Privacy Policy Change Log

2018 Privacy Policy vs 2026 Privacy Policy

Area2018 PolicyUpdated VersionChange TypeWhy it Matters
Scope & introductionUK/EU-focused noticeExplicit UK + US applicabilityExpandedReflects global membership access and modern expectations
Controller identificationStates AOC is controllerRetained and clarifiedClarifiedImproves regulatory clarity
Contact detailsProvidedRetainedUnchangedAlready compliant
Data collection descriptionBasic list of fieldsStructured categories of collectionClarifiedImproves transparency/readability
Third-party data disclosure warningMentionedRetainedUnchangedStill appropriate
Purpose of processingMembership/admin describedStructured list of purposesClarifiedAligns with GDPR transparency expectations
Year Book inclusionIncludedRetained with clearer opt-outClarifiedBetter consent framing
Emergency contact useMentionedRetained with clearer limitationClarifiedStrengthens proportionality explanation
Legal basis statementContract & legitimate interest implicitExplicit legal basis sectionExpandedRequired for modern GDPR transparency
Marketing usageSimple consent statementStructured marketing sectionClarifiedMeets modern expectations
Sale of dataStated not soldRetainedUnchangedGood practice
Data sharingMSA / printers / legalStructured list of recipientsClarifiedBetter accountability signalling
International transfersNot addressedExplicit sectionNewRequired when services may operate abroad
Website cookiesStates none usedRetained but softened wordingClarifiedReduces compliance risk if site changes
External links disclaimerIncludedRetainedUnchangedStill valid
Security measuresHigh-level statementRetainedUnchangedAppropriate proportionality
Retention policyVery limited referenceDedicated retention sectionExpandedKey ICO expectation
Skeleton record noteIncludedRetainedUnchangedPreserves operational reality
Data subject rightsBasic access/correctionFull structured rights listExpandedReflects current regulatory expectations
ICO complaint referenceIncludedRetainedUnchangedRequired and appropriate
US user rightsNot addressedIncludedNewSupports cross-border defensibility
Children’s dataNot addressedIncludedNewStandard modern policy inclusion
Policy update processIncludedRetainedUnchangedStill appropriate
Document structureNarrative textSectioned compliance structureClarifiedEasier comprehension & auditability
Tone & clarityInformal / legacy wordingPlain legal-administrative clarityClarifiedImproves defensibility

Executive Summary (Plain Interpretation)

From a governance perspective, the update introduces five material compliance improvements:

1️⃣ Explicit legal basis transparency
2️⃣ Data retention disclosure
3️⃣ International transfer acknowledgement
4️⃣ Expanded rights articulation
5️⃣ US jurisdiction accommodation

Everything else is largely structural modernisation rather than behavioural change.