How we use and protect your data

Latest revision: November 2017. Revision information is located at the bottom of this page.

Overview

Privacy International strongly believes that you have the right to control the use of your personal information, and that your privacy must be respected. We strictly limit the collection and processing of your personal data, and to the best of our abilities we will work only with other organisations who do the same. We will not use personal data that you provide to us in a manner inconsistent with the purposes for which you provided it to us, as set out below.

We do not sell, rent or lease personal data.

We will vigorously challenge any attempts by government agencies or private sector organisations to gain access to any information that you give us.

This Privacy Policy (the "Policy") outlines in detail our organisational and website data collection and processing practices in various sections:

The data controller for data collected and processed in accordance with the Policy is Privacy International. Privacy International is a registered charity (No. 1147471) with the Charities Commission of England and Wales, and a registered company (No. 04354366) with Companies House of England and Wales. Our address is Privacy International, 62 Britton Street, London, EC1M 5UY, United Kingdom.

Organisational Privacy Policy

What Personal Data Do We Collect and Process?

Privacy International collects and processes as little personal data as possible in order to achieve our mission, which is described on our About Us page.

We collect and process various types of personal data, for the purposes described below, including:

  • Name
  • Email address
  • Home address
  • Phone number
  • Biographical information
  • Nationality
  • Immigration status
  • Employment and employer details
  • Financial information (including donation history)
  • IP addresses (as described in our Website policy)
  • Pages accessed on any of Privacy International's websites (including its campaigns and donations websites, as described in our Website policy)
  • Cookie session data (as described further in our Cookie Policy)

We may also collect and process sensitive personal data. Sensitive personal data may include:

  • Racial or ethnic origin
  • Political opinions and interests
  • Trade union membership
  • Religious or philosophical beliefs
  • Sex life or sexual orientation
  • Information about the commission of any criminal offence and any related proceedings or sentences

We collect and process sensitive personal data in relation to our research and investigations, for example when conducting research into potential or current subjects and participants of our research and investigation projects. This data may be provided to us by the individuals themselves, from publicly available sources or from third parties.

We also collect and process this data in connection with our campaigns and fundraising websites, but we will only do so with respect to sensitive personal data you provide directly to us on those sites. For example, because of data you submit on these websites, we may collect and process data that in turn reveals sensitive personal data, e.g. indicating that you are interested in privacy in a specific country, have sent a letter to a specific company to complain about its privacy practices, have signed a petition to support one of our campaigns, or have donated to our appeal to support one of our cases.

You are not required, as a statutory requirement or as a necessity to enter into a contract, to provide us with personal data for processing as described in the Policy. However, if you do not provide us with personal data, we will not be able to provide you all of the features available through our campaigns and fundraising websites. More detail about how your personal data is used for the features on these sites is provided when you are inputting the data and is also explained here.

Why Do We Collect and Process Personal Data?

We collect and process personal data for the following necessary purposes:

  • To administer our websites;
  • To respond to any communications, queries or requests for information or services from you, howsoever received;
  • To receive and process financial donations;
  • For employee and human resources management purposes (as may be required by applicable laws);
  • For auditing purposes (as may be required by applicable laws);
  • For research, investigations and campaigns in connection with our mission and charitable objectives, which are described on our About Us page and on the Charity Commission website;
  • To comply with our legal or regulatory obligations; and
  • To establish, exercise or defend legal claims.

Privacy International's legal basis to process personal data includes processing that is:

  • Necessary for our legitimate interests (for example, to administer our websites, to manage our relationship with you, and to conduct campaigns in connection with our mission);
  • Necessary to comply with legal requirements (for example, to comply with applicable regulatory obligations and employment law and to make mandatory disclosures to law enforcement); and
  • Based on your consent (for example, to communicate with you), which may subsequently be withdrawn at any time by editing your preferences or contacting us as specified in the How to Contact Us section of this Policy without affecting the lawfulness of processing based on consent before its withdrawal.

How Do We Protect Personal Data?

Personal data shall be subject to additional safeguards to ensure this data is processed securely. For example, we work hard to ensure data is encrypted when in transit and storage, and access to this data will be strictly limited to a minimum number of individuals and subject to confidentiality commitments.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to any of our websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. When possible, encryption is used, both in transit and storage. Access controls within the organisation limit who may access information.

Who Do We Share Personal Data With?

We maintain direct control over as many processes as we can. As necessary in connection with the above purposes, your personal data may be transferred to the Board of Trustees or our authorised third-party service providers and partners. We conscientiously select and review authorised third parties when possible, and review their privacy and security policies. These authorised third parties may be engaged in, among other things, the processing of donations, technology support, outreach campaigns, or research projects carried out in connection with our mission. Limited members of Privacy International staff or the staff working for these third parties may also access and otherwise process your personal data in connection with their job responsibilities or contractual obligations.

