How We Use and Protect Your Data
Latest revision: May 2018. Revision information is located at the bottom of this page.
Privacy International strongly believes that you have the right to control the use of your personal information, and that your privacy must be respected. We strictly limit the collection and processing of your personal data, and to the best of our abilities we will work only with other organisations who do the same. We will not use personal data that you provide to us in a manner inconsistent with the purposes for which you provided it to us, as set out below.
We do not sell, rent or lease personal data.
We will vigorously challenge any attempts by government agencies or private sector organisations to gain access to any information that you give us.
- Financial and Supporter Information
- Cookies Policy
- Social Media
- Volunteers' and Applicants' Information
- Research and Investigations
- Your Data Subject Rights
- How to Contact Us
- Changes to the Policy
The data controller for data collected and processed in accordance with the Policy is Privacy International. Privacy International is a registered charity (No. 1147471) with the Charities Commission of England and Wales, and a registered company (No. 04354366) with Companies House of England and Wales. Our address is Privacy International, 62 Britton Street, London, EC1M 5UY, United Kingdom.
What Personal Data Do We Collect and Process?
Privacy International collects and processes as little personal data as possible in order to achieve our mission, which is described on our About Us page.
We collect and process various types of personal data depending on your relationship with PI. We may collect and process personal data relating to the following people:
- Contractors/ Consultants
- Applicants (for any of the above roles) (See Volunteers’ and Applicants’ Information)
- Employees of PI Partners
- Website users (see Website and Cookies Policy)
- Individuals who contact PI directly (see Communications and Social Media)
- Research subjects (see Research and Investigations)
The types of personal data we may process, for the purposes described below, include:
- Email address
- Home address
- Phone number
- Biographical information
- Immigration status
- Employment and employer details
- Financial information (including donation history and details about your taxpayer status when claiming GiftAid)
- Communications Preferences (primarily through our Mailing List)
- IP addresses
- Pages accessed on any of Privacy International’s websites
We’ve explained this further here.
Generally, we do not collect or keep a record of sensitive personal data and only do so in very limited circumstances, primarily when an individual has chosen to provide us with this data.
We process some sensitive personal data for Human Resource purposes, for example, about PI’s employees as far as necessary to fulfil our duties as an employer. On occasion we may also process sensitive personal data of others engaging with PI, for example where an individual provides us with information relating to accessibility needs for the purpose of arranging a meeting or where an individual contacts PI and their communication includes sensitive personal data. We do not use this data for any other purpose other than that for which it is provided.
We may on occasion process sensitive personal data in relation to our research and investigations, for example when conducting research into potential or current subjects and participants of our research and investigation projects in the context of PI’s mission. This data may be provided to us by the individuals themselves, from publicly available sources or from third parties.
We also collect and process data in connection with our campaigns and fundraising websites. Privacy is an internationally recognised human right. However, we appreciate that in certain circumstances, the data you submit on these websites, may reveal data that could be considered sensitive personal data (reflective of your political or philosophical views) e.g. indicating that you are interested in privacy in a specific country, have sent a letter to a specific company to complain about its privacy practices, have signed a petition to support one of our campaigns, or have donated to our appeal to support one of our cases.
When using our websites, you are not required, as a statutory requirement or as a necessity to enter into a contract, to provide us with personal data for processing as described in the Policy. However, if you do not provide us with certain personal data on our campaigns and fundraising websites, we will not be able to provide you all of the features available. More detail about how your personal data is used for the features on these sites is provided when you are inputting the data and is also explained here.
Why Do We Collect and Process Personal Data?
We collect and process personal data for the following necessary purposes:
- To administer our websites;
- To respond to any communications, queries or requests for information or services from you, howsoever received;
- To receive and process financial donations;
- For recruitment, employee and human resources management purposes;
- For auditing purposes;
- For procurement of services;
- For managing our relationships with PI Partners;
- For research, investigations and campaigns in connection with our mission and charitable objectives, which are described on our About page and on the Charity Commission website;
- To comply with our legal or regulatory obligations; and
- To establish, exercise or defend legal claims.
