Privacy Policy (Lizard CATCH)

Last updated: 30 January 2026

Lizard CATCH (“we”, “us”, “our”) is committed to protecting your personal data. This Privacy Policy explains what we collect when you use our website, why we collect it, how we use it, and your rights.

1) Who we are (Data Controller)

For personal data collected via this website, Lizard CATCH is the data controller.

Contact:
Email: [your email address]
Address: [your postal address]
Charity number (if applicable): [your charity number]

2) What personal data we collect

Our website does not require user accounts or logins to view content. We may still collect limited data:

  • Technical data: IP address, device/browser type, pages visited, date/time of access, and similar log data (typically via web server logs and security tools).

  • Cookies / similar technologies: essential cookies may be used for site functionality and security; optional cookies may be used if you enable analytics/marketing features (see “Cookies” below).

  • Messages you send us (if you contact us): name, email address, and the content of your message.

3) How we use your data (and our lawful bases)

We use personal data only where we have a lawful basis under UK GDPR, including:

  • To operate and secure our website (e.g., preventing fraud/abuse, troubleshooting) — Legitimate interests.

  • To respond to enquiriesLegitimate interests (and, where relevant, steps toward a contract).

  • To comply with legal obligationsLegal obligation.

  • For non-essential cookies/analytics (if used) — Consent (you can withdraw consent at any time).

4) Donations and Crowdfunder (third-party link)

Our website may link to a third-party Crowdfunder page. If you click through and donate or interact on Crowdfunder, Crowdfunder will process your personal data under its own privacy policy. We do not control how Crowdfunder collects or uses data on their platform. Please review Crowdfunder’s privacy information before providing personal data there.

5) Who we share data with

We may share limited personal data with trusted service providers that help run the website (for example: hosting, email, security, backups, and spam prevention). They are only permitted to process data on our instructions where applicable.

We may also share data if required by law, or to protect our rights and the safety of users.

6) International transfers

Some of our service providers (e.g., hosting, email, security, analytics) may process data outside the UK. Where this happens, we take steps to ensure appropriate safeguards are in place (such as UK adequacy regulations or approved contractual protections).

7) How long we keep your data

  • Server/security logs: kept for a limited period, typically up to [30/90] days, unless needed to investigate security issues.

  • Enquiry messages: kept for as long as necessary to handle your request and maintain appropriate records, typically up to [12] months, unless a longer period is required for legal or safeguarding reasons.

8) Your rights

You have rights under UK GDPR, including the right to: access your data, correct it, delete it, restrict or object to processing, and (where processing is based on consent) withdraw consent.

To exercise your rights, contact us using the details above.

9) Complaints

If you have concerns, please contact us first so we can help. You also have the right to complain to the Information Commissioner’s Office (ICO) (the UK data protection regulator).

10) Cookies

We use essential cookies where needed for core site functionality and security. If we use non-essential cookies (such as analytics), we will ask for your consent via a cookie banner/settings, and you can change your preferences at any time.

11) Children

Our website is not intended to collect personal data from children deliberately. If you believe a child has provided us personal data, please contact us and we will take appropriate steps.

12) Changes to this policy

We may update this policy from time to time. The “Last updated” date shows when it was most recently changed.