Christians United for Israel UK
This Privacy Notice explains what to expect when Christians United for Israel UK collects and uses your personal information. CUFI takes data protection very seriously and stores your personal data securely.
We always strive to be responsible and transparent with the information we hold. We never take for granted the information entrusted to us and we strive to use it effectively to achieve our aims in best serving our supporters.
Please remember that you can contact us at any time to find out what personal information we hold about you. You can change and withdraw at any point.
We are committed to respecting your privacy and ensuring the personal information you have entrusted to us is processed in accordance with the Data Protection Act 1998 (DPA), the Privacy and Electronic Communications Regulations 2003 (PECR) and the General Data Protection Regulation 2018 (GDPR). We will never pass on your details to another organisation who could contact you or add you to their mailing lists.
Please see the full privacy notice below for more information, or contact us if you have any further questions.
Why do we use personal information?
Holding and using personal information is very important for our work.
We use personal information for:
- Keeping in touch with our supporters
(In this policy “supporter” is any person that is engaged with us, or our work, requested updates/material by post or email, signed-up to receive our magazine, followed us on social media, participated in a campaign, signed a petition, etc.)
- Carrying our reasonable administration of our mailings, donations and other services
- Thanking donors
- Maintaining our own accounts
- Managing enquiries from supporters and others
- Improving our communications and activities
- Achieving our aims as an organisation
(For example, we achieve our aims by keeping supporters updated about our work, informing of new and existing campaigns, inviting supporters to act, raising funds, providing other information in support of our objectives that we believe are of interest and benefit.)
How do we collect personal information?
We may collect information in person, using paper forms, online forms, via email, completing a petition, or by other means.
Personal information is obtained from:
- Our supporters
- Our donors when they make a donation
- A person who requests more information about our organisation
- A person who subscribes to our magazine
- A person who contacts us for any other purpose
- A person that meets us (or one of our representatives)
- When an item is purchased from our online store
- When event tickets are booked
We may also obtain information from other legally public sources. For example,
- A church website or search engine, for example, to obtain contact details of a church we may wish to contact for legitimate interest.
- Obtain from public directories the telephone number of a supporter we need to contact if we have cause to contact.
- If we have an incomplete address that prevents us from fulfilling our communication.
- To ensure that a supporter’s contact details are up to date.
- To conduct proper due diligence to ensure there is no reputational or financial risk to accepting a particular donation.
We endeavour to keep personal information up to date. This includes monitoring returned mail to let us know if a person no longer lives at the address we hold for them.
What personal information do we collect?
Those who are on our postal and/or email list have provided their personal data using a subscribe form or at the point of participating in one of our campaigns.
The information includes:
- Name and title
- Address including Post Code, and/or
- Email address
In certain circumstances, other information may also be requested, including:
- A telephone number
- The name of their church
- And indication whether they are a church leader
We also collect the following information:
- Record of actions a supporter takes in case we need to refer to it in future.
(For example, if you make contact with us, complete an online form or participate in a campaign)
- Record of our activities in relation to a supporter
(For example, if we send you a letter or make contact with you)
- Amount and frequency (if giving regularly) of donations
- Standing order information
- Partial card details if donating online
NOTE: We never hold complete card information to process a transaction.
- Some of our online forms also collect IP addresses and operating systems
Sharing personal information
We have never and will never share the personal information we hold with another organisation for their own purposes and we have never and will never sell personal information for any reason whatsoever.
- There may be occasions where it is necessary to share personal information if required by law or to respond to any legal or regulatory action.
- There may be circumstances where our legitimate interests involve us sharing limited supporter information if working with partners on shared initiatives, such as a jointly-run event, however this is only in an exception and will be stated explicitly at time of booking. Attendance lists may also need to be shared with a host organisation or security overseeing such events.
There are also a few situations where our legitimate interests involve us sharing some supporter information with service providers who are contracted to fulfil specific services for us. However, we remain in control of the information and the company is not allowed to do anything with the information other than what we have requested. For example,
- We use the email service MailChimp to deliver to our supporters the emails they have signed up to receive. The service also enables us to gather statistics around email opening and clicks using industry standard technologies.
- We use 123Contact for some online forms.
- We use Blackbaud as our CRM (database) to hold supporter information and as a process gateway to process online donations.
- We use PayPal as an alternative method for online donations.
- Our printing and despatching is undertaken internally, so we never share our mailing address for these purposes, however physical mail is collected for delivery to our supporters by postal services such as Royal Mail.
- Where CUFI runs a petition, either online or in paper form, we will always make it clear to whom the petition will be presented (i.e, the UK Foreign Office).
- By signing the petition you are giving your consent to it being presented, but we will remind you that you are giving consent at the point of signing.
- We will only ever disclose limited personal information to the recipient (i.e, your name and area of residence) so that the signature is valid but doesn’t disclose more information than necessary.
- In some circumstances, CUFI may use a third-party website for running a petition. We never give these websites your information, but we encourage you to check their own privacy notice. This will include how information you provide them handled and whether it is shared with us.
We hold and use most personal information on the basis that it is in our ‘legitimate interests’ to do so.
- For example, if you have expressed interest in our work and we have your postal address, we may send supporters information about our work by post (unless you ask us not to do so), or if you contact us asking a question, we will respond to your enquiry.
- To assess whether we can hold and use information on the basis of ‘legitimate interests’, we look at what we want to achieve, examine whether we need to use your information to do that, and consider whether you would reasonably expect us to act in this way and what impact doing so will have on your privacy.
We only send emails to those that want to receive them. A person can change their mind at any time and withdraw their consent. Every email has a link to help the recipient unsubscribe if they wish to stop receiving emails.
If a supporter unsubscribes from our email list using the “unsubscribe” button on one of our emails then MailChimp will remove that email from our mailing list immediately. If the request is made in writing or verbally, the email will be removed from our mailing list within 30 days.
Relying upon legitimate interest, a list of unsubscribed email addresses may be kept to ensure that we do not send emails to those who no longer wish to receive them.
The above does not apply to emails from CUFI to our supporters that are purely for administrative or operational purposes. For example, if a supporter makes a donation to CUFI-UK, we may send a receipt email to you, if it is appropriate to do so, even if you have previously requested to be removed from our email mailing list.
We request telephone numbers for online donations in case we need to contact supporters about a transaction.We also rely upon our legitimate interests to telephone our supporters if necessary. We never telephone supporters asking for donations.
- Postal mail
We only send postal mailings to those that want to receive our mailings from us. A person can change their mind at any time and withdraw their consent.
Please note that you may still receive some printed material if the next mailing is already being processed at the time your request is received. Removals are done within 30 days.
Relying upon legitimate interest, a list of unsubscribed mailing addresses may be kept to ensure that we do not send to that address in future and to record the history of consent withdrawal. There may also be need to retain certain information if donations have been made.
The above does not apply to letters from CUFI to our supporters that are purely for administrative or operational purposes. For example, if a supporter makes a donation to CUFI-UK, we may send a thank you / receipt if it is appropriate to do so, even if the supporter has previously requested to be removed from our postal mailing list.
CUFI is fully committed to respecting your choice to receive communication. You can update your permission and contact preferences at any time by contacting us at the address and phone number in the Contact section.
Fundraising is essential for CUFI to achieve our aims and make a difference through our work. We endeavour to be transparent, open, efficient and ethical in the way we raise funds and in the manner in which we contact supporters.
We raise funds from:
- Appeals through our own literature, which is sent to people on our mailing list and distributed at church meetings;
- Appeals via emails sent to people on our email list;
- Appeals on our website and on social media.
- Cold call people or our supporters asking for money;
- Have street collections;
- Use external fundraising organisations;
- Conduct research to gain better understanding of our supporters; or
- Use third-party research organisations which provides general publicly available information about our supporters.
Your access rights
A person has certain rights under existing data protection law including the right to request in writing a copy of the personal information we hold about them. From 25 May 2018 a person will have the following rights unless an exemption applies:
Right to access
- The right to access the personal information that we hold about them.
Right to correct
- The right to obtain from us, without undue delay, the rectification of inaccurate or incomplete personal information we hold concerning them.
Right to erase
- The right to ask us to erase their personal information without undue delay.
Right to restriction of processing
- In certain circumstances, the right to restrict us from processing their personal information.
Right to object
The right to object to our use of their personal information including where we use it on the basis of our legitimate interests. We shall no longer process a person’s personal information unless we can demonstrate compelling legitimate grounds for the processing.
Keeping personal information safe and secure
- We keep personal information secure with appropriate measures in place to attempt to protect against the loss, misuse, and alteration of personal information.
- We use secure server software to encrypt financial and personal information we collect online. Our online donation processing using Blackbaud is SSL certified (the security technology for establishing an encrypted link between a web server and a browser).
- We regularly review our security arrangements. When we make changes to our systems or processes, we consider the security implications.
- Where we share personal information with other organisations (for example, where we use third-party organisations to help us provide services), we ensure that steps are in place to protect against unauthorised access or disclosure.
- Whilst we take information security very seriously, it is important to understand that the security of any internet connection or connected storage can never be completely guaranteed.
- If you are concerned about submitting your personal information in a particular way (e.g. making a donation online), there is often another way to achieve the same end if you would prefer to use that (e.g. you can telephone our office to make a donation, or send a cheque).
Accuracy of personal information
We aim to keep our information about our supporters and those who contact us accurate as possible. If a person wishes to access, review or change the information supplied to us, they can contact us as set out below.
How long do we keep personal information?
- How long we keep your personal information depends on what the information is, and what we use it for.
- We hope to build long-term relationships with those who benefit from, contribute to or receive information about our work, and be in regular contact.
- We will keep personal information whilst we still having an active relationship with you. If the relationship becomes inactive, we may keep your personal information for a limited period in case you re-establish the relationship with us.
- There is some information that we are required to keep for a certain period of time. For example, even if you end your relationship with us, we need to keep details of donations that you have made for a certain period after the gift was made.
- There is also some information that we believe is in our legitimate interests to hold even if we don’t have an active relationship with you.
- You have various rights, including the right to ask us to delete your personal information, or to stop contacting you in certain ways (see section below), although there are some circumstances in which these rights do not apply.
Cookies are small text files that are downloaded to a user’s device when they visit a website.
- Some cookies are retained in a user’s browser for only as long as they visit our website, while others may persist for a longer specified or unspecified period.
- These third parties may include, but are not limited to, Google Analytics (used to collect information about how visitors interact with our website), Facebook (we enable visitors to follow Facebook from our site), YouTube (we embed videos onto our site) and Twitter (we enable visitors to follow our Twitter Feed from our website).
- To make enquiries in relation to this privacy notice, exercise any of the above rights, or to make a complaint about our use of your personal information, please contact us at [email protected] or write to CUFI, PO Box, 3837, Swindon, SN3 9DS.
- If you are not satisfied with the way we deal with your complaint, you have the right to refer it to the Information Commissioner’s Office. You are also entitled to make a complaint to the Information Commissioner’s Office without first referring it to us.
Changes to this policy
We will review this privacy notice regularly and may update it at any time. We recommend you to check this privacy notice from time to time. If there are any significant changes in the way we process your personal information, we will ensure it is prominently displayed on our website and/or send you a notification.
This notice was last updated on 23 May 2018.