Privacy Policy


Thank you for visiting Painshill’s website. Ensuring the privacy and security of your personal information is very important to us. We will never share, sell or rent your personal information to anyone in a way different from what is disclosed in this document, or unless ordered by a court of law. We maintain a variety of physical, electronic and procedural safeguards to protect your personal information. We will always refer this page when we ask you for your consent and we’ll keep this page updated.

Painshill Park Trust Ltd. is the trading name of Painshill of Portsmouth Road, Cobham, Surrey KT11 1JE, a registered charity (284944) and a limited company registered in England (1587910). Painshill is the ‘data controller’ of your personal information and is subject to the Data Protection Act 1998 (“DPA”) (and, when it takes effect on 25th May 2018, the General Data Protection Regulation (the “GDPR”)).

Restrictions on use

This site is owned and operated by Painshill Park Trust Ltd. The information on this site is provided to assist you in planning your visit to Painshill, and it is for this purpose only that the site may be used. While we encourage you to print information which will help plan your visit, no photographs, images or other materials from our site may be copied, downloaded, transmitted, distributed or used in any other way, including for any commercial use. Also, you may not alter or attempt to alter any materials or information on the site, or the site itself.

How we collect your information

We may collect your personal information in a few limited ways, namely:

  1. Directly from you, when you fill in an application for membership, when you make enquiries on our website, or when you interact with us during your time as a member in various other ways (for example, where you attend events organised by us);
  2. From someone else who has bought a membership on your behalf (for example where they have bought Painshill membership for you as a gift and provided us with your contact details for that purpose);
  3. On rare occasions, where we receive information about you from another member of Painshill (for example, where a Painshill member passes on your details to us in connection with a complaint or query you have raised when visiting Painshill).

Your privacy

Painshill Park Trust is committed to maintaining the privacy of our visitors, members and those who visit our websites. Painshill is the sole owner of the information collected on site & on the website or telephone. This information will not be sold or rented to others in ways different from what is disclosed in this statement. Painshill collects information from site visitors at several different points on the website. This notice applies to all information collected by or submitted to our websites or at the Visitor Centre. You can opt-in to receive email communications, register for events, or send communications to your colleagues. We may collect the following type of personal data about you (and your family members, where relevant):

  1. Contact and communications information, including your contact details (including email addres(es), telephone numbers and postal address(es) and records of communications and interactions we have had with you.
  2. Financial information, including Direct Debit details (but not your payment card details, which we never collect or store ourselves since we always use a third party ‘payment gateway’ to process card payments).
  3. Certain other information which you volunteer when making use of your membership benefits (for example, when attending events or expressing your views on issues which we are discussing and/or lobbying Government about). We may collect limited data concerning your health or medical conditions, where you have volunteered this, for example, so that we can cater for you when you attend a Painshill event.

How we use your information

If you do submit personal information to us, we may use that information for the following purposes:

  1. Telling you about special offers especially for our supporters from partners that support our cause.
  2. If you join our email list, we will have a record of your email address and all other information you choose to provide. We may send you email from time to time about our activities and events, as well as any specific issues or publications you have subscribed to. You will have the opportunity to unsubscribe from our mailing list.
  3. If you buy or renew a Painshill membership, your information will be used to fulfil the financial transaction you have initiated and your information will be added to our membership database for maintenance and communications to you regarding your membership.
  4. If you buy a gift membership, the email address(es) you provide along with the members’ email address will be added to our organisational lists or receive any further communications from us.

where this is necessary for the performance of a contract (including the terms of Membership) with you.

  1. Research and statistical analysis;
  2. Communication about our work, membership, and other activities that we think may be of interest to you;
  3. Administration of donations and legacies;

where this is necessary for our legitimate interests (meaning our interests in growing the work of Painshill and supporting all our members, including by representing their interests before Government).

  1. Tailoring our messages to our potential and existing supporters to ensure all marketing communications you receive from us are relevant;

Where this is necessary for our legitimate interests, anywhere we send marketing communications by electronic means, where we have your consent.

We may use for which it was submitted and also for any one or more of the following reasons. If for any reason you would like to be removed from this partnership list, please email or write to us at the address below and we will take your name off of the list immediately.


Scannable cards & bookings

We use barcodes on our membership cards and email booking confirmations to collect information on your visits. This data includes the date that you have visited, your contact information and your membership number. We use this information to understand our members’ visiting trends. We also use this information to make our communications to you more relevant.


