Introduction

We are committed to protecting your personal data, whether you are a visitor to our website, a subscriber to our publications, a purchaser of our resources, a financial supporter, a volunteer or participant in one of our programmes or events, or a prayer supporter.

We adhere to the standards of the Fundraising Regulator’s Code of Fundraising Practice and we will always do so.

This privacy notice explains how we collect and use the personal data you provide to us (whether this is online, in person or via phone, mobile, email, letter or other printed form) and personal data about you that we may obtain from third parties.

If you use our website or any of our services, or provide us with any personal data, we will bring this policy to your attention so that you are fully aware of how your data will be used and disclosed.

Privacy notice in brief

It is important that you read the full privacy notice so that you understand what personal data we hold, how we may use it, and what your rights are. If you are short of time now, here is a summary but please do return and read it all:

  • We collect personal data, which means information that can be used to help identify a living individual, such as name, address, phone number, email address, IP address of the device you use to access our digital content, or website pages accessed. Under GDPR article 9-2(d) we also collect data on religious, ethnical and philosophical beliefs.
  • We collect personal data to provide services or goods, to provide information, to fundraise for our work, to resource our activities and fulfil our charitable objectives and for administration. This personal data may also be used for analysis and for the prevention or detection of crime, but we do not undertake research or wealth screening.
  • We only collect the personal data that we need or that you agree we can collect.
  • We do our best to keep personal data secure.
  • We never sell your personal data and we will never share it with another company or charity outside of the Jews for Jesus global network for their own purposes, unless you give us specific consent to.
  • We only share data where we are required by law or with carefully selected organisations (data processors) who carry out work for us. We recognise the importance of ensuring that all our data processors treat your personal data as carefully as we would, use it only as instructed, and allow us to check that they do this.
  • Our websites use cookies. For more information, please check our cookies policy.

We do all these things so that we can demonstrate our compliance with UK data protection regulations (including GDPR) and because we want to engage with you in an honest and transparent way. We welcome your questions and comments.

This policy applies to all the websites we operate in the UK, our use of emails and postal mailings for marketing purposes, and any other methods we use for collecting personal data. It covers what we collect and why, what we do and what we won’t do with the personal data, and the rights you have and how to exercise them.

Who we are

Jews for Jesus is a charity that relentlessly pursues God’s plan for the salvation of the Jewish people.

For further information about our privacy notice and data protection, please contact us in any of the ways shown in the ‘How to contact us’ section at the end of this privacy notice.

The personal data we collect and where we collect it from

We will only ever collect the data we need; this includes data to help improve our services, or which you agree that we can collect.

Personal data is any data that can be used to identify you. For example, it may include data such as your name, postal address, email address, telephone number, mobile number, bank account details, credit/debit card details, and whether you are a taxpayer so that we can claim Gift Aid on any donations you may make. It also includes online identifiers such as your Facebook and other ID’s, unique identifiers for the devices you use to connect to the internet (IP addresses), details of pages visited on our website and files downloaded.

We collect personal data in the following ways:

Data that you give us directly

We collect this data relating to specific activities, for example, when you engage us in person, use our website or printed forms or telephone our offices to:

  • enquire about our activities or beliefs
  • sign up to receive a newsletter
  • request that we speak with a Jewish friend
  • be contacted by Jews for Jesus upon request of a friend
  • make a donation to us
  • request a Jews for Jesus speaker visit your church
  • make a purchase
  • register for an event
  • create an account on one of our website
  • engage with our social media
  • complete a survey, questionnaire or feedback form
  • or otherwise provide us with personal data.

Please note: You don’t have to disclose any of this data to browse our website. However, if you choose to withhold requested data, we may not be able to provide you with certain services.

Data that you give us indirectly

Your data may be shared with us by sites such as Facebook, Twitter, Instagram, YouTube, Google+, Flickr and Blogger. These independent third parties will only do so when you engage with us via these sites. You should check their privacy notice when you provide your data to understand fully how they will process it.

Data that we collect when you use our website

Website usage data is collected using cookies. This helps us to see how many people use our website, how many people visit on a regular basis, and how popular individual pages are. Cookies are also essential to our website running correctly and delivering goods and services to users. For more data, please see our cookies policy at www.jewsforjesus.org.uk/cookies

Data from third parties

We may receive data about you from third parties, for example from a friend who wants us to contact you, to send you something you have requested or purchased, book an event or make a donation in your name.