Privacy International will only process personal data when we have a legal basis for doing so. The legal basis that we will rely on will depend on the circumstances in which we collect and use your personal data. In almost all cases, the relevant legal basis to process personal data is that the processing will be one of the following:
- Based on your consent to use your data in a certain way (for example, to communicate with you through our mailing list). Your consent may subsequently be withdrawn at any time by editing your preferences or contacting us as specified in the How to Contact Us section of this Policy without affecting the lawfulness of processing based on consent before its withdrawal.
- Necessary in order to take steps prior to entering into a contract or for the performance of a contract (for example, for recruitment, for human resources management and to manage those carrying out work on behalf of PI);
- Necessary to comply with legal requirements (for example, to comply with applicable regulatory obligations and employment law); and
- Necessary for our legitimate interests (for example, to administer our websites, to manage our donations, to carry out research and investigations consistent with our mission and to manage volunteers). We will only rely on this legal basis where we’ve identified the purpose (the legitimate interest), assessed that the processing is necessary for that purpose and conducted a balancing test to ensure that this interest is not overridden by the interests, rights and freedoms of the individual.
How Do We Protect Personal Data?
Personal data shall be subject to additional safeguards to ensure this data is processed securely. For example, we work hard to ensure data is encrypted when in transit and storage, and access to this data will be strictly limited to a minimum number of individuals and subject to confidentiality commitments.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to any of our websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. When possible, encryption is used, both in transit and storage. Access controls within the organisation limit who may access information.
Who Do We Share Personal Data With?
We maintain direct control over as many processes as we can. As necessary in connection with the above purposes, your personal data may be transferred to the Board of Trustees or our authorised third-party service providers and partners. We conscientiously select and review authorised third parties when possible and review their privacy and security policies. These authorised third parties may be engaged in, among other things, the processing of donations, technology support, outreach campaigns, or research projects carried out in connection with our mission. Limited members of Privacy International staff or the staff working for these third parties may also access and otherwise process your personal data in connection with their job responsibilities or contractual obligations.
Some of these personnel and authorised third parties (for example payment processors) may transfer data outside the United Kingdom (“UK”) or European Union (“EU”). We take appropriate steps to ensure that data remains within jurisdictions with adequate protections for personal data and ensure that recipients of personal data from us are bound to duties of confidentiality, where relevant or appropriate. Where this is not possible, we rely on data minimisation, the selection of trusted companies with privacy policies and auditable processes which we have reviewed and seek to ensure that there are adequate safeguards in place for protecting transferred data, for example Standard Contractual Clauses. For more information on the safeguards for transfer in a particular operation please contact us. We may also be required to disclose or otherwise process your personal data in the context of a regulatory audit to which we may be subject from time to time.
How Long Do We Keep Personal Data?
We ensure that personal data is retained only for as long as necessary in accordance with the above purposes and applicable laws. We may be required to retain your personal data for a number of years in order to satisfy legal or contractual obligations, or in order to establish, exercise or defend legal claims. When your personal data is no longer necessary for these purposes, the personal data will be deleted.
Emails received through email@example.com are reviewed by one staff member, sent onwards when necessary to other staff members, and deleted as quickly as possible. Similarly, emails sent to our other general addresses, e.g. firstname.lastname@example.org, are reviewed and deleted as quickly as possible. We do not disclose the names of senders to others outside of Privacy International, i.e. third parties, without your permission.
We use email service providers in the UK. As a result our emails are susceptible to lawful access in the UK, and possibly through unlawful means by the UK Government and by other governments and entities. We select our service providers on the basis of their privacy awareness, and work with most of our service providers to advise them on privacy protection. Our current service provider is GreenNet (see below).
We administer a mailing service for notifications by email based on interest in topics that you have explicitly indicated to us. Outgoing messages are processed by our mail service and internet providers.
Information we receive by post is collected by one staff member, reviewed, and sent onwards when necessary to other staff members. These items are destroyed as soon as possible. We use our best efforts to prevent disclosure of the names of senders to third parties, consistent with our legal obligations and we endeavour to keep files secure. If the content of messages is shared with third parties, we de-identify the messages as much as possible.
