Privacy Policy

1. Introduction

This Privacy Policy explains how FFMG (“we”, “us”, “our”) collects, uses, and protects personal data through the Comedy Link Up website (www.migrainefreedomproject.com. We are committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are (Data Controller)

FFMG LTD is the data controller for the information you provide to us.

If you have questions about your data, please contact:

Data Protection Officer (DPO)

Email: [email protected]

3. What Personal Data We Collect

a. Information You Provide:

Name

Email address

Postal/billing/shipping address

Phone number

Payment information (handled by secure third-party processors)

Newsletter preferences

Comments/reviews (if enabled)

b. Information We Collect Automatically:

IP address

Device and browser type

Referral source

Pages viewed and interactions

Cookies and other tracking identifiers (see Section 8)

c. Special Category Data:

We do not collect sensitive personal data (e.g. health, religious beliefs).

4. How We Use Your Data (Purposes of Processing)

We use your data for:

Purpose Legal Basis (UK GDPR)

Processing ticket and merchandise orders Performance of a contract (Art. 6(1)(b))

Sending order confirmations/support Performance of a contract

Sending newsletters and updates Consent (Art. 6(1)(a))

Marketing and promotional communications Consent / Legitimate interest

Improving website functionality Legitimate interest (Art. 6(1)(f))

Fraud prevention and legal compliance Legal obligation (Art. 6(1)(c))

5. How We Share Your Data

We only share your data when necessary, with:

Payment processors (e.g., Stripe, PayPal)

Email marketing services (e.g., Mailchimp)

Website hosting and analytics (e.g., WordPress, Google Analytics, Jetpack)

Order fulfilment and delivery partners

IT security and support providers

Legal or regulatory bodies, where required

All third parties are required to comply with GDPR and provide adequate safeguards.

6. International Data Transfers

Some of our service providers (e.g., Mailchimp, Google Analytics) may store data outside the UK or EEA (e.g., in the USA). When this occurs, we ensure:

Data is transferred under adequacy decisions, or

Standard Contractual Clauses (SCCs) are in place, and

Additional technical and organisational safeguards are applied.

7. Your Data Protection Rights

Under UK GDPR, you have the following rights:

Right Description

Right to Access Request a copy of the personal data we hold about you

Right to Rectification Request corrections to inaccurate or incomplete data

Right to Erasure Request deletion of your personal data (“right to be forgotten”)

Right to Restrict Processing Ask us to limit how we use your data

Right to Data Portability Receive your data in a machine-readable format or transfer it to another controller

Right to Object Object to processing for direct marketing or based on legitimate interests

Right to Withdraw Consent You can withdraw your consent at any time, where applicable

Right to Lodge a Complaint Contact the ICO (Information Commissioner’s Office): www.ico.org.uk

To exercise any of these rights, email [email protected].

8. Cookies and Tracking

We use cookies for functionality, performance, and marketing.

Types of Cookies Used:

Essential cookies – Required for basic functions like cart and checkout (WooCommerce)

Analytics cookies – Track usage (Google Analytics, Jetpack)

Marketing cookies – Personalised ads or social media tracking (Facebook Pixel, Mailchimp)

You can manage cookie preferences via the cookie banner or your browser settings.

For more, see our Cookie Policy (link to separate page if available)

9. Data Retention

We only keep your data for as long as necessary for:

Fulfilling the purposes described above

Legal, tax, and accounting obligations (typically 6 years)

Marketing (until you unsubscribe or withdraw consent)

Inactive accounts and customer data are securely deleted or anonymised.

10. Data Security

We implement appropriate technical and organisational measures, including:

SSL encryption

Secure servers and backups

Strong password policies

Regular plugin and theme updates

Use of security plugins (e.g. Wordfence)

Despite this, no system is 100% secure. Always protect your login information.

11. Children’s Data

Our services are not intended for users under 16. We do not knowingly collect data from children. If we become aware that a child has provided personal data, we will delete it.

12. Third-Party Links & Embedded Content

Our site may contain links or embedded content (e.g., YouTube, Instagram). These platforms may collect data independently. Please review their privacy policies separately.

13. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in law or services. Significant changes will be communicated on our website.

Last updated: 25/05/2025

14. Contact Us

FFMG Ltd

Email: [email protected]

Website: www.migrainefreedomproject.com