We may receive updated delivery and address data from our delivery agents so that we can correct our records and deliver your next purchase or communication more easily. If we receive data about you from third parties, we will provide you with details of whom we received it from as soon as possible thereafter.

Data from public sources

Some organisations may combine data you provide with data available from public sources or records, to gain a better understanding of supporters and those who engage with them. Jews for Jesus has decided not to undertake such research.

Special categories of data

Data Protection law recognises that certain categories of personal data are more sensitive. This is known as sensitive personal data or special categories of data and covers health data, race and ethnicity, religious or philosophical beliefs and political opinions amongst other things.

We do not collect sensitive personal data about you unless there is a clear reason for doing so, such as involvement in an event where we need this data to ensure safeguarding, to carry out appropriate checks on volunteers, or care for participants. For some events we will collect health data so that leaders on our events have the relevant data to care for participants.

When we collect this data, we will make it clear to you what we are collecting and why and what are our legitimate interests or other lawful grounds for processing this data.

Children’s personal data

We do not knowingly collect data about anyone under 13 years of age unless we have the consent of an adult with parental responsibility, and if we are made aware of it we will erase it.

If you under the age of 13 and would like to participate in an event, make a donation or otherwise engage with us, please make sure that you have your parent or guardian’s permission before giving us your personal data.

How we use personal data

We may use the personal data that you provide in the following ways:

Responding to requests for information, resources and products

  • to respond to enquiries about our activities or beliefs
  • to process and send you resources you have ordered from Jews for Jesus
  • to process event bookings
  • to provide you with data that you have requested about our work
  • to provide you with data about other resources, events or programmes we offer that are similar to those you have already purchased or enquired about and to which you have not objected to receiving
  • to communicate with people you ask us to, by mail or phone (but not by email or text message)

Marketing and Fundraising

  • to process any donation(s) we may receive from you, to claim Gift Aid on these donations and to update you on how your donations are being used
  • to set up direct debits, standing orders and one-off card payments
  • to provide you with data about Jews for Jesus and how you can support our work as a charity (where you have consented to receiving this data as applicable)
  • to invite you to participate in surveys
  • to notify you about changes to our services
  • to analyse the use of our website and ensure that content is presented in the most effective manner for you and your device (see also our cookie policy link).

Administration

  • to record the contact that we have with you
  • for administration purposes, e.g. we may contact you about a donation you have made or event you have expressed an interest in or registered for
  • for internal record keeping, such as the management of feedback or complaints
  • to analyse and improve the services we offer
  • to further our legitimate charitable aims such as sending you data about how donations are being used

You can choose at any time which marketing materials you want to receive from Jews for Jesus and in which format. If there is something you would prefer not to receive, please contact us in any of the ways shown in the ‘How to contact us’ section at the end of this privacy notice.

Google Analytics

We use Google Analytics to collect data about how our website are used. These help us to know how often users visit our website, what pages they visit when they do so, and how they use our content online.

Links to other websites

Our website contains links to other third party owned websites and we sometimes choose to participate in social networking websites including, but not limited to Facebook, Twitter, Instagram, YouTube, Google+, Flickr and Blogger. We do not knowingly pass any of your personal data to them but social media widgets may transfer personal data, please see the social media privacy notice(s) for more information.

We may also include content from websites such as these on our website. However, we do not have any control over the privacy practices of these other websites. You should make sure when you leave our website that you have read and understood the other website’s privacy notice in addition to our own.

Do we sell or share personal data?

We never sell or share your personal data with other organisations to use for their own purposes, outside of the Jews for Jesus global network, without your specific consent.

We may share your personal data within the Jews for Jesus global network, if you engage with us as an enquirer, a tourist or a missionary, but we would only communicate with you if you reside in the UK, or with the prior agreement of your local Jews for Jesus branch.

Any Jews for Jesus personnel that have access to your data for systems administration purposes, are bound by the same levels of confidentiality agreement as normal Jews for Jesus UK staff.

If we run an event in collaboration with another named organisation, your details may need to be shared with them and those who provide services to help us deliver the event. We will make it clear what will happen to your data when you register.

Jews for Jesus may disclose your personal data only in the following circumstances:

  • Where we are under a duty to disclose your personal data in order to comply with any legal obligation (for example to government bodies and law enforcement agencies), or in order to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect Jews for Jesus (for example in cases of suspected fraud or defamation).
  • To third parties who provide a service to us and are our data processors. We employ other companies and individuals to perform functions on our behalf. Examples include fulfilling orders, delivering packages, sending postal mail and email, removing repetitive data from customer lists, analysing data, providing marketing assistance, processing credit card payments, and providing customer service. These data processors have access to personal data needed to perform their functions, but may not use it for other purposes. We require these third parties to comply strictly with our instructions and data protection laws and will make sure that appropriate controls are in place. These third parties include:
    • Blackbaud CRM for recording contacts, donations and other interactions
    • Box cloud storage
    • PayPal for donation processing
    • Google Analytics to analyse website traffic
    • Survey Monkey for surveys
    • Mailchimp email marketing
    • Microsoft Office 365 office productivity solutions
    • Optigem account software
    • Square donations and sales
  • To other organisations if we have your specific consent

If you would like more data about how your personal data is shared, please contact us in any of the ways shown in the ‘How to contact us’ section at the end of this privacy notice.

Research and wealth screening

Jews for Jesus has decided not to undertake research or wealth screening.

Our lawful basis for processing data

We rely on a variety of lawful bases for processing data depending on the purpose of processing.

  • We use a contractual basis for processing data relating to subscriptions, purchases from our online store and events you have booked.
  • We rely on legitimate interests for a variety of purposes. Legitimate interest is about balancing the interests of Jews for Jesus against your rights and freedoms and having due regard to your reasonable expectations about the use of your data. These purposes include:
    • mailing you information about related resources and events that you might be interested in, given your previous engagement with us
    • thanking (either by email, mail or telephone) those of you who have made a financial gift
    • collecting data on religious and philosophical beliefs (not shared without your specific consent)
  • We also rely on the legitimate interests lawful basis to share with you the fundraising needs of the charity and to ask for your support, given your engagement with Jews for Jesus resources, events and programmes, provided that we have also previously obtained any additional consents required to send this information to you in particular formats. For example, we will not send fundraising information or requests to you by email or other electronic means or via automated telephone calls where you have not opted in to these formats beforehand. You can let us know at any time if you would prefer not to receive these communications.
  • We use your consent for all the email marketing and text messages delivered by any of the activities and programmes run by Jews for Jesus. Every email marketing communication you receive provides a clear opportunity for you to opt out (unsubscribe) from future email communications.
  • We use legal obligation as the basis for processing any legally required activities such as Gift Aid returns to HMRC, and for any information we are obliged to share relating to employment of our staff with HMRC and other government or similar bodies.
  • How we keep your personal data safe and who has access to it

    We maintain a high level of security in relation to the collection, storage and disclosure of your data. This is very important to us and we take steps to ensure that any data we hold about you is safe.

    Storing your data

    We place great importance on the security of all personal data associated with our subscribers, supporters and customers.

    Data is stored by Jews for Jesus on secure servers at our offices, off-site and in the Cloud. We may also store data in paper files and other electronic devices.

    We have security measures in place to attempt to protect against the loss, misuse and alteration of personal data under our control. For example, only authorised personnel can access personal data, we ensure access to data is password protected or secured via locked filing cabinets and we encrypt financial data you input before it is sent to us.

    While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur while it is under our control, we use our best efforts to try to prevent this.

    Any sensitive or special categories of data you may provide to us are only shared on an absolute need to know basis and are deleted after each relevant event unless we need to keep that data for a longer period e.g. for safeguarding reasons.

    We enforce strict procedures and security features to protect your data and prevent unauthorised access, although we cannot completely guarantee the security of any data you transmit to us.

    Where you or we have provided a password enabling you to access parts of our website or use our services, it is your responsibility to keep this password confidential. Please don’t share your password with anyone. If you think anyone else has gained access to your password, please let us know as soon as possible.

    Transferring your data outside of Europe

    Some of the data we store and process stays within the UK, and some data may be transferred to countries outside the European Economic Area (EEA).

    This may occur if, for example, one of our supplier’s servers on which personal data is stored is located in a country outside the EU or if we use a cloud IT platform where data is dispersed between a number of different servers. These countries may not have similar data protection laws to the UK. We ensure that all of our data processors in the US conform to ‘Privacy Shield’ Regulations: https://www.privacyshield.gov.

    By submitting your personal data to us you agree to this transfer, storing or processing at a location outside the EEA.

    However, we will ensure that your privacy continues to be protected as outlined in this privacy notice and in accordance with our legal obligations under relevant data protection legislation.