Some of these personnel and authorised third parties may be located outside the United Kingdom ("UK") or European Economic Area ("EEA"). We take appropriate steps to ensure that data remains within jurisdictions with adequate protections for personal data and ensure that recipients of personal data from us are bound to duties of confidentiality, where relevant or appropriate. Where this is not possible, we rely on data minimisation, the selection of trusted companies with privacy policies and auditable processes which we have reviewed, and seek to ensure that there are adequate safeguards in place for protecting transferred data . We may also be required to disclose or otherwise process your personal data in the context of any regulatory audit to which we may be subject from time to time. By submitting your personal data, you agree to this transfer, storage and processing.

How Long Do We Keep Personal Data?

We ensure that personal data is retained only for as long as necessary in accordance with the above purposes and applicable laws. We may be required to retain your personal data for a number of years in order to satisfy legal or contractual obligations, or in order to establish, exercise or defend legal claims. When your personal data is no longer necessary for these purposes, the personal data will be securely deleted.

Communications

Emails received through the Contact Us section of the website or info@privacyinternational.org are reviewed by one staff member, sent onwards when necessary to other staff members, and deleted as quickly as possible. Similarly, emails sent to our other general addresses, e.g. supporters@privacyinternational.org, are reviewed and deleted as quickly as possible. We use our best efforts to prevent disclosure of the names of senders to others outside of Privacy International, i.e. third parties, without your permission, consistent with our legal obligations.

We use email service providers in the UK. As a result our emails are susceptible to lawful access in the UK, and possibly through unlawful means by the UK Government and by other governments and entities. We select our service providers on the basis of their privacy awareness, and work with most of our service providers to advise them on privacy protection. Our current service provider is GreenNet.

We administer a mailing service for notifications by email based on interest in topics that you have explicitly indicated to us. Outgoing messages are processed by our mail service and internet providers.

Information we receive by post is collected by one staff member, reviewed, and sent onwards when necessary to other staff members. These items are destroyed as soon as possible. We use our best efforts to prevent disclosure of the names of senders to third parties, consistent with our legal obligations and we endeavour to keep files secure. If the content of messages is shared with third parties, we de-identify the messages as much as possible.

Telephone calls received on our number are serviced by our phone and internet provider, Andrews & Arnold Ltd, using a SIP service, and are beyond our control. As a result, the traffic data for these calls may be retained in accordance with various laws and a voluntary code of practice for the retention of communications data.

Financial and Supporter Information

We collect and process data provided by prospective and current donors. This data may include contact details, biographical information, financial information, donation history, and employer details. We do not purchase such data, so we only collect data given to us by the individuals themselves. This information may be processed through CiviCRM software that we control but is hosted by our internet service provider.

We have Paypal, BitPay, Stripe and JustGiving accounts to administer on-line donations. Paypal allows you to close your customer account once you no longer require it. Your account information may stay active with PayPal for legal and audit purposes, in accordance with PayPal's privacy policy available here. BitPay, JustGiving and Stripe may have similar policies; please refer to their privacy policies respectively available here, here and here for more detail.

Our financial accounts are held with Barclays Bank. Any donations made to Privacy International in the form of a cheque will be processed by Barclays Bank in accordance with its privacy policy available here and under UK law. We retain information about all donations in accordance with financial auditing requirements.

We will ask donors wishing to make a donation under the Gift Aid scheme to complete an online or hardcopy Gift Aid declaration form. We are required to store an auditable record of those donors -- full name, home address and details of the donation -- in order to process the Gift Aid donation. To make a Gift Aid repayment claim, we are required to share that data with the UK Government -- HMRC's Gift Aid service, Charities Online. Please contact supporters@privacyinternational.org for further information on making a Gift Aid donation.

Website Privacy Policy

We design and administer our web services to limit the amount of data collected. We endeavour to protect users and their data when we process data collected.

We limit collection by: 

  1. Providing a Tor service of our website for users who wish to minimise the amount of personal data that is collected in logs, and
  2. Minimising the number of ways we track you. We honour do not track requests. We do not use third parties to track you on this site. We may point from our website to other internet services that use cookies and other forms of tracking. This is particularly the case with multi-media services, and with the links that we post on our Twitter and Facebook accounts. We do not track clicks on links on our website to Facebook, Twitter or Google+, including Likes.

It is helpful to Privacy International to know how our websites are used. This takes place in two ways, and each involves the use of analytics and data from user behaviour.

