Privacy Policy

Our Privacy Policy

We (NFST) do not pass on personal data of our members to any third party unless you give us your express permission to do so (for example, if you ask us to raise an issue with Nottingham Forest and give us permission to pass your details to them). We do not sell or share personal information for marketing purposes.

You can amend the personal details we hold by emailing us at

We only use the personal data of our members to email our members with newsletters or updates on key trust activities, give notice of our AGM, remind you to renew your membership and if we are running a member survey or collecting feedback on a specific topic.

If you cancel your membership we will, within 28 days, erase your personal details from our records.

General Data Protection Regulation (GDPR) 

GDPR is an EU law which came into force on 25 May 2018.
Personal data is any information we keep about someone which can identify them. In practice this is our membership database. Processing is using that information in any way.
GDPR sets out six principles for data processing:
• It must be processed fairly and in a transparent manner.
• The information collected, stored and used must be for a specified purpose.
• It must only be used in a way that are relevant to that purpose.
• It must be accurate and kept up to date, and where found to be inaccurate is erased or rectified “without delay”.
• It must not be kept for longer than is necessary for the specified purpose.
• You must ensure appropriate security to guard against loss or unauthorised or unlawful processing.