Interpretation and Definitions

Interpretation

The words whose initial letters are capitalised have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

• Account — a unique account created for you to access our Service or parts of our Service.
• Affiliate — an entity that controls, is controlled by, or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
• Company ("We", "Us", "Our") — Brighter Futures Forum, Raywood Cottage, Leacon Lane, Charing, TN27 0ET. The Company is the Data Controller under GDPR.
• Cookies — small files placed on your device by a website, containing details of your browsing history among many other uses.
• Country — United Kingdom.
• Data Controller — the Company as the legal person which determines the purposes and means of the processing of Personal Data.
• Device — any device that can access the Service such as a computer, mobile phone or digital tablet.
• GDPR — EU General Data Protection Regulation.
• Personal Data — any information that relates to an identified or identifiable individual.
• Service — the Website.
• Service Provider — any natural or legal person who processes data on behalf of the Company.
• Usage Data — data collected automatically when using the Service.
• Website — Brighter Futures Forum, accessible from www.sss-bff.com.
• You — the individual accessing or using the Service.

Collecting and Using Your Personal Data

Personal Data

While using our Service, we may ask you to provide personally identifiable information including, but not limited to:

• Email address
• First name and last name
• Phone number
• Address, State, Province, ZIP/Postal code, City
• Bank account information (for payment processing within the Service)

When you pay via bank transfer, we may request additional information including date of birth, passport or national ID card, bank card statement, or other information linking you to an address.

Usage Data

Usage Data is collected automatically when using the Service and may include your IP address, browser type and version, pages visited, time and date of visit, time spent on pages, and other diagnostic data.

Tracking Technologies and Cookies

We use Cookies and similar tracking technologies including beacons, tags, and scripts. Cookies may be Persistent or Session cookies.

Where required by law, we use non-essential cookies only with your consent. You can withdraw or change your consent at any time via our cookie preferences tool or your browser settings.

Use of Your Personal Data

• To provide and maintain our Service, including monitoring usage
• To manage your Account and registration as a user
• For the performance of a contract with you
• To contact you with updates, security notifications or service communications
• To provide news, special offers and general information about similar goods or services
• To manage your requests to us
• For business transfers such as mergers, acquisitions or asset sales
• For data analysis, identifying usage trends and improving our Service

We may share your Personal Data with Service Providers, Affiliates, business partners, other users in public areas, during business transfers, or with your consent.

Retention of Your Personal Data

We may retain data beyond these periods where required by legal obligation, to establish or defend legal claims, or due to backup system schedules. When retention periods expire, data is securely deleted or anonymised.

Transfer of Your Personal Data

Your information may be processed at the Company's operating offices and any other places where the parties involved in processing are located. Where required by applicable law, international transfers are subject to appropriate safeguards including:

• The European Commission's Standard Contractual Clauses (SCCs)
• The UK International Data Transfer Agreement (IDTA) or UK Addendum to the SCCs
• Supplementary measures such as encryption, access controls and data minimisation

Delete Your Personal Data

You have the right to request deletion of the Personal Data we hold about you. You can manage your information through your Account settings or by contacting us directly. Please note we may need to retain certain information where we have a legal obligation to do so.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your data becomes subject to a different Privacy Policy.

Law Enforcement

Under certain circumstances, we may be required to disclose your Personal Data if required by law or in response to valid requests by public authorities.

Other Legal Requirements

• Comply with a legal obligation
• Protect and defend the rights or property of the Company
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of users or the public
• Protect against legal liability

Security of Your Personal Data

Payments

We use third-party services for payment processing and do not store or collect your payment card details. Our payment processors adhere to PCI-DSS standards.

Stripe — Privacy Policy: stripe.com/us/privacy

GDPR Privacy

Legal Basis for Processing

• Consent — You have given consent for one or more specific purposes
• Performance of a contract — Processing is necessary for an agreement with you
• Legal obligations — Processing is necessary for compliance with a legal obligation
• Vital interests — Processing is necessary to protect vital interests
• Public interests — Processing relates to a task carried out in the public interest
• Legitimate interests — Processing is necessary for the legitimate interests of the Company

Your Rights under GDPR

• Access — Request access to, update or delete information we hold about you
• Restriction — Ask us to restrict processing in certain circumstances
• Correction — Have incomplete or inaccurate information corrected
• Object — Object to processing based on legitimate interests or for direct marketing
• Erasure — Request deletion where there is no good reason to continue processing
• Data portability — Receive your data in a structured, machine-readable format
• Withdraw consent — Withdraw consent at any time

To exercise your rights, please contact us. We will respond within one month. You also have the right to complain to a Data Protection Authority.

Children's Privacy

Our Service does not address anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under 16. If you believe your child has provided us with Personal Data, please contact us and we will take steps to remove that information.

Links to Other Websites

Our Service may contain links to third-party websites not operated by us. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for third-party sites or services.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time and will notify you by posting the updated Policy on this page and updating the "Last updated" date. Where appropriate, we will notify you by email or a prominent notice on our Service prior to changes becoming effective.