  1. We collect data on the usefulness of our sites' content. The purpose of this collection is to help us identify to ourselves and communicate to others, including our Board and our funders how useful our content may be. This collection commonly comes in the form of identifying how many downloads there have been of a specific report or blog, or how many views of a video (and deciding what percentage of a video download qualifies as a 'view'), and if available, the geographic distribution of the viewings.
  2. We collect data on how people use our sites. The purpose of this collection is to help design our work and our websites and future iterations of each. This collection commonly comes in the form of monitoring the journeys people take on our website - i.e. from where they enter, what areas and items they visit and download in the process of using the site, and from where they leave.

To undertake analysis of how our site is used, we use two processes.

  1. We administer our own website administration platform, using Drupal. Drupal will process some user activity, including IP address data and user-entered search queries. Our webserver also processes and logs HTTP requests, HTTP errors, PHP errors and TLS Handshakes (this list isn't exhaustive).
  2. We administer our own analytics platform, using Piwik. Piwik generates data by using JavaScript on users' browsers to track sessions. We set up Piwik in a way that only provides us with IP addresses that exclude the last two octets, so we are unlikely to be able to link specific activity back to a specific individual. If users block JavaScript then we do not collect data.

We keep the aggregate and inferred data indefinitely, and use this aggregate data to report internally, to our Board, and to our funders. For instance, we will report to our Board that an investigation report was downloaded X number of times and reached people in Y countries.

Our internet service providers may additionally process traffic data. GreenNet may use the logs and other information for their own business purposes, such as for troubleshooting and defining usage patterns, in accordance with their Code of Practice available here. We have reviewed their Code of Practice and advised them on best practices.

GreenNet has refused to take part in the UK Government's voluntary traffic data retention scheme. As a result, GreenNet's Code of Practice states that it keeps most information logged in relation to internet and internet support services for seven days and some for up to 1 month, after which this information is deleted. However, as a UK-based provider, GreenNet is susceptible to retention orders in the UK, which may require it to retain this information for longer periods of time. We do not access this information in its raw form, nor do we review specific user activity.

Our other network provider is Hetzner in Germany. It was selected because it is based within the European Economic Area. They are obliged to adhere to German federal data protection law.

Cookies Policy

We use cookies, small files which we put on your computer, to administer content for visitors to our site. We do not use cookies to track individuals and identify them personally. You can find out more about cookie management in the EFF's helpful guide.

Measuring website usage

We use the Piwik analytics tool, for the reasons described in the website section of our privacy policy. Our Piwik set-up uses javascript to track your usage of our site.

Name Purpose Duration
has_js Allows the website to determine whether your browser is JavaScript compatible; enables us to then run a script for analytics.

Browser session

Content Management System - www.privacyinternational.org

We use the Drupal content management system to manage the site and through that place a cookie to determine if a browser has JavaScript. This cookie is not a unique cookie and it is not used for tracking.

Name Purpose Duration
has_js Allows the website to determine whether your browser is JavaScript compatible; enables us to then run a script for analytics.

Browser session

Campaigns website - action.privacyinternational.org

On our campaigns website -- action.privacyinternational.org -- if someone decides to log-in and asks for their details to be remembered by their browser, we set a cookie for this purpose.

Name Purpose Duration
has_js Allows the website to determine whether your browser is JavaScript compatible; enables us to then run a script for analytics. Browser session
Sess* Used to restart your sign-up session in case the user gets interrupted and must restart. 23 days

Fundraising website - support.privacyinternational.org

On our fundraising website -- support.privacyinternational.org -- we set a session cookie in case the user gets interrupted and must restart the donation process.

Name Purpose Duration
has_js Allows the website to determine whether your browser is JavaScript compatible; enables us to then run a script for analytics. Browser session
Sess* Remembers you for the duration of your session, in case you are interrupted or so that you can press 'back'. 23 days

Third party cookies

We may also point from our websites to other internet services that do use cookies. Our payment processors, for example, will place cookies as well. This is also the case with multi-media services, and with the links that we post on our Twitter and Facebook accounts.

Social Media

We use social media and social networking services to advance our work. These applications require the use of third party service providers. Notably, we have a Facebook page, Twitter feed and a YouTube channel.

The Facebook page is administered by Facebook, in accordance with Facebook's Data Policy available here, and is accessible by Facebook users who have already consented to Facebook's Data Policy. The Group page is managed by Privacy International staff members. We do not export information on our followers from the Facebook platform.

The Twitter account we use is administered by Twitter, in accordance with Twitter's Privacy Policy available here.

We use direct messaging over social media on occasion, when individuals and organisations contact us on Facebook by leaving messages in our Inbox or by sending us Direct Messages on Twitter. We aim to delete these messages as soon as we have responded to the queries.

