AISH Website Privacy Statement

This Privacy Notice was updated in July 2021

In this policy, we describe how we use your personal data as a data controller and how you may exercise your rights as an individual. We only process personal data in accordance with the UK Data Protection Act 2018 and other applicable legislation.

AISH identifies itself as a Data Controller and is registered with the UK Information Commissioner's Office (ICO), registration number Z9987148.

Please ensure you read this Privacy Notice and any other similar notice we may provide to you from time to time when we collect or process personal data about you. This Privacy Notice contains important information on who we are, how and why we collect, store, use and share personal data, your rights in relation to your personal data and on how to contact us and supervisory authorities in the event you have a complaint.

All matters relating to the privacy and security of personal data throughout the organisation should involve our data privacy officer, who can be contacted via dataprotection@aish.org.uk

How We Collect Personal Data

We collect and receive your personal data using different methods, including the following:

When you access and use our Sites, we will collect certain technical information about your equipment, browsing actions and patterns. We collect this data by using cookie and other similar technologies. The use of cookies by AISH complies with the Privacy and Electronic Communications Regulation (PECR).

The PECR requires websites to obtain consent from visitors to store or retrieve any information on a computer or any other web connected device, like a smartphone or tablet.

A cookie is a text file that is used by many websites to identify your computer to their server. Cookies in themselves do not identify the individual user, just the computer used. This is done to make your experience of the AISH website smoother by remembering any preferences or settings from the previous visit. AISH also tracks the volume of traffic on its website by using cookies.

AISH will continue to check and monitor our data protection obligations to ensure they are up to date. AISH will develop and evolve their website, therefore this Policy will adapt to those changes. Please check this page occasionally to ensure that you are aware of any changes.

Personal data you provide to us

Where you voluntarily choose to give us your personal details, by using an electronic form, or enquiring about any of our services. In these circumstances, the personal information that you give us will be used to provide the information or service you have requested and stored on our secure database.

Since AISH is part of a group of charities administered by the Jewish Futures Trust (JFT), your details will also be accessible by the other charities affiliated to the JFT.

Statistical data

We automatically collect statistical data about usage patterns on our website. This information is not used to identify any individual. It is only collected to provide us with an understanding of the areas of interest on our site and kept only for as long as required for this purpose.

Our legal basis for processing

Where personal data is supplied to Aish via the website, the legal bases for processing are firstly your consent, and secondly we also have a legitimate interest in processing the data within the Jewish Futures Trust’s IT infrastructure. We have performed a Legitimate Interests Assessment (LIA) to ensure that this processing is fair and in line with the reasonable expectations of a data subject that engages with AISH.

Your Rights

You have the right to contact us to correct, amend, or to request that we erase your personal data at any time, where relevant. Where your information is required for statutory recordkeeping purposes, we reserve the right under UK Data Protection law not to comply with your request.

You may also request that we remove your details from our marketing lists or amend your communications preferences so that we do not bother you unnecessarily.

How Aish Uses Your Data

AISH uses various applications, including Cloud applications, to administer your personal data. We do not use these tools to perform profiling or any kind of automated decision-making about you or your organisation.

AISH makes sure to select Cloud-based service providers who provide suitable guarantees over the privacy and rights associated with your personal data. AISH uses 3rd-party providers that host data outside of the UK. All such providers are committed to keeping your data secure, and where appropriate, the providers align to the ISO 27001 standards of data governance.

All data is held on encrypted devices, protected with complex password protection, which where possible is multi-factor authenticated.

AISH will not give your data to any third parties unless required for the proper administration of your account and for the avoidance of doubt, will never give your personal details to third parties outside of the Jewish Futures Trust for marketing or other non-essential purposes.

Online Course Delivery Partner: Thinkific

We use the 3rd party platform Thinkific to carry out online training courses. Please note that in order to carry out this function properly, your data will be stored on Thinkific’s systems. Since Thinkific is based in Canada, this means your data will be processed outside of the UK where it concerns the online training elements of the services Aish provides.

We are satisfied that the processing of your data on the Thinkific platform is performed in compliance with equivalent applicable standards of security and privacy to those expected in the UK. You may find out more about how Thinkific approaches privacy here:

https://www.thinkific.com/privacy-policy
https://www.thinkific.com/dpa

Automated Decision Making

AISH uses a number of technology solutions to provide the means for effective and efficient administration of the Charity. In a similar manner to most modern organisations, these include such tools as common applications, databases, IT infrastructure and communications channels.

The Data Protection Act 2018 also makes references to the growing use of Artificial Intelligence (AI) and requires organisations that use AI to make this clear to their audience, especially when such AI use results in decisions being made about individuals that may have a legal or financial effect upon those individuals.

AISH uses AI tools to analyse and leverage the data we possess in order best to serve the purposes of the Charity, specifically where it concerns the analysis of our audience in order to seek support and donations.

Where AISH uses AI to make automated decisions, we wish to make it clear that these decisions have no legal or financial effect upon the data subjects concerned. If you wish to find out more about the way AISH uses AI tools to gain insight and make certain marketing campaign decisions using AI, please get in touch via the contact details provided in this Privacy Notice.

Marketing Communications

AISH keeps its supporters informed of relevant news and non-promotional information via a monthly email newsletter. AISH will ask you for your consent to use email for marketing or promotional purposes and will provide the means to opt out at any time.

In order to make sure we do not bother you with irrelevant emails, we also retain your communications preferences on a database that has tools for bulk emailing.

Since AISH’s supporters tend to maintain a long relationship with the Charity, your contact details will be kept on file indefinitely, or until you inform us that you wish us to erase your data or unsubscribe from AISH communications altogether.

We cannot absolutely guarantee the security of any information that you transmit to us via the internet and remind you that you do so at your own risk.

Hosting and managing events

From time to time, we may organise and host events. We may process your name and contact information (including email address, postal address, and telephone number) to communicate with you about such events where you have specifically requested information about such events or where we have another lawful basis for sending that information to you.

If you attend one of our events, we may use your personal data to record your attendance at the event and for related record-keeping purposes and, if relevant, we may collect and process any dietary requirements you may have.

Under UK Data Protection Law, you have the right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk or telephone: 0303 123 1113.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on individuals’ rights under the UK Data Protection Act and General Data Protection Regulation.

Changes to This Privacy Notice

This Privacy Notice was published on XXth July 2021.

We may make changes to this Privacy Notice from time to time, to ensure that you are always aware of how we use your personal data. We may also make changes to comply with changes in applicable law or any regulatory requirements.

We encourage you to review this Privacy Notice periodically to be informed of how we use your personal data.