Telephone calls received on our number are serviced by our phone and internet provider, Andrews & Arnold Ltd, using a SIP service, and are beyond our control. As a result, the traffic data for these calls may be retained in accordance with various laws and a voluntary code of practice for the retention of communications data.
Financial and Supporter Information
We collect and process data provided by prospective and current donors. This data may include contact details, biographical information, financial information, donation history, and employer details. We do not purchase such data, so we only collect data given to us by the individuals themselves. In order to assist us with the technical process of managing and recording our donations for audit purposes, this information may be processed through CiviCRM software that we control but is hosted by our internet service provider. This software allows us to see the email address of the donor, how much has been donated, when it was donated and whether it is a recurring payment.
We will ask donors wishing to make a donation under the Gift Aid scheme to complete an online or hardcopy Gift Aid declaration form. We are required to store an auditable record of those donors -- full name, home address and details of the donation -- in order to process the Gift Aid donation. To make a Gift Aid repayment claim, we are required to share that data with the UK Government -- HMRC's Gift Aid service, Charities Online. Please contact email@example.com for further information on making a Gift Aid donation.
We design and administer our web services to limit the amount of data collected. We endeavour to protect users and their data when we process data collected.
It is helpful to Privacy International to know how our websites are used.
To undertake analysis of how our site is used, we use GoAccess to see statistics in relation to our website use, for the following purposes:
- To know how many visitors per day visit site
- To know how much traffic we are sending outbound
- To know which items on our site are being downloaded (e.g. PDFs, long-form, reports, short items)
- To identify items not found, i.e. 404s so that we can fix them
- To identify the types of operating systems being used and browsers so we can design our site accordingly
- To identify the time of day when our site is most used in case we want to do syncs and repairs (that result in our site being down temporarily)
- To identify the percentage of the traffic that is going our over our Tor service.
These statistics are only available to PI. We keep the aggregate data indefinitely, and use this aggregate data to report internally, to our Board, and to our funders. For instance, we will report to our Board that an investigation report was downloaded X number of times.
GreenNet may use the logs and other information for their own business purposes, such as for troubleshooting and defining usage patterns, in accordance with their Code of Practice available here. We have reviewed their Code of Practice and advised them on best practices.
GreenNet has refused to take part in the UK Government's voluntary traffic data retention scheme. As a result, GreenNet’s Code of Practice states that it keeps most information logged in relation to internet and internet support services for seven days and some for up to 1 month, after which this information is deleted. However, as a UK-based provider, GreenNet is susceptible to retention orders in the UK, which may require it to retain this information for longer periods of time. We do not access this information in its raw form, nor do we review specific user activity.
Our other network provider is Hetzner in Germany. It was selected because it is based within the European Economic Area. They are obliged to adhere to German federal data protection law.
Campaigns website - action.privacyinternational.org
On our campaigns website -- action.privacyinternational.org -- if someone decides to log-in and asks for their details to be remembered by their browser, we set a cookie for this purpose.
|Sess*||Used to restart your sign-up session in case the user gets interrupted and must restart.||23 days|
Fundraising website - support.privacyinternational.org
On our fundraising website -- support.privacyinternational.org -- we set a session cookie in case the user gets interrupted and must restart the donation process.
|Sess*||Remembers you for the duration of your session, in case you are interrupted or so that you can press 'back'.||23 days|
Third party cookies
We use social media and social networking services to advance our work. These applications require the use of third party service providers. Notably, we have a Facebook page, Twitter feed, articles published on Medium, and a YouTube channel.
The Facebook page is administered by Facebook, in accordance with Facebook's Data Policy available here, and is accessible by Facebook users who have already consented to Facebook's Data Policy. The Group page is managed by Privacy International staff members. We do not export information on our followers from the Facebook platform.
We use direct messaging over social media on occasion, when individuals and organisations contact us on Facebook by leaving messages in our Inbox or by sending us Direct Messages on Twitter. We aim to delete these messages as soon as we have responded to the queries.
We will continue to push social media companies for stronger privacy protections for all their users.
Volunteers' and Applicants' Information
Occasionally we receive employment information from prospective employees. This information may include the individual's CV, biographical information, contact details, immigration status, photograph, and references. This information is shared with relevant staff internally until that individual becomes a candidate for employment. At that point we may share the CV with our trustees. We delete your application once it is no longer necessary for the recruitment exercise.
