Privacy Policy

Last updated: 18/03/2026

This privacy policy explains how Fergus Ewing collects, uses and protects personal data through this website and in connection with Fergus Ewing’s election campaign.

We are committed to handling personal data lawfully, fairly and transparently in line with the UK General Data Protection Regulation, the Data Protection Act 2018, and where applicable the Privacy and Electronic Communications Regulations (PECR).

1. Who we are

For the purposes of data protection law, the data controller is:

Danielle
on behalf of Fergus Ewing’s election campaign
Address: Office 155, 8 Church Street, Inverness, IV1 1EA
Email: campaign@voteewing.com

If you have any questions about this privacy policy or how your personal data is used, please contact us using the details above.

2. The information we collect

We may collect and process the following personal data:

Information you provide directly, such as:

  • your name

  • email address

  • telephone number

  • postal address

  • postcode

  • any message or enquiry you send to us

  • volunteer sign up information

  • donation related information

  • event registration details

  • survey responses or campaign feedback

  • any preferences you give us about how you would like to hear from us

Information collected automatically through the website, such as:

  • IP address

  • browser type

  • device information

  • pages visited

  • date and time of access

  • cookie and analytics data, where used

The ICO requires privacy notices to explain the categories of data collected, the purposes, lawful basis, retention, and rights.

3. How we use your personal data

We may use your personal data to:

  • respond to enquiries and messages

  • provide information about the campaign

  • manage volunteer recruitment and coordination

  • organise campaign events and activities

  • process and record donations or fundraising related enquiries

  • understand levels of campaign support and engagement

  • send campaign updates where we are entitled to do so

  • maintain website security and functionality

  • improve the website and measure usage

  • comply with legal and regulatory obligations

4. Our lawful bases for using your data

Under UK GDPR, we must have a lawful basis for processing your personal data. Depending on the context, we may rely on one or more of the following:

Consent

We may rely on your consent where you choose to sign up for email updates, agree to receive electronic campaign communications, or accept non essential cookies. Where consent is used, you can withdraw it at any time, and it must be as easy to withdraw as to give.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests in running and promoting the campaign, managing volunteers, responding to supporters, and maintaining the website, provided those interests are not overridden by your rights and freedoms. The ICO describes legitimate interests as a three part test involving purpose, necessity, and balancing.

Legal obligation

We may process personal data where necessary to comply with legal obligations, including electoral law, financial reporting, anti fraud requirements, and other applicable legal duties. Electoral law may require certain reporting and record keeping in relation to campaign activities and donations.

5. Political communications and campaigning

We may use personal data to communicate with supporters and potential supporters about Fergus Ewing’s campaign, local issues, events, volunteering opportunities, and other campaign related matters.

Where we send electronic direct marketing, such as emails or text messages, we will do so only where permitted by PECR and data protection law. The ICO makes clear that electronic marketing and cookies must comply with PECR as well as UK GDPR, and where PECR requires consent, consent should also be the lawful basis under UK GDPR.

You can opt out of campaign communications at any time by:

  • clicking the unsubscribe link in emails, where available

  • replying STOP to text messages, where applicable

  • contacting us using the details above

6. Website forms, volunteering and donations

Contact forms

If you contact us through the website, we will use the information you provide to respond to your enquiry and keep an appropriate record of the communication.

Volunteer forms

If you sign up to volunteer, we may use your details to contact you about campaign activities, leafleting, canvassing, events, admin support, and related opportunities.

Donations

If you contact us about making a donation, we may process the information needed to administer and record donations, carry out checks where required, and comply with electoral law and reporting obligations.

7. Cookies and analytics

Our website may use cookies and similar technologies.

Some cookies may be strictly necessary for the website to function. Other cookies, such as analytics or advertising cookies, should only be used where appropriate consent has been obtained, unless an exemption applies. The ICO says users must be told what cookies do and why they are used, and prior consent is required for non essential cookies.

If you use analytics, cookie banners, Meta Pixel, Google Analytics, embedded videos, or similar tools, your live site should also include a separate cookie notice and a working consent mechanism.

8. Who we share your data with

We may share personal data where necessary with:

  • campaign staff and authorised volunteers who need access for campaign purposes

  • website hosting, email, form management, CRM, or digital service providers

  • professional advisers where required

  • regulators, public authorities, or law enforcement where legally required

We require service providers acting on our behalf to handle personal data appropriately and only for authorised purposes.

9. How long we keep your data

We will not keep personal data for longer than necessary for the purposes for which it was collected, including legal, regulatory, electoral, and administrative requirements.

Retention periods may vary depending on the type of information and why it was collected. Where we do not set a fixed retention period, we will assess retention based on factors such as campaign need, legal obligations, regulatory reporting, and whether the information is still relevant and necessary. The ICO says privacy information should explain either the retention period or the criteria used to determine it.

A practical campaign version could be:

  • general enquiries: up to 12 months after the election, unless needed longer

  • volunteer records: up to 12 months after the election

  • donation and financial records: retained as long as necessary to meet legal and regulatory obligations

  • email marketing preferences and suppression records: retained as needed to respect opt out requests

10. Your data protection rights

Under UK GDPR, you may have the right to:

  • access the personal data we hold about you

  • ask us to correct inaccurate data

  • ask us to erase your data in certain circumstances

  • ask us to restrict processing in certain circumstances

  • object to processing, including direct marketing

  • withdraw consent where we rely on consent

  • request data portability in certain circumstances

The ICO states that privacy notices should tell people about these rights, and subject access requests usually must be handled without undue delay and within one month, subject to the rules and any valid extension.

To exercise any of these rights, please contact us at campaign@voteewing.com

11. Complaints

If you have concerns about how we use your personal data, please contact us first and we will try to resolve the issue.

You also have the right to complain to the Information Commissioner’s Office. The ICO is the UK regulator for data protection matters.

12. Third party links

This website may contain links to third party websites. We are not responsible for the privacy practices of those external websites, and you should read their privacy notices separately.

13. Data security

We take appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. The ICO’s accountability guidance emphasises data protection by design and by default.

14. Updates to this policy

We may update this privacy policy from time to time. Any changes will be posted on this page with the updated date shown at the top.