lived experience
inspires
Privacy Policy
*Last updated:** 13 October 2025
​
This Privacy Policy explains how **Lived Experience Inspires** ("we", "us", "our") collects, uses, and protects your personal data when you use our website at **[https://www.livedexperienceinspires.com/](https://www.livedexperienceinspires.com/)** (the "Site"), contact us, join our mailing list, or otherwise interact with us.
We are committed to handling your personal data responsibly, transparently and in compliance with the **UK General Data Protection Regulation (UK GDPR)** and the **Data Protection Act 2018**.
---
## 1. Who we are (Data Controller)
**Lived Experience Inspires** (run by **Fliss Hoyle**) is the data controller for the personal data we collect via the Site and through our services.
**Email:** [add your preferred privacy contact email]
**Postal address (optional):** [add if you want to receive post]
You can also contact us via the form on the **Contact** page of the Site.
---
## 2. What data we collect
The personal data we collect depends on how you interact with us:
**When you contact us via the Site**
* Name, email address, subject, and the content of your message.
**When you join our mailing list**
* Email address, subscription preferences, and engagement data (e.g., email opens/clicks) where permitted.
**When we provide talks, workshops or training**
* Contact details, organisation and role, booking information, scheduling and invoicing details.
**Automatically via the Site**
* Technical data such as IP address, device type, browser, pages viewed and interactions. This is primarily collected using cookies and similar technologies (see **Cookies** below).
**Special category data (health information)**
* We do not ask you to provide health information through the Site. If you choose to include details about your health or wellbeing in a message, we will process that information only to respond to your enquiry and will not retain it longer than necessary. Please avoid sharing sensitive details in open text fields where possible.
---
## 3. Why we use your data and legal bases
We only process personal data where we have a lawful basis. The purposes and legal bases are:
| Purpose | Examples of what we do | Legal basis |
| ----------------------------------------- | ---------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
| Respond to enquiries | Reply to contact form messages and emails | **Legitimate interests** (to run our business and respond to requests) |
| Provide and manage services | Arrange talks, workshops or training; handle scheduling and invoices | **Contract** (to take steps at your request and perform a contract) |
| Send email updates | Send blog updates or newsletters you’ve requested | **Consent** (you can withdraw at any time) |
| Improve the Site | Understand how the Site is used, fix issues, and enhance accessibility | **Legitimate interests** (to keep our services useful and secure). Where analytics cookies are non‑essential, we rely on **consent** |
| Legal and compliance | Maintain records for tax/audit; respond to lawful requests | **Legal obligation** |
| Special category data you choose to share | If you include health information in a message | **Explicit consent** (by clearly submitting this information). You can withdraw consent at any time |
---
## 4. Cookies & similar technologies
We use essential cookies to operate the Site and may use optional analytics or performance cookies to understand how visitors use the Site. Where required, we will ask for your consent before setting non‑essential cookies. You can change your preferences at any time through your browser settings and (if available) the cookie banner on the Site.
A current list of cookies used by our website platform and integrations may be shown in our cookie banner or within this policy from time to time.
---
## 5. Who we share data with
We only share your data where necessary for the purposes above, for example with:
* **Website hosting and platform providers** (to run the Site)
* **Email and mailing list providers** (to send you updates you’ve requested)
* **Scheduling, invoicing or payment providers** (if applicable, to manage bookings and payments)
* **Professional advisers** (accountants, legal advisers) and authorities where required by law
All such providers act under contract and are required to keep your data secure and confidential. We do not sell your personal data.
---
​
## 6. International transfers
Some service providers may process data outside the UK. Where this happens, we ensure an appropriate safeguard is in place, such as an **adequacy decision** or **UK International Data Transfer Agreement (IDTA)/Addendum** or **Standard Contractual Clauses (SCCs)**.
​
---
## 7. How long we keep your data
We keep personal data only as long as necessary for the purposes described above:
* Enquiry records: typically up to **24 months** after our last interaction
* Mailing list data: until you **unsubscribe** (we will delete or anonymise thereafter)
* Contract and invoicing records: typically **6–7 years** to meet tax/audit requirements
* Special category data provided in messages: only for the time needed to respond, then deleted
We may retain minimal information (e.g., your email address on a suppression list) to ensure we respect a request not to be contacted.
​
---
## 8. Your rights
You have the following rights under UK data protection law:
* **Access** your personal data and obtain a copy
* **Rectification** of inaccurate or incomplete data
* **Erasure** ("right to be forgotten") in certain circumstances
* **Restrict** processing in certain circumstances
* **Data portability** for data you provided to us with consent or contract
* **Object** to processing based on our legitimate interests
* **Withdraw consent** at any time where processing is based on consent
To exercise your rights, contact us using the details above. You also have the right to complain to the **Information Commissioner’s Office (ICO)** at ico.org.uk, but please give us the chance to resolve your concerns first.
---
​
## 9. Security
We use reasonable technical and organisational measures to protect personal data, including encryption in transit (HTTPS), access controls, and least‑privilege practices with our service providers. No system can be 100% secure; if we become aware of a data incident that presents a risk to your rights and freedoms, we will notify you and regulators as required by law.
---
​
## 10. Children
Our Site and services are aimed at adults and organisations. We do not knowingly collect personal data from children under **16**. If you believe a child has provided personal data, please contact us so we can delete it.
​
---
## 11. Third‑party links
The Site may contain links to third‑party websites (for example, social media). We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy notices.
---
​
## 12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated version on this page and update the "Last updated" date above.
---
​
## 13. Contact
For questions about this Privacy Policy or how we handle your data, please contact us at **[add your preferred privacy contact email]** or via the **Contact** page on the Site.
---
​