We will continue to push social media companies for stronger privacy protections for all their users.

Volunteers' and Applicants' Information

Occasionally we receive employment information from prospective employees. This information may include the individual's CV, a cover letter, biographical information, contact details, immigration status, photograph, and references. This information is shared with relevant staff internally until that individual becomes a candidate for employment. At that point we may share the application with our trustees. We securely delete your application once it is no longer necessary for the recruitment exercise.

We also collect and process prospective and current intern or volunteer data for recruitment and administration purposes. This data may include biographical information, contact details, immigration-related information, references, and payment details for reimbursement purposes. Again, we securely delete your application once it is no longer necessary for the recruitment exercise

We keep all accounting and administration information for auditing purposes, in accordance with standard practice and UK law.

Research and Investigations

We collect and process data in relation to our research and investigations, for example when conducting research into potential or current subjects and participants of our research and investigation projects. This data may be provided to us by the individuals themselves, from publicly available sources, or from third parties. This data may include biographical information; contact details; employment details; financial information; photographs; and information on racial or ethnic origin, political opinions and interests, trade union membership, religious or philosophical beliefs, sex life or sexual orientation and concerning the commission (or alleged commission) of any criminal offence, and any related proceedings and sentences. This data is used to carry out research and investigations in connection with our mission, which is described on our About Us page.

Your Data Subject Rights

You are entitled, in accordance with applicable law, to request access to, rectification of, or erasure of your personal data. You are also entitled, in accordance with applicable law, to request restriction of collection and/or processing of, or object to certain types of collection and/r processing of your personal data. You have the right to ask us not to collect and/or process your personal data for marketing purposes; we currently require your consent by opting-in, and you can change your preferences at any time. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You may also, in some circumstances, be entitled to data portability.

We will provide you with a response to your requests in accordance with U.K. data protection law. Requests can be submitted at any time by email to privacyofficer@privacyinternational.org, or by post to the physical address set out below. If our processing of your personal data is covered by EU law, you may also lodge a complaint with the corresponding data protection supervisory authority in your country of residence. You can find the relevant supervisory authority name and contact details here. In the UK the relevant supervisory authority is the UK Information Commissioner, more information is available here.

How to Contact Us

Please read the Policy carefully. To update your preferences, review or update your information, submit a request, raise any issues regarding the processing of your personal data or raise any questions, comments, or concerns about the Policy, you may contact us by writing to Privacy International, 62 Britton Street, London, EC1M 5UY, United Kingdom, or emailing privacyofficer@privacyinternational.org.

Changes to the Policy

In the event that the Policy is changed at any time, the date and nature of the change will be clearly indicated in this document. In the event that the change has a material impact on the handling of your personal information, we will contact you to you to inform you of the changes and where appropriate seek your consent.

Revisions

Updated in November 2017 as part of a review of our personal data handling practices and our new website as well as changes to providers. Also updated to take account of the new General Data Protection Regulation which will come into effect throughout the EU on 25 May 2018.

Updated in December 2014 as part of a review of our personal data handling practices, and our new website, and changes to providers.

Updated in June & July 2012 to take account of the "Cookies law", and explain that we now honor DoNotTrack through our Piwik analytics suite. We also added a cookies section to the Policy. We also updated the email provider to remove references to our previous provider, and note that our mail is hosted by GreenNet. We also made updates due to our status as a charity.

Updated in May 2012 to notify of analytics (Piwik) now run by Privacy International not a trusted partner.

Updated in June 2011 to notify of our transition to using analytics.

In May 2011 we began using analytics on our website to monitor when, where and how people access information so that we can redesign the site to better suit our users' needs. We selected to use our own Piwik implementation because it included some privacy elements in the design process. While we disagree with the use of the term 'anonymity', we have implemented AnonymizeIP, which removes the last octet of the IP addresses. We are looking into the use of iframes for the purpose of enabling an opt-out but we are concerned with the abuse of iframes.

Updated in February 2011 to notify users of our transition to new internet services. In particular, we have moved to a Drupal-based website that uses session cookies. The current configuration involves session cookies that last one month, but we are trying to find ways to reduce that period of time.

Updated in November 2009 to include information on our use of Social Media.

Updated in July 2009 to change our mailing address.

Updated in April 2007 to fix syntax errors and add information regarding Neomailbox's privacy practices for our communications data.

Updated in March 2007 to include language regarding the processing of data by PayPal.

Updated in February 2007 to raise awareness about impending changes in service providers: Neomailbox for mail services, Skype for telephone services, and Paypal for receiving donations. Also added link to the Cooperative Bank's privacy policy.