Last updated: 18 May 2026

Privacy Policy

Who we are

Freelancing for Good (“we,” “our,” or “us”) is a platform connecting impact-driven freelancers with organisations doing meaningful work. Our website is freelancingforgood.com.

Freelancing for Good is currently operated by Alistair Webster as a sole trader based in the United Kingdom. Alistair Webster is the data controller for personal data processed through the Services. You can contact us at data@freelancingforgood.com for any data-related questions or requests.

We are committed to protecting your personal data and respecting your privacy rights. This policy explains what data we collect, why, the lawful basis for processing it, and your rights concerning it.

What data we collect

We collect personal data through the following interactions:

  • Account registration — name, email address, profile information, profile photo, and optional header image when you sign up for the Pro Directory or create an account.
  • Slack community — your Slack username and interactions within our community workspace.
  • Job board — job details, organisation name, and contact email when submitting a listing.
  • Newsletter — email address when you subscribe to our newsletter.
  • Contact form — name, email, and message content when you reach out to us.
  • Payments — payment information processed securely through Stripe. We do not store card details on our servers.
  • Quiz — your responses to our freelancer quiz. No account is required and responses are not linked to your identity unless you provide your email.
  • Giving Pledge — name, email, and pledge details via our partnership with Giving What We Can (GWWC).
  • Speak Up Coaching Pods — name, email, and payment details when enrolling in the programme.
  • Freelance Frontier waitlist — name and email address when you register interest in the Freelance Frontier programme.

How we use your data

  • Managing your account, directory profile, and membership
  • Operating the job board and processing job submissions
  • Sending newsletter updates (you can unsubscribe at any time)
  • Processing payments via Stripe
  • Running Speak Up Coaching Pods and managing enrolment
  • Facilitating the Giving Pledge process and coordinating with GWWC
  • Responding to enquiries via our contact form
  • Improving our services through analytics

Legal basis for processing

Under the UK GDPR and EU GDPR, we must identify a lawful basis for each type of processing. The bases we rely on are:

  • Contract — processing necessary to deliver the Services you have signed up for: account management, Pro Directory membership, job board listings, Speak Up Coaching Pods enrolment, and payment processing.
  • Legitimate interests — running and improving the Services, including limited analytics (pageviews via Fathom, which does not use cookies or track individuals), protecting forms against abuse (via Cloudflare Turnstile), responding to contact-form enquiries, and operating waitlists for upcoming programmes. We have assessed that these uses do not override your rights and freedoms.
  • Consent — sending the newsletter and marketing emails. You can withdraw consent at any time via the unsubscribe link in any email.
  • Legal obligation — retaining payment records and certain transactional data for tax, accounting, and anti-fraud purposes.

AI-powered features

Our AI Brief Creator uses artificial intelligence to help organisations find suitable freelancers. When an organisation describes their project, the text is processed by an AI model (provided by Anthropic) to generate a project brief and match it against freelancer profiles in our directory.

AI-generated recommendations are suggestions only and do not constitute endorsements. Project descriptions are processed by Anthropic via their API, which does not use inputs for model training. We do not store project descriptions after the brief has been generated.

Third-party services

We use the following third-party services to operate our platform:

  • Supabase — database hosting and authentication. Data stored on servers in the EU.
  • Stripe — payment processing. Subject to Stripe's Privacy Policy.
  • Resend — transactional and newsletter emails.
  • Slack — community platform. Subject to Slack's Privacy Policy.
  • Vercel — website hosting and infrastructure.
  • Cloudflare Turnstile — bot protection on forms. No personal data is collected beyond a verification token.
  • Anthropic — AI processing for the Brief Creator. Project descriptions are processed but not stored or used for training.
  • Giving What We Can — pledge facilitation. See our data sharing arrangements below.

International data transfers

Some of the third-party services listed above are based outside the United Kingdom and the European Economic Area — principally in the United States. Where we transfer personal data outside the UK or EEA, we rely on the protections required by UK GDPR and EU GDPR:

  • EU-based processing — Supabase data is stored on servers in the European Union; no transfer outside the EEA takes place for primary database storage.
  • Standard Contractual Clauses and the UK IDTA — transfers to US-based processors (including Anthropic, Vercel, Resend, and Slack) rely on the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, and, where applicable, the EU-US Data Privacy Framework. Each vendor publishes its own data processing addendum and transfer impact assessment.
  • Bot protection — Cloudflare Turnstile is operated by Cloudflare, which provides equivalent transfer safeguards through its data processing addendum.

We have reviewed the protections each vendor offers and are satisfied that transferred data receives a level of protection essentially equivalent to that required under UK and EU law. You can request more information about the safeguards in place by contacting data@freelancingforgood.com.

Cookies

Our website sets only strictly necessary cookies, which under UK PECR and EU ePrivacy rules do not require consent. We do not display a cookie banner because we do not set any cookies that would require one.

  • Authentication cookies — to keep you logged in if you have an account. Set when you sign in; removed when you sign out.
  • Admin session cookies — for admin panel access.

We use Fathom for privacy-friendly analytics; Fathom does not set cookies, does not track individuals, and is GDPR/PECR-compliant without consent. We do not use advertising cookies or third-party tracking cookies of any kind. Note that third-party services we link to (such as Stripe Checkout) may set their own cookies on their own domains, governed by their own privacy policies. You can manage cookies through your browser settings.

Data sharing — Giving What We Can

We collect data from users who pledge through our partnership with Giving What We Can (GWWC). Both parties act as joint controllers of pledger data.

  • We share pledger data with GWWC to facilitate the pledge process and provide support.
  • GWWC acts as the primary contact for data subject rights requests (access, rectification, erasure).
  • Both parties implement appropriate security measures and will notify each other and relevant authorities within 24 hours of discovering any data breach.

Data retention

  • Account and directory data is retained for as long as your account is active.
  • Newsletter subscriber data is retained until you unsubscribe.
  • Job submissions are retained for the duration of the listing plus 12 months.
  • Contact form messages are retained for up to 12 months.
  • Payment records are retained as required by law (typically 6 years).

Your rights

Under UK GDPR and EU GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (the “right to be forgotten”)
  • Withdraw consent for data processing where consent is the lawful basis
  • Request a copy of your data in a portable format
  • Object to processing based on legitimate interests
  • Request restriction of processing in certain circumstances

For any data requests, contact us at data@freelancingforgood.com. We will respond within one month, as required by UK GDPR.

Right to lodge a complaint. If you believe we have not handled your personal data lawfully, you have the right to lodge a complaint with a supervisory authority. In the United Kingdom, this is the Information Commissioner's Office (ICO) — ico.org.uk/make-a-complaint. If you are based in the EU, you can complain to your local data protection authority. We would, however, appreciate the chance to address your concerns directly before you contact a regulator.

Children's privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that a child has provided us with personal data, we will take steps to delete it.

Changes to this policy

We may update this privacy policy periodically. Significant changes will be communicated via our website or email. The date at the top of this page indicates when the policy was last updated.

Contact

For questions about this privacy policy or your data, contact us at data@freelancingforgood.com.