The Jewish Chronicle

Privacy Policy

May 23, 2018 11:56
19 min read

PRIVACY POLICY

1. Introduction

The Jewish Chronicle Media Limited is a company incorporated in England with the company registration number 12562281, whose registered office is at

10 Fitzroy Square, London, W1T 5HP . Our registered VAT number is GB 347 3482 83.

We are committed to protecting your personal data. This privacy policy gives you detailed information on when and why we collect your personal data,

how we use it and how we keep it secure. Please read this policy carefully alongside our Terms and Conditions https://www.thejc.com/terms-and-

conditions and our Cookie Policy www.thejc.com/cookie-policy to understand our views and practices regarding your personal data and how we will treat

it.

More information can be provided on request. Definitions, and words in bold type, are defined in the Appendix at the end of this privacy policy.

2. Our responsibilities

For the purpose of the applicable Data Protection Legislation, we (The Jewish Chronicle) are the data controller of any personal data we process. As

a data controller, we are responsible for ensuring our systems, processes, suppliers and People comply with Data Protection Legislation in relation to

the personal data we handle.

We provide our Employees with training and require our Employees to comply with this privacy policy and our Cookie Policy when dealing with personal

data.

We take Personal Data Breaches very seriously, and are required to notify the Information Commissioner’s Office in the event of any such a breach.

When using, collecting and disclosing personal data, we follow the core data protection Principles underlying the Data Protection Legislation.

We have policies, procedures and records to demonstrate compliance with the Principles. Please contact us privacy@thejc.com for further information

on these policies, procedures and records.

3. How we collect, use and disclose your personal data

Generally, we collect your personal data when you interact with us (for example, when entering into a relationship with us as Customer, as an advertiser,

a third party service provider or one of our Employees). However, from time to time we also need to collect personal data from other third parties in

connection with our relationship with you. We also look at how our users access and use our Website, so we can offer the best possible experience. The

following tables, available by clicking the dropdowns, summarise how we collect, use and disclose your personal data and the legal basis for doing so:Types of personal data Collection Purpose Disclosure Retention Period

Information such as:

• technical information, including

the Internet protocol (IP) address

used to connect your computer to

the Internet, your login

information, browser type and

version, time zone setting,

browser plug-in types and

versions, operating system and

platform, type of device used to

access our Website and the

location of where you access our

Website via a mobile device;

• information about your visit,

including the full Uniform

Resource Locators (URL)

clickstream to, through and from

our Website (including date and

time), products you viewed or

searched for, page response

times, download errors, length of

visits to certain pages, page

interaction information (such as

scrolling, clicks, and mouse-

overs), and methods used to

browse away from the page and

any phone number used to call

our customer service number;

and

• Information we receive from

other sources. We may receive

information about you if you

use any of the other websites

we operate or the other

services we provide. Any data

so collected may be shared

internally and combined with

Your personal data is

collected when you:

• use our Website (e.g.

browsing, searching);

• search for a product;

• undertake advertising

via our Website,

publications and other

promotional activities;

• participate in

discussion boards or

other social media

functions;

• enter a competition,

promotion or survey;

• provide us with

personal information to

enable us to contact

you and let us know of

your marketing

preferences;

• contact us via email,

phone or any other

method; and

• contact us using our

online forms.

Your personal information is

used to:

• tailor and enhance your

user experience;

• conduct analysis on the

use of the App;

• improve the functionality

of our Website;

• ensure our Website

caters to our users’

preferences; and

• where you have given us

your clear, unambiguous

consent to do so, your

personal data may be

used to contact you about

and provide you with:

o communications

and/or marketing

material for which you

have specifically

subscribed; and/or

to contact you about, and

provide you with, the

communications we think

are relevant to you.

We shall only transfer personal

data to third parties which is

limited to the relevant purpose

and is adequately protected.

Your personal data may

be transferred to our third

party service providers

who support the operation

of our business. This

includes:

• business partners,

suppliers and sub-

contractors;

• advertisers and

advertising networks

and;

• analytics and search

engine providers.

Where you have given us

your clear, unambiguous

consent to do so, we may

pass your personal data to

selected third parties to

provide you with

information about services

we feel may interest you.

We shall only transfer

personal data to third

parties which is limited to

the relevant purpose and is

adequately protected.

We will ensure we keep all

personal data up to date and

shall archive and then

permanently delete any

personal data which is not

necessary for the purpose.

Users of our Website and Appdata collected on this site. We

are also working closely with

third parties (including, for

example, business partners,

sub-contractors in technical,

payment and delivery services,

advertising networks, analytics

providers, search information

providers, credit reference

agencies) and may receive

information about you from

them. This includes our

business partners on any

Reader Offers advertised in the

Jewish Chronicle or online

atwww.thejc.com and;

• your name and email

address/other contact details

when using the Website; and

• your name and email address

when using the App.Subscribers to Jewish Chronicle Newsletters

Types of personal data Collection Purpose Disclosure Retention Period

Information such as:

• your name;

• email address/other contact

details;

• your phone number;

• your country of residence;

• your age; and

• payment details.