  • Payment by credit or debit card

    If you use your credit or debit card to donate to us, buy something or pay online, over the phone or in person, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard. Find out more data about PCI DSS standards by visiting their website at www.pcisecuritystandards.org.

    Only those staff authorised to process payments will be able to see your card details. Once your transaction is completed, we do not store your full credit or debit card details.

    We hold bank account details for the purpose of collecting direct debits in accordance with direct debit mandate rules.

    Access to a linked site

    Our website may contain links to other websites. This privacy notice applies only to our sites, so you should always be aware when you are moving to another site and read the privacy statement of any site which collects personal data.

    We do not pass on any personal data about you to any other site when you link to another site.

    How long we keep your data for

    We will hold your personal data on our systems only for as long as is needed to fulfil the purpose for which we hold the data or as long as is required by law.

    Where your data is no longer needed we will ensure that it is disposed of in a secure manner.

    If you would like more detailed information, please contact us but our retention policy can be summarised as:

    Donors – 5 year since last engagement

    Event attendees – 5 years since event date

    Customers – 5 years since last purchase

    Financial records – 7 years since transaction date (and active Gift Aid certificates indefinitely)

    Personal data passed to mailing houses – 90 days from end of campaign

    Staff records – 30 years from termination

    Volunteer records – 5 years from termination

    Miscellaneous digital and paper records – when no longer needed and twice-yearly check

    Extract files to pass data between Jews for Jesus systems and processors – up to 3 years from last use

    If you request that we stop sending you marketing or fundraising data, we will keep a record of your contact details and appropriate data to enable us to comply with your request not to be contacted by us.

    Your rights

    We would like to keep all who engage with Jews for Jesus up to date with our work; to enable this, and to ask whether you are able to support us, we’d like to keep in touch with you (by post, phone, email, text and other electronic means) about our work and how you can continue to help us in this important mission.

    We will not use your data for marketing or fundraising purposes if you have asked us not to or we do not have your permission to use it for these purposes. However, we will retain your basic details on a suppression list to help ensure that we do not continue to contact you.

    If you are registered to receive one of our email communications, every email provides a clear opportunity for you to opt out (unsubscribe) from future email communications.

    The Data Protection Act and the General Data Protection Regulation give you certain rights over your data and how we use it. You have the right to:

    • request a copy of the data we hold about you and details of what we do with that data (known as a subject access request)
    • update or amend the data we hold about you if it is wrong
    • change your communication preferences at any time
    • withdraw your consent to use of your personal data where we are relying on consent as the lawful basis for processing it
    • ask us to remove your personal data from our records
    • ask us to restrict the processing of your personal data
    • obtain a portable copy of certain personal data where this is processed automatically
    • object to the processing of your data for marketing purposes
    • raise a concern or complaint about the way in which your data is being used
    • ask us to explain any automated processing we carry out and the impact of this on you

    If you wish to exercise any of these rights, please contact us in any of the ways shown in the ‘How to contact us’ section at the end of this privacy notice.

    Some of these rights are not available until 25th May 2018 – if this is the case, we will let you know that when you contact us.

    We will ask for reasonable proof of your identity before providing you with data or carrying out any of the above actions.

    Data security

    If you do not agree to our processing of your data in the manner outlined in this privacy notice policy, please do not submit any personal data to us.

    You can update your preferences at any time; please contact us in any of the ways shown in the ‘How to contact us’ section at the end of this privacy notice.

    How to complain or comment

    If you are unhappy with our work or something that we have done or failed to do, we want to know about it. Your comments enable us as an organisation to learn and continuously improve our services.

    Please contact us in any of the ways shown in the ‘How to contact us’ section at the end of this privacy notice.

    If you wish to raise a data protection concern or complaint with a supervisory body, you can address a complaint to the Data Commissioner’s Office. For more data, visit www.ico.org.uk.

    Changes to our Privacy Notice

    This privacy notice is regularly reviewed. If it changes, details of the sections of the notice that have been changed will be noted here. Regularly reviewing this page ensures you are always aware of what data we collect, how we use it and under what circumstances.

    This privacy notice was last updated on 8th May 2018.

    How to contact us

    Whether you want to ask a question, exercise your data rights or for any other reason you can contact us in a number of ways:

    Email us at [email protected]

    Email us at [email protected]   

    Write to our Data Protection team at 11 rue Crozatier 75012 PARIS.
    Call us on +33 (0)1 43 07 84 97 during normal office hours.