²ÝÁñÉçÇø

Privacy Notice

This version date: 3 MARCH 2025

1. Introduction

The ²ÝÁñÉçÇø (referred to as ‘Foundation‘, ‘we‘ or ‘us‘) is a grant-giving foundation supporting education, the arts, and science.

The Foundation is a company registered in England & Wales (Number 6451283) with its registered office at Withers LLP, Third Floor, 20 Old Bailey, London EC4M 7AN.  We are also registered as a charity with the Charity Commission of England and Wales (number 1133206)

We are registered as a data protection fee payer (number ZA806388) with the UK Information Commissioner’s Office (‘ICO‘) (see – ).

2. Purpose of this privacy notice

During the course of our relationship, we will collect and process information relating to you and other identifiable living individuals (‘personal data‘).

We are committed to protecting the personal data we process in a fair, lawful and transparent manner so this privacy notice tells you about the types of personal data we collect and other information including:

  • how we use such personal data;
  • who we may share such personal data with;
  • the purposes for which such personal data may be used; and
  • certain legal rights you have in respect of our processing of your personal data.

Where we process personal data as described in this privacy notice, we do so as a ‘controller’ under the UK General Data Protection Regulation (‘GDPR‘), Data Protection Act 2018, Privacy and Electronic Communications Regulations 2003 (as amended) and other applicable laws that regulate the privacy of your personal data, as amended from time to time (‘data protection law‘).

Please read this privacy notice together with any other fair processing notices we may provide on specific occasions when we are collecting personal data from you. This privacy notice supplements such other privacy notices and policies you may receive from us.

3. How to contact us

If you have any questions about this privacy notice or would like more information about our privacy practices, please contact our privacy lead, Rebecca Stewart (email: rebecca@facultyroad.com).

4. Changes to this privacy notice

We will keep this privacy notice under regular review, and it may be updated from time to time, so please make sure that you have seen the latest version.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal details or other information we hold about you changes during your relationship with us.

5. What we use your personal data for

We collect personal data about you throughout the period of your relationship with the Foundation, including when you contact us regarding an application for grant funding or when we liaise with you afterwards.

We may use your personal data for the following purposes:

  • to assess funding application submitted to us;
  • to administer the funding provided by the Foundation;
  • to contact you regarding an application or the administration of a funding programme;
  • to administer and manage our affairs and maintain records of our activities;
  • to deal with any queries or feedback you provide to us from time to time;
  • to enforce and/or defend any of our legal claims or rights; and/or
  • for any other purpose required by applicable law, regulation, the order of any court or regulatory authority.

6. The types of personal data that we collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes your name, title, date of birth and gender.
  • Contact Data includes your email address, postal address and telephone numbers.
  • Profile Data includes data in relation to your chosen field of activity and particular interests you may have told us about. 
  • Marketing and Communications Data includes your preferences in receiving further information about the Foundation from us (including networking events) and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from personal data but is not legally considered personal data as this data will not directly or indirectly reveal your identity. However, if we combine Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data in accordance with this privacy notice.

We do not normally collect any Special Categories of Personal Data (such as health information, race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). We do not collect any information about criminal convictions and offences.

Please note that where we need to collect personal data (either as required by law or to enable us to provide a service to you) and you fail to provide such data when requested, we may not be able to provide services to you, but we will always seek to notify you first.

7. The lawful basis on which we collect and process your personal data

We will only use your personal data when the applicable data protection law allows us to. We will use personal data relying on one or more of the following lawful bases under the GDPR:

  • where we need to use data to take steps to enter into a grant funding agreement with you or perform such an agreement.
  • where it is necessary in connection with our legitimate interests (or those of a third party) such as managing our operations or ensuring that grant funding is used properly and those interests do not unjustifiably override your fundamental rights or freedoms.
  • where you have given your consent for us to use your personal data for a particular purpose (such as providing you with information about the Foundation and its activities).
  • where we need to comply with a legal or regulatory obligation.
  • where we need to share data with other parties in connection with a legal claim (including a prospective claim) or in order to establish, exercise or defend our legal rights.

