Privacy Policy


The Gallery Partnership Ltd (TGPL) are committed to protecting and respecting your privacy and personal data. We ask your consent to store it (and you can withdraw this consent at any time). We store it securely. We process it fairly and lawfully. We never share it with anyone. We will delete it if you ask us to. We won’t contact you if you ask us not to.  

This Privacy Policy sets out how TGPL collect, use and process your personal data both when you use this website and elsewhere. This policy is compliant with the General Data Protection Regulation (GDPR) and is effective as of 16th February 2018.

TGPL may update this Privacy Policy from time to time by amending this web page. Please check this page regularly for changes to this Privacy Policy. If we make any material changes to this Privacy Policy we will notify you before they take effect.  Any such material changes will only apply to personal data collected after the revised Privacy Policy took effect. 

If you have any queries regarding this policy and / or your data privacy, please contact us using any of the following:


Phone: 020 7096 2800

Address: The Gallery Partnership Ltd, 4th Floor, 150 Borough High Street, London, SE1 1LB


  • Who we are?
  • What is ‘personal data’?
  • How do we collect personal data?
  • What type of personal data is collected and processed?
  • What are our lawful bases for processing personal data?
  • How do we use personal data?
  • How long do we keep personal data?
  • What will we not do with personal data
  • How secure is personal data that we process?
  • What are your rights in relation to your personal data?
  • How we use cookies
  • EU Cookies law
  • Links to other websites

Who are we?

TGPL provides trusted IT services to charities, not-for-profit organisations and businesses, and has done so for 20 years. TGPL is a limited partnership registered in England and Wales under registration no. 3276127, VAT no. 677213228 and is registered at Unit 3 Cedar Court, 1 Royal Oak Yard, London SE1 3GA. 

What is ‘personal data’?

The GDPR applies to ‘personal data’, meaning any information relating to an identifiable person who can be directly or indirectly identified from that information.

How do we collect personal data?

We collect personal data about you if you use our website, if you contact us about products and services, at events, if you’re a customer or supplier, or if you register to receive our newsletter.

What type of personal data is collected and processed?

We collect and process the following personal data:

  • Name and job title 
  • Contact information including email address 
  • Other information relevant to our products and services.

What are our lawful bases for processing personal data?

The GDPR demands that we have a valid lawful basis to process personal data. There are six available legal bases for processing. We rely on at least one of the following legal bases when we collect personal data in the ways described above:

  • Your consent, which is explicitly given and can be easily withdrawn
  • A legitimate interest, ours and / or yours. If you ask us for information, it is in your legitimate interest that we process your personal data. If we have a contractual relationship with you, it is in both our legitimate interests that we process your personal data.   

How do we use personal data?

TGPL use personal data for the following reasons: 

  • To respond to explicit requests about our products and services
  • To improve our products and services
  • To manage our employees, suppliers, clients, contractors, prospects and contacts
  • To maintain our own accounts and records
  • To inform you of IT-related and TGPL news, events, activities and services.

How long do we keep personal data?

We keep personal data so long as we have consent to keep it or a legitimate interest in keeping it. 

What will we not do with personal data?

  • We will not share your personal data with others unless they have a legitimate interest in it or we are required by law to share it.
  • We will not transfer your personal date outside the European Economic Area or to any international organisation without prior written content.

How secure is the personal data we process?

TGPL is committed to ensuring that personal data is secure. Personal data is treated as strictly confidential.

To prevent unauthorised access or disclosure, we have put in place suitable physical, technical and managerial procedures to safeguard and secure personal data.

What are your rights in relation to your personal data?

The GDPR gives individuals the following rights in relation to their personal data:

  • The right to be informed about the collector, collection, and processing of your personal data (which is what we are doing in this Privacy Policy)
  • The right to access their personal data, i.e. you can ask us for a copy of your personal data. We must respond to such requests within one month
  • The right to rectification, i.e. you can ask us to amend your personal data if it is inaccurate or out of date. We must respond to such requests within one month
  • The right to request that your personal data is erased where there is no compelling reason for its continued processing
  • The right to request that we restrict processing of your personal data if you contest its accuracy or the legitimacy of its processing
  • The right to data portability, i.e. the right to request that we provide you with your personal data in a structured, commonly used and machine-readable format
  • The right to object to the processing of personal data for legitimate interests, the performance of a task in the public interest / exercise of official authority, direct marketing, and / or scientific or historical research and statistics
  • The right to escalate any data privacy complaints to the Information Commissioners' Office.

How we use cookies

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Our website CMS, Drupal, uses standard PHP session cookies as part of its core functionality, which typically expire in two weeks.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

EU Cookie Law

As part of our compliance with the EU Cookie Law we provide a popup message informing user of our use of cookies. The popup states that by continuing to use the site the user has accepted our use of cookies. The popup displays on every page until the user clicks that they wish to hide it.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

New Content

Keep up to date

Join our Mailing List

We will use your email address only to send you our newsletters. Please click here to see our data privacy policy in full.

Charity ShareCentre

Cloud Services

We are big fans of Microsoft’s Office 365.
Click to find out more about our Charity ShareCentre