, and to the Charity Commission if the breach constitutes a serious incident, as required by GDPR. Where the breach is likely to result in any personal risk, we will endeavour to notify all concerned parties that their information has been accessed.

Contacts and Further Information

The LEGS Coordinator acts as the Data Protection Officer for the LEGS Project. For any further information or If you have any questions about the security or retention of your personal data, you can contact us at: