A. Tzedek – Privacy Policy

Tzedek takes the privacy and security of your personal information very seriously.

This privacy policy sets out how Tzedek processes personal data (that is, information by which an individual can be identified) collected by us in the course of our lawful activities, in accordance with the Data Protection Act 1998, the General Data Protection Regulation and any subsequent legislation (‘Data Protections laws’). This policy has been put in place to protect your rights under the Data Protection laws, and it is important that you understand what we will do with your data and are happy with this. If you want to discuss any matter relating to how your data is used, please call us on 020 3603 8120 or email us at info@tzedek.org.uk.

References to the processing of information include the collection, use, storage and protection of data.

Tzedek is the ‘data controller’ for the purposes of this policy, and the policy extends to its staff, trustees, volunteers and anyone else processing data on our behalf from time to time.

Tzedek is committed to ensuring that your privacy is protected. Any personal data collected by Tzedek will only be processed in accordance with this privacy policy.

Organisations are permitted to process data if they have a legal basis for doing so. Tzedek processes data on the basis that:

  • Express and informed consent has been given by the person whose data is being processed; and/or
  • Tzedek has a legitimate interest in processing data; and/or
  • It is necessary in relation to a contract or agreement which the person has entered into or because the person has asked for something to be done so they can enter into a contract or agreement; and/or
  • There is a legal obligation on Tzedek to process data.

Where Tzedek is relying on solely consent as the basis for processing data, we are required to obtain your explicit consent and you can modify or withdraw this consent at any time by notifying us in writing, although this may affect the extent to which Tzedek is able to provide services to or interact with you in future.

Tzedek may change this policy from time to time and any such changes will be published on our website. Notwithstanding any change to this policy, we will continue to process your personal data in accordance with your rights and our obligations in law.

This policy is effective from 5th February 2018.

B. What data do we collect?

We collect the data necessary for Tzedek to pursue its charitable objectives, including but not limited to the delivery of humanitarian aid, working with volunteers, fundraising and marketing, running events, keeping our supporters informed of our activities and the effective running of Tzedek through its professional staff, trustees and volunteers. Data collected and processed may include, but not be limited to:

  • Names and contact information such as telephone numbers, email and postal addresses and, on occasion, other personal data such a photographs
  • Donor and volunteer records and preferences, including, where necessary, bank or payment details in order to process payments from you and information about your tax status for the collection of Gift Aid
  • Such other information that is relevant and necessary for Tzedek to carry out its activities, charitable purposes and legal obligations.

C. What we do with the data we process

Tzedek uses the data collected to maintain accurate internal records of our engagement with supporters, volunteers, staff and others. These records facilitate our activities run in accordance with our charitable objects, including working with volunteers and beneficiaries and raising funds and awareness about our work through campaigns and events. Data may be processed and viewed by the relevant staff, trustees and volunteers in the course of Tzedek’s activities (all of whom work in accordance with this privacy policy) and will be retained only for as long as is reasonable and permissible in law. If you are volunteering with one of our overseas projects we may need to share your data with our staff or trusted partners outside of the European Economic Area, but will only do so in accordance with this policy and once we are satisfied that your data will be kept private and secure to the same standard as we demand of our staff and partners in this country.

You, as the data subject, may request deletion of your data at any time in writing, subject to any overriding legal requirement for its retention, such as the need, where appropriate, to retain Gift Aid records for Her Majesty’s Revenue and Customs.

D. Your rights in relation to your personal data

You may request details of personal information which we hold about you. Any such request must be submitted in writing and we reserve the right to seek verification of the identity of persons making such requests before we respond. A small fee may be payable if an information request is particularly onerous.

You may choose to restrict the collection or use of your personal information, but this may inhibit or limit the way in which Tzedek is able to interact with you. You may, at any time, change your mind about what information we hold about you, or if we continue to hold it at all, subject to any legal obligation on Tzedek to retain data.

You are responsible for the accuracy of data you have provided to Tzedek. If you believe that any information we are holding on you is incorrect or incomplete, please write to us as soon as possible. We will promptly correct any information found to be incorrect.

We may use your personal information to send you information about Tzedek and matters relating to Tzedek’s activities which we think may be of interest to you. We will only share data with trusted third parties where necessary for us to communicate with you (such as mailing companies for postal communications or through email campaigns or newsletters), to run events or other activities or as stated above, and only once we are satisfied that any such use of data will accord with our privacy policy. We will not sell or share your personal information with any other charities, businesses or marketing companies without your explicit consent.

You can obtain further information about Data Protection and privacy laws by visiting the Information Commissioner’s website at: https://ico.org.uk/for-the-public.

E. Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the data we process. Persons processing data on behalf of Tzedek do so in accordance with this policy and on the basis that Tzedek is satisfied that they can and will adhere to our high standards for data protection and security.

The transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. You are responsible for keeping the password you use for accessing our website (if applicable) confidential; we will not ask you for your password (except when you log in to our website).

F. Web browsing and Cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

The 1st party cookies that we use are:

  1. WordPress Privacy – Used to check whether the browser is set to accept or reject cookies
  2. WordPress Logged in users – For logged in users only, stores your login authentication details and records whether or not you are currently logged in to WordPress
  3. Google Analytics – Used for analytical purposes, allows the site to be able to distinguish between different users and sessions
  4. Woocommerce Privacy – Used to track items placed in the online cart and identify shopping session
  5. Jetpack WordPress plugin – Used by the Jetpack system to identify how users are referred to Tzedek’s e-commerce functionality
  6. GDPR Cookie Consent’ plugin – Tracks whether the user has responded to our Cookie Notification, and prevents the notification from being repeatedly shown after it has been acknowledged.

Third party cookies include Youtube.com, Google.com, Twitter.com, Instagram.com, Facebook.com, LinkedIn.com, CAFOnline.com, Sharethis.com, Doubleclick.net. Users can choose to block 3rd party (or indeed all) cookies via their browser settings.

We may also collect and store information about your browsing device, including, where available, your IP address, operating system and browser type. This is anonymous statistical data about your browsing activities and patterns, and does not contain any personal data.

G. Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy policy. You should exercise caution and look at the privacy policy applicable to the website in question.