Skip to Content

Privacy and GDPR Compliance Policy


Last Updated: 27.02.25


1. Introduction

Welcome to CoMotion ("we," "our," "us"). Your privacy is important to us. This Privacy and GDPR Compliance Policy explains how we collect, use, and protect your information when you visit our website (www.comotion.community), and how we comply with the General Data Protection Regulation (GDPR).

We are the Data Controller of the personal information we collect, hold and use about you as outlined in this notice.

2. Information We Collect

We may collect the following types of information:

  • Personal Information: Name and other details you may provide when contacting us or signing up for our services.
  • Contact information: Such as email address or phone number.
  • Payment Information: Relating to any banking or debit/credit card transactions between us (including dates and amounts).
  • Usage Data: Information about your interaction with our website, such as IP address, browser type, and pages visited.
  • Cookies and Tracking Technologies: We use cookies to enhance user experience and analyse website traffic. You can control cookie settings in your browser.
  • Survey/Feedback Information: That we may specifically ask you for during or after working with us.
  • Marketing Information: This includes your preferences to be contacted for marketing reasons.

We will not collect or hold any special category information about you.

3. Legal Basis for Processing Data

We process personal data based on one or more of the following legal grounds:

  • Consent: When you provide explicit consent for data collection and processing.
  • Contractual Necessity: To fulfil a contract or provide requested services.
  • Legitimate Interest: When processing is necessary for our (or a third party's) legitimate business operations.
  • Legal Compliance: To comply with legal obligations.

4. How We Use Your Information

We use the collected data to:

  • Provide and improve our services.
  • Respond to inquiries and communicate with you.
  • Analyse website performance and user behaviour.
  • Comply with legal obligations.

Sometimes we may anonymise personal information so that you can no longer be identified from it and use this for our own purposes. In addition, sometimes we may group some anonymised information together to give us statistical information for our own purposes.

We will only collect the minimal data required to provide our goods, services or digital content and as detailed in this policy to ensure minimalisation principles are met.

5. How We Collect Your Information

We usually collect information listed above directly from you when you fill out a form, survey or questionnaire, purchase goods, services or digital content from us, contact us by email, telephone, in writing or otherwise. This includes the personal information that you provide to us when you subscribe to our mailing list or enter a competition or survey.

We may also receive some information from third parties, such as payment information provided to our third party payment provider or information you use to sign up to our online community hosted by a third party provider (see below).  Technical data may be shared with us by analytics providers such as Google or Meta for example.

6. Online Community and Third-Party Platforms

For the online community element of our services, we use a third-party SaaS platform, Mighty Networks. Your data may be processed and stored by Mighty Networks in accordance with their own privacy policies. We encourage you to review their privacy policies:

7. Data Subject Rights

Under GDPR, you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure (Right to Be Forgotten): Request deletion of your personal data under certain conditions.
  • Restriction: Request limitation of data processing under certain conditions.
  • Data Portability: Receive your data in a structured format for transfer to another service.
  • Objection: Object to data processing based on legitimate interest or direct marketing.
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, contact us faye@comotion.community.  We may request additional information in order to identify you and we may refuse your request if it is unfounded or excessive.  We will never charge you for your request.  We Aim to respond to your first request within 14 days.

8. Data Sharing and Third Parties

We do not sell or trade any of the information you share with us.

We may need to share your personal information with some third parties:

  • When required by law.
  • To undertake business processes with banks, lawyers, accountants, auditors or insurance companies.
  • With service providers who help us operate our website and services, under strict confidentiality agreements.
  • When necessary for website analytics, marketing, or functionality through third-party tools.

9. Data Retention

We retain personal data only as long as necessary for legal, contractual, or business purposes. When data is no longer needed, it is securely deleted.

  • Account and Profile Data: Retained for as long as you maintain an active account with us. If you delete your account, we will erase your data within 30 days unless required for legal or contractual obligations.
  • Communication Data: Emails and customer service enquiries are retained for up to 2 years after the last interaction.
  • Transaction and Payment Data: Retained for at least 7 years for accounting and tax purposes.
  • Website Usage Data: Retained for up to 5 years for analytics and performance improvement purposes but this would usually be anonymised at this point.
  • Marketing Data: Retained until you unsubscribe or request deletion, after which it will be removed within 30 days.

When data is no longer needed, it is securely deleted or anonymised.

10. International Data Transfers

If any transfer of personal information by us will mean that your personal information is transferred outside of the UK or the EEA, then we will ensure that safeguards are in place to ensure that a similar degree of protection is given to your personal information as is given to it within the EEA and that the transfer is made in compliance with data protection laws.

Please note that data shared for our community platform is stored in the USA as per the Mighty Networks Policies detailed in section 6.

11. Data Security

We implement appropriate security measures to protect your data. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices, so we encourage you to review their policies.

13. Cookies and Tracking Technologies

Cookies are small text files stored on your device when you visit a website. They help improve user experience and site functionality.

  • Essential Cookies: Required for website functionality.
  • Analytical Cookies: Help us understand website usage and improve performance.
  • Functional Cookies: Enhance user experience by remembering preferences.
  • Marketing Cookies: Used to personalize advertising and track engagement.

You can control and disable cookies through your browser settings. Note that disabling certain cookies may impact website functionality.

Some cookies are set by third-party services such as analytics or advertising providers. We recommend reviewing their privacy policies for more information.

Please see our Cookie Policy here.

14. Data Protection Officer (DPO)

We do not have a DPO, however, if you have any questions regarding this matter, please contact faye@comotion.community.

15. Data Breach

In the unlikely event of a suspected data breach, we will immediately inform those involved, consult with a DPO and inform the Information Commissioner's Office (ICO) as necessary.

16. Complaints

If you are unhappy about the way that we have handled or used your personal information, you have the right to complain to the UK supervisory authority for data protection, which is the Information Commissioner’s Office (ICO) at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

 Please do contact us in the first instance if you wish to raise any queries or make a complaint in respect of our handling or use of your personal information, so that we have the opportunity to discuss this with you and to take steps to resolve the position. You can contact us at faye@comotion.community or using the contact us form.

17. Updates to This Policy

We may update this Privacy and GDPR Compliance Policy from time to time so we recommend that you review it regularly. Any changes will be posted on this page with an updated date.

18. Contact Us

If you have any questions about this Privacy and GDPR Compliance Policy, please contact us at faye@comotion.community or using the form on our contact us page.​