Privacy Policy


The Ethical Tea Partnership (“ETP” / “We”) are committed to protecting and respecting your privacy. This Privacy Policy informs you how we look after your personal data when you work with us, use our services or visit our website, and tells you about your privacy rights.

This policy (together with our terms of use, our standard consultancy terms and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By engaging with ETP, or visiting the ETP website (“our site”), you acknowledge the practices described in this policy.

We collect, store and process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 and Data Protection Act 2018 (“data protection legislation”) and as set out in this policy. We are a controller in respect of your information that we hold and process and are responsible for this personal data. The terms used in this policy have the same meanings as those given in the data protection legislation.

What data we collect about you

We collect the following types of data about you:

  • Information you give us

You may give us information about you by contracting with us, engaging in projects with us, filling in forms on our site or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you enter into any contracts with us, personally or through your employer, subscribe to our ETP e-news or social media updates, request a membership application pack or use any other interactive areas of the ETP site. The information you give us may include your name, address, e-mail address and phone number.

  • Information we collect automatically 

With regard to each of your visits to our site we may automatically collect the following information:

  1. technical information, including your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  2. profile information, such as any information created when you set up an account on our website, including your username and password, and any phone number used to call us; and
  3. website use information, including the full URL clickstream to, through and from our site, pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information and methods used to browse away from the page.
  • Information we receive from other sources

We may receive information about you from other sources, for instance if you engage with our members or partners, where information about you is publicly available, or if you use any of the other services we provide. Your employer may share certain information to enable us to work or contract with them.

We do not request any of the following “special categories” of personal data about you: your race or ethnicity, religious or philosophical beliefs (other than your desire to engage in ethical trading), sex life, sexual orientation, political opinions, trade union membership, criminal convictions or offences, information about your health or genetic or biometric data. If you volunteer this information we may hold it where it is in recorded format.


Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them please see our ETP Cookie Policy.

How we use your personal data

We use information held about you in the following ways:

  • to provide you with the information and services that you request from us or expressly indicate are relevant to you;
  • to notify you about changes to our services;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • where you or your employer is a member of ETP, to communicate with you including access to any information granted to us by your employer;
  • to stay in contact with you and to provide you with information about our organisation and our campaigns
  • where we enter into contracts with you, to meet contractual arrangements with you including payment of invoices;
  • to ensure that content from our site is presented in the most effective manner for you and your computer;
  • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and
  • in order to keep our site safe and secure.

Where we combine information we receive from other sources with information you give to us and information we collect about you, we will use it for the same purposes.

When we collect information the purpose should be clear. If you have any questions or are uncertain of the reason it is being collected, please let us know.

Sharing your data with third parties

We may also share information with third party subcontractors who assist us with some of our services, or to enable us to deliver a contract with you or your employer.

We may disclose your personal information to third parties:

  • in the event that any of the responsibilities of ETP pass to another person, organisation or body whether corporate or unincorporated;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or other agreements;
  • to protect the rights, property, or safety of ETP, our members, other users of our website, materials or services or others; or
  • where this will help us to provide our services to you more effectively, in ways you are expressly aware of. In particular, we work with the online email marketing platform Mailchimp in order to store your contact details and provide you with any e-newsletters and other information which you expressly ask for. In doing so we take the measures set out below to ensure your data is protected to at least the minimum standards set out in the GDPR.

We will take reasonable measures to ensure third parties understand the confidential nature of your personal data and any limitations on its use, and have appropriate security controls in place. These include:

  • we may run background checks on such parties to make sure they are themselves GDPR-compliant;
  • we conduct due diligence on all our partners to make sure they are suitable partners of the ETP; and
  • we require such parties enter into contractual clauses with us which require that they will not use your information inappropriately or share it further.

Basis for our use of your personal data

We will only use your personal data where we have a lawful basis to do so. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you or your employer;
  • Where it is necessary for our legitimate interests (including operating ETP, and promoting and supporting the ethical values of ETP and our members) or those of a third party, and your interests and fundamental rights do not override those interests; or
  • Where we need to comply with a legal obligation or to protect or enforce our rights.

Generally, we do not rely on consent as a legal basis for processing your personal data. You do have the right to withdraw your consent from receiving marketing communications from us at any time by contacting us.

Keeping your personal data up to date

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Where we store your personal data

The data that we collect from you will be stored on secure data management systems provided by Microsoft which provide access to secure data storage services with additional backup facilities to reduce the risk of data loss.

Before reaching these systems, your data may be transmitted via internet servers outside of the United Kingdom. You should take note that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.

Once we have received your information, we will use reasonable procedures and security features in our systems to try to prevent unauthorised access, including encryption of our hardware. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Except as mentioned in this Privacy Policy or as part of a specific international project which we are working on with you, we will not transfer your personal data outside the European Economic Area (EEA). Where information is shared, we will comply with the required checks in the data protection legislation to ensure information remains secure and confidential.

How long we keep your personal data

The data that we collect from you will be retained by ETP for as long as it remains useful in serving the purpose for which it was submitted, after which it will be deleted unless we are required to retain it by law.

We may also hold your data for longer periods with your consent, for instance:

  • where we have entered into a contract with you, we may retain your details in case we wish to contract with you again; or
  • where you cease to be an ETP member, we may retain your details in case you wish to become a partner in one of our wider programmes.

Your rights

We may use the personal data you have given us to form a view on which of our other products, services or offers may be relevant for you and contact you about these (“marketing communications”). You may receive such marketing communications from us if you have requested information from us or purchased our services and you have specifically asked to receive that marketing.

You have the right to ask us not to process your personal data for marketing purposes. We will inform you if we intend to use your data for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at the address below.

We will ensure we have your express consent before we share your personal data with any third party for marketing purposes.

In certain circumstances, you have additional rights under data protection legislation in relation to your personal data. In particular, you may have the right to:

  • request access to your personal data;
  • request correction or erasure of your personal data;
  • object to processing of your personal data of request a restriction of it;
  • request transfer of your personal data to another person; and
  • withdraw any consent you have given to its processing.

If you wish to exercise any of the rights set out above, please contact us at the details given below.

Third-party links

Our site may contain links to and from other websites, including those of our partners and members, and we may refer you to other material including blogs and articles on tea sustainability issues. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Changes to our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Privacy Policy.


Questions, comments and requests regarding this Privacy Policy, including requests to exercise your legal rights, are welcomed and should be addressed to our Compliance Department by email to:

If you are unhappy with the way we have handled your data, you have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues ( We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.