Data Protection Policy

General Data Protection Regulation (GDPR) Compliance
 The EU General Data Protection Regulation (GDPR) effective from May 2018 gives all EU citizens more rights and protections for their personal data, to minimise the possibility of theft and fraud. 
These regulations include provisions for the following areas:
    •    T
he right to be informed: Companies must publish a privacy notice, in addition to explaining transparently how they use this  personal data.
The right of access: Individuals will have the right to demand details of any of their data that a company may hold. This information must be provided within one month of request at no charge to the individual.
 The right to rectification: If a person’s data is incorrect or incomplete, he or she has the right to have it corrected. If the company that holds the information has passed any of that information to third parties.  The company must inform the third party of the correction and inform the person which third parties have their personal data.
 The right to be forgotten: A person may request the removal of his or her personal data in specific circumstances.
The right to restrict processing: Under certain circumstances, an individual can block the processing of his or her personal data.
 The right to data portability: A person can access their data for their own use anywhere they prefer.
The right to object: A person can object to the use of their personal data for most purposes.

                                                      Frack Free Isle of Wight's General Data Protection Policy

1.0 Our core principles regarding user privacy and data protection

  • User privacy and data protection are inviolable human rights

  • We have a duty of care to people contained within our data

  • Data is a liability: it should only be collected and processed when absolutely necessary

  • We despise spam in all its forms

  • We will never sell, rent or otherwise distribute or make public any personal information


​2.0 Our third party data processors
We use two third parties to process personal data on our behalf. The third parties we use are PayPal and Wix.
Wix provides the Customer Engagement platform we use to manage and fulfil our information functions.


  • Wix employ full-time security consultants, dedicated to the security of our subscriber information.  

  • Wix is Payment Card Industry Data Security Standards (PCI DSS) compliant and is accredited as a level 1 service provider and merchant. 

  • Wix's signup and login services are completed through a secure server (HTTPS/SSL). Wix uses cryptography hash functions to protect your information. 

  • Wix is certified under the EU-US Privacy Shield Framework and the Swiss-US privacy Shield Framework as set forth by the U.S. Department of Commerce, regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, and therefore adheres to the Privacy Shield Principles.

PayPal provides our donations platform and monitors every transaction, 24/7 to prevent fraud, email phishing and identity theft. Every transaction is heavily guarded behind PayPal's advanced encryption.  PayPal and Wix will never ask for any sensitive information. No personal financial information is ever taken or stored in this system; donations are transferred out to PayPal or direct bank transfer so that neither us nor Wix has access to your financial information. 

2.1 Data held by Frack Free Isle of Wight
Your subscription and payment data as mentioned below is encrypted before transmission to prevent misuse of the transmitted data by third parties. SSL (Secure Socket Layer) is a security technology which guarantees that your personal data, including credit card information, login data and payment method, are securely transferred via the Internet. The data is encrypted so that is only readable by the PayPal payment system. 


  • Your encrypted data held from subscription online is as follows: 

        personal data (name, email address, location,  all methods of payment selected)

Postcode and location are not mandatory for GDPR. However this helps us to monitor coverage across the island to target specific information to areas where impacts of possible drill sites are greatest.

Any other data voluntarily given to us in writing for support purposes ( phone numbers, membership and support or expertise offered) is stored offline in a secure database by our membership and subscription team. 


By subscribing your consent is given, automatically, to receive emails containing newsletters and occasional relevant updated reports from Frack Free Isle of Wight.  You will be sent a welcome email with details of how to unsubscribe.

  • All data is secured and will not be used in any other way than for effective communication between you and Frack Free Isle of Wight.
  • You will be offered the opportunity to unsubscribe at any time.