8. Opting out of further marketing communications

You can ask us to stop using your Marketing and Communications Data to send you messages at any time by contacting us using the details in section 3 above.

9. Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

10. Disclosures of your personal data

Other than as expressly set out in this privacy notice or as otherwise permitted under applicable data protection law, we will not share or externally disclose the personal data you provide to us without your knowledge and consent.

We may share your personal data with third parties under this privacy notice, for the purposes set out above, in the following circumstances:

  • to our service providers, who handle that data on our behalf and in accordance with our instructions under contract (called ‘data processors’). These include IT suppliers, entities hosting our customer relationship management (CRM) system and other data hosting providers as well as external agencies we may use to help us conduct fraud and due diligence checks. Please note our current data processors include the following entities:
    • Optimy, who records and tracks grants (see – )
    • Flexigrant, who processes research grant data (see – )
    • Kinsta, which hosts the Foundation website (see – )
  • we do not allow our third-party data processors to use your personal data for their own purposes and we otherwise only permit them to process your personal data for specified purposes, maintaining adequate security and in accordance with our instructions;
  • to certain organisations, institutions or individuals who you have indicated are willing to act as a referee or may be asked to assist with any peer review in respect of your research and/or to certain parties involved in grant approval and funding, as you may be informed about from time to time.  Some of these parties with whom we share your personal data may be located outside the UK – for more information regarding international transfers of personal data, please see section 12 below (International Data Transfers);
  • to the third-party providers of IT services to Foundation trustees and/or board members in a personal or professional capacity;
  • where you ask us to contact or liaise with a particular third party on your behalf; or
  • where disclosure is necessary to enable us to establish, defend or enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be required by law.

Where you provide us with details of other individuals with whom you are collaborating or who you would like us to contact in respect of your application or research (for example, to act as a referee or peer reviewer) you should let them know and, if necessary, seek their permission before sharing their details with us.

We or the third parties mentioned above occasionally also share personal data with:

  • external auditors, e.g. in relation to the audit of accounts or professional advisors (such as insurers and lawyers), who will be bound by confidentiality obligations; and
  • law enforcement agencies, police, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations that we may be subject to.

11. Cookies

This Foundation website uses cookies.  A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer or device you use to access this website.  Cookies contain information that is transferred to your computer or the device you use to access this website. These cookies do not store any personal details about you.

To find out more about cookies, including how to see what cookies have been set, you can visit .

We may use the following cookies:

  • Strictly necessary cookies.  These are required for the operation of our website.  These essential cookies are always enabled because our website won’t work properly without them.  They include, for example, cookies that enable you to log into secure areas of our website.  You can switch off these cookies in your browser settings, but you may then not be able to access all of our website.
  • Analytical or performance cookies.  These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it.  This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies.  These are used to recognise you when you return to our website.  This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies.  These cookies record your visit to our website, the pages you have visited and the links you have followed.  We will use this information to make our website and the advertising displayed on it more relevant to your interests.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Cookie NamePurposeExpiry Period
Google (Marketing)_gaType : HTTP Cookie
This cookie enables us to:
Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.		2 years
Google (Marketing) _ga_#Type : HTTP Cookie
This cookie enables us to:
Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.		2 years

To opt out of being tracked by Google Analytics across all websites, visit .

You can also choose which non-essential analytical, functionality and targeting cookies we can set by clicking on the cookie icon on this website to set your preferences or by adjusting your browser settings. Please note that if you adjust your settings to block all cookies (including essential cookies) you may not be able to access all or certain parts of our website.

If you have any questions or concerns about our use of cookies, please contact us using the details in section 3 above.