We also collect and process prospective and current volunteer data for recruitment and administration purposes. This data may include biographical information, contact details, immigration-related information, references, and payment details for reimbursement purposes. Again, we delete your application once it is no longer necessary for the recruitment exercise.
We keep all accounting and administration information for auditing purposes, in accordance with standard practice and UK law.
Research and Investigations
We collect and process data in relation to our research and investigations, for example when conducting research into potential or current subjects and participants of our research and investigation projects. This data may be provided to us by the individuals themselves, from publicly available sources, or from third parties. This data may include biographical information; contact details; employment details; financial information; photographs; and information on racial or ethnic origin, political opinions and interests, trade union membership, religious or philosophical beliefs, sex life or sexual orientation and concerning the commission (or alleged commission) of any criminal offence, and any related proceedings and sentences. This data is used to carry out research and investigations in connection with our mission, which is described on our About page.
Your Data Subject Rights
You have rights under data protection law over your personal data.
You are entitled, to request access to, rectification of, or erasure of your personal data. You are also entitled, to request restriction of collection and/or processing of, or object to certain types of collection and/or processing of your personal data. You have the right to ask us not to collect and/or process your personal data for marketing purposes; we currently require your consent by opting-in, and you can change your preferences at any time. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You may also, in some circumstances, have a right to data portability.
We will provide you with a response to your requests in accordance with U.K. data protection law. Requests can be submitted at any time by email to firstname.lastname@example.org, or by post to the physical address set out below. You also have the right to lodge a complaint with the corresponding data protection supervisory authority in your country of residence. You can find the relevant supervisory authority name and contact details here. In the UK the data protection supervisory authority is the Information Commissioner.
How to Contact Us
Please read the Policy carefully. To update your preferences, review or update your information, submit a request, raise any issues regarding the processing of your personal data or raise any questions, comments, or concerns about the Policy, you may contact us by writing to Privacy International, 62 Britton Street, London, EC1M 5UY, United Kingdom, or email@example.com.
Changes to the Policy
In the event that the Policy is changed at any time, the date and nature of the change will be clearly indicated in this document. In the event that the change has a material impact on the handling of your personal information, we will contact you to you to inform you of the changes and where appropriate seek your consent.
Updated in May 2018 to take into account the EU General Data Protection Regulation taking effect on 25 May 2018. We have also stopped using Piwik analytics until we can ensure it is implemented in a compliant manner.
Updated in November 2017 as part of a review of our personal data handling practices and our new website as well as changes to providers. Also updated to take account of the new General Data Protection Regulation which will come into effect throughout the EU on 25 May 2018.
Updated in December 2014 as part of a review of our personal data handling practices, and our new website, and changes to providers.
Updated in June & July 2012 to take account of the "Cookies law", and explain that we now honor DoNotTrack through our Piwik analytics suite. We also added a cookies section to the Policy. We also updated the email provider to remove references to our previous provider, and note that our mail is hosted by GreenNet. We also made updates due to our status as a charity.
Updated in May 2012 to notify of analytics (Piwik) now run by Privacy International not a trusted partner.
Updated in June 2011 to notify of our transition to using analytics.
In May 2011 we began using analytics on our website to monitor when, where and how people access information so that we can redesign the site to better suit our users' needs. We selected to use our own Piwik implementation because it included some privacy elements in the design process. While we disagree with the use of the term 'anonymity', we have implemented AnonymizeIP, which removes the last octet of the IP addresses. We are looking into the use of iframes for the purpose of enabling an opt-out but we are concerned with the abuse of iframes.
Updated in February 2011 to notify users of our transition to new internet services. In particular, we have moved to a Drupal-based website that uses session cookies. The current configuration involves session cookies that last one month, but we are trying to find ways to reduce that period of time.
Updated in November 2009 to include information on our use of Social Media.
Updated in July 2009 to change our mailing address.
Updated in April 2007 to fix syntax errors and add information regarding Neomailbox's privacy practices for our communications data.
Updated in March 2007 to include language regarding the processing of data by PayPal.