We use cookies on our website to distinguish you from other visitors. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy. This Privacy Policy applies solely to the personal data collected by Painshill Park Trust Ltd. and does not apply to third-party websites and services that are not under our control. We cannot be held responsible for the privacy policies of third party websites and we advise users to read the privacy policies of other websites before registering any personal data.

Securing your personal data

We recognise that many people have concerns about providing personal information online and we work hard to ensure that your data is kept safely and securely at all times. These are the measures that we take to secure your information whilst using our web-based services. We use encryption both when your information is moving to or from our web services and also whilst your information is held by us.

Our web pages use only a secure, encrypted https format (identifiable by the padlock in the address bar of your browser). This provides you with confidence that your communications are safe and carried out directly with an authentic Painshill web server. Our web servers use encryption and only store information for a temporary period. Once you have fully submitted your information, any temporary information is purged from our systems.

Financial transactions

In order to process a new membership, renewal or gift membership, it is necessary for Painshill to gather the member’s and/or payor’s name, mailing address, phone, and credit card information. This data is used to verify identity and execute the financial transaction. If you choose to renew or purchase a membership online, you will have to provide your credit card billing information. As this information is collected and transferred over the Internet to our secure server, it is encrypted using Secure Socket Layer (SSL) technology, the industry standard security technology that is designed to protect sensitive information. The credit card information that you provide at the time of renewal or purchase is used only to process your renewal or purchase and will not be stored in any way or used for any other purposes.

Your marketing preferences

Painshill will always act upon your wishes in respect of what type of communications you want to receive and how you want to receive them. There are some communications, however, that we need to send you regardless of your marketing preferences (for example, information with your membership card). These are what we would describe as essential communications to fulfil our contractual obligations to you as a member of Painshill. More examples of this type of communication would be:

  1. Transaction notification, such a payment receipts or Direct Debit confirmations;
  2. Membership related mailings such as your renewal reminder.

You are always in control of how we communicate with you. You can update your choices and/or your contact details by contacting us at:

Telephone: +44 (0) 1932 868 113
Post: Data Protection Officer, Painshill Park Trust Ltd., Portsmouth Road, Cobham, Surrey KT11 1JE

How long your information is kept

We hold your information only as long as necessary for each purpose we use it. For most membership data, this means we retain it for so long as you have a valid Painshill membership and for a period of six years after your last interaction with us (for accounting, tax reporting and record – keeping purposes).

Your rights

You have the right to ask us, in writing, for a copy of all the personal data held about you (this is known as a ‘subject access request’). A copy will be sent to you as soon as possible and this will be no later than one month after your request. If you would like to access your personal data held by us, please apply in writing to our Data Protection team:

Painshill Park Trust Ltd., Portsmouth Road, Cobham, Surrey KT11 1JE

Under the DPA, you also have the following rights:

  1. To require us not to send you marketing communications;
  2. To require that we cease processing your personal data if the processing is causing you damage or distress.

Once the GDPR takes effect on 25 May 2018, you will also have the following additional rights:

  1. To require us to correct the personal data we hold about you if it is inaccurate;
  2. To request that we erase your personal data;
  3. To request that we restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);
  4. To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller; and
  5. To object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights.

Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply: for example if we can show our processing is necessary for a lawful purpose set out in this Privacy Policy.

Updating and amending your personal information

We will always try to keep your data as up-to-date as possible. If at any time, you want to update or amend your personal data or marketing preferences then you can do so by contacting our team on:

Telephone: +44 (0) 1932 868 113
Post: Data Protection Officer, Painshill Park Trust Ltd., Portsmouth Road, Cobham, Surrey KT11 1JE

Contact and complaints

If you have any queries about this Privacy Policy or how we process your personal information or wish to exercise any of your rights under applicable law, you may contact the Data Protection Officer by:

Telephone: +44 (0) 1932 868 113
Post: Painshill Park Trust Ltd., Portsmouth Road, Cobham, Surrey KT11 1JE

If you are not satisfied with how we are processing your personal information, you can make a complaint to the Information Commissioner. You can find out more about your rights under applicable data protection legislation from the Information Commissioner’s Office website available at

Changes to our privacy policy

We will update this privacy policy from time-to-time to make sure that it stays up-to-date with how we use your personal data and to meet any new legal requirements. The current version will be posted on this page of our website.


Please contact:
Data Protection Officer
Post: Painshill Park Trust Ltd., Portsmouth Road, Cobham, Surrey KT11 1JE