12. International data transfers

We may transfer your personal data to certain parties who are located overseas. This may involve transferring your personal data outside the UK to certain countries whose laws are not regarded under the GDPR as providing the same level of protection for your personal data as you enjoy in the UK. These transfers are often referred to ‘restricted transfers’.

Whenever we undertake such a restricted transfer of your personal data, we will do so in a manner that complies with applicable data protection law.  

For occasional restricted transfers we may rely on an exemption under applicable data protection law that permits such a transfer to take place subject to certain conditions, based on one or more of the following:

  • the transfer of your personal data is necessary for the establishment, exercise or defence of legal claims;
  • we have explicit consent from you to make the restricted transfer;
  • the restricted transfer is necessary for the conclusion or performance of a contract entered into in your interests that the Foundation is a party to; or
  • the transfer is necessary in order to perform a contract between you and the Foundation, or to take certain pre-contractual measures at your request.

Alternatively, where we are transferring personal data on a regular basis, we may use specific standard contractual terms and/or other measures approved for use by the ICO which are deemed to give the transferred personal data the same legal protection it has under data protection law in the UK.

If you require further information regarding the measures that we use when making a restricted transfer of your personal data, please contact us using the details in section 3 above.

13. Data security

We employ appropriate technological and operational security measures to protect personal data we hold against any unauthorised access, any unlawful processing or loss. We have procedures in place to deal with any suspected personal data breach and we will notify you and the ICO or other regular of a personal data breach where we are required to do so under applicable data protection laws.

However, data transmission over the internet is not 100% secure and we cannot guarantee the security of any data you send to us over the internet or when using public Wi-Fi or other public communications services. We therefore strongly recommend that you take appropriate precautions, such as using a secure virtual private network, where you wish to send any personal data to us that you consider to be particularly sensitive.

14. Data retention

We will only retain your personal data for as long as is reasonably necessary to fulfil the purposes we collected it for. This includes for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements or where we need to retain information regarding grants or agreements entered into with you in order to deal with possible future legal claims in line with legal limitation periods.

The criteria that we use for retaining your personal data will generally be determined by reference to applicable data protection law and relevant guidance issued by the ICO from time to time.

Personal data that we no longer need to hold is securely disposed of and/or anonymised, so you can no longer be identified from it.

15. Your legal rights

Under certain circumstances, you have rights under applicable data protection law in relation to your personal data. If you wish to exercise any of these rights, which are summarised below, please contact us using the details in section 3 above.

You will not normally have to pay a fee to access your personal data or to exercise any of these rights. However, we may charge a reasonable fee (or refuse to comply with your request) if your request is clearly unfounded, vexatious or excessive.

We may sometimes need to request specific information from you to help us confirm your identity before we can respond. We may also contact you to ask you for further information clarifying your request to help us respond more efficiently or effectively. The period for responding to your request may be suspended while we await this information.

Subject to the above, applicable data protection law requires us to respond to all legitimate requests within one month. If, however, your request is particularly complex this period may be extended by an additional two months, although we will let you know if this is the case.

Your rights are as follows:

Request access to your personal data (commonly known as a data subject access request). This enables you to receive a copy of the personal data we hold about you and certain other information about how we process it in accordance with data protection law.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and you feel it impacts on your fundamental rights and freedoms. You also have the right to object to further processing your personal data. In some cases, we may have compelling legitimate grounds to process your information which overrides this right.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data if: (i) you want us to establish the accuracy of personal data; (ii) where our use of your personal data is unlawful but you do not want us to erase it; (iii) where you need us to hold the personal data even if we no longer require it, as you need it to establish, exercise or defend legal claims; or (iv) you have objected to our use of your personal data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to process your personal data – e,g. to send you marketing material.  However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain further services to you although we will aim to advise you of this at the time.

Your right to complain If you are concerned that we have not complied with data protection law or responded appropriately to you when exercising your rights, you have the right to make a complaint at any time to the ICO (see https://ico.org.uk/make-a-complaint/). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.