Your personal data is

collected when you:

• use our Website (e.g.

browsing, searching);

• correspond with us by

phone, e-mail our

otherwise;

• register to use our site;

• subscribe to our

service;

• provide us with

personal information to

enable us to contact

you and let us know of

your marketing

preferences; and

• contact us via email,

phone or any other

method;

• contact us via text

message or similar

messaging services

and;

• contact us using our

online forms.

Your personal information is

used to:

• carry out our contractual

obligations

• tailor and enhance your

user experience;

• contact you about, and

provide you with, the

communications we think

are relevant to your

interests and preference;

and

• contact you and provide

you with information about

our services.

Your personal data may

be transferred to our third

party service providers

who support the operation

of our business.

Where you have given us

your clear, unambiguous

consent to do so, we may

pass your personal data to

selected third parties to

provide you with

information about services

we feel may interest you.

We shall only transfer

personal data to third

parties which is limited to

the relevant purpose and is

adequately protected.

We will ensure we keep all

personal data up to date and

shall archive and then

permanently delete any

personal data which is not

necessary for the purpose.Jewish Chronicle Customers

Types of personal data Collection Purpose Disclosure Retention Period

Information such as:

• your name;

• your postal and email

address;

• your phone number(s); and

• photographs of your house,

letter box or front door.

Your personal data will be

collected from various sources

including:

• use our Website (e.g.

browsing, searching);

• correspond with us by

phone, e-mail or otherwise;

• register to use our site;

• subscribe to our service;

• make an order for one of

our products;

• provide us with personal

information to enable us to

contact you and let us

know of your marketing

preferences; and

• contact us via email,

phone or any other

method; and

• contact us using our

online forms.

Your personal data will be

used for the following

purposes:

• delivering and improving

the services we provide to

you;

• delivering any products to

your place of residence;

• internal administration

management purposes;

• fulfilling our contractual

obligations;

• fulfilling our legal

obligations; and

• where you have given us

your clear, unambiguous

consent to do so, your

personal data may be used

to contact you about and

provide you with:

o communications

and/or marketing

material for which you

have specifically

subscribed; and/or

o to contact you about,

and provide you with,

the communications

we think are relevant

to your interests and

preferences.

Your personal data may be

transferred to:

• our third party service

providers who support

the operation of our

business;

• other parties involved in

the transaction, for the

purposes of fulfilling our

contractual obligations;

• where you have given

us your clear,

unambiguous consent

to do so, we may pass

your personal data to

selected third parties

to provide you with

information about

services we feel may

interest you.

We shall only transfer

personal data to third

parties which is limited to

the relevant purpose and is

adequately protected.

We will ensure we keep all

personal data up to date and

shall archive and then

permanently delete any

personal data which is not

necessary for the purpose.Service Providers

Types of personal data Collection Purpose Disclosure Retention Period

Information such as your:

• name and business

information;

• name and email

address of your

representatives;

• identification

documentation; and

• payment details.

Your personal data will be

collected from you directly.

Further information (e.g. to

verify your identity) may be

collected from third parties,

such as publicly available

sources.

Your personal data will be used

for relationship management and

file opening, administration, to

fulfil our contractual obligations

and as required by law (e.g. anti

money laundering).

Your personal data may be

disclosed to:

• our Customers;

for the purposes of fulfilling

our contractual obligations.

We shall only transfer

personal data to third

parties which is limited to

the relevant purpose and is

adequately protected.

We will ensure we keep all

personal data up to date and shall

archive and then permanently

delete any personal data which is

not necessary for the purpose.Subscribers to our promotional material

Types of personal data Collection Purpose Disclosure Retention Period

Information such as your:

• name;

• address;

• email address; and

• payment details.

Your personal data is

collected when you register

and ‘opt in’ to receive:

• marketing/promotional

material; and

• details of events.

You can contact us

privacy@thejc.com at any

time to amend your

preferences or opt out of

communications from us. You

will also be sent the option to

opt out of future

communications in every

communication you receive

from us.

Where you have given us your

clear, unambiguous consent to

do so, your personal data will be

used to:

• contact you about, and

provide you with, the

communications we think

are relevant to your interests

and preferences; and

• understand our subscribers’

preferences and interests so

we may improve our

services, communication

and marketing material.

Your personal data may be

transferred to our third

party service providers who

support the operation of our

business.

Where you have given us

your clear, unambiguous

consent to do so, we may

pass your personal data to

selected third parties to

provide you with information

about services we feel may

interest you.

We shall only transfer

personal data to third

parties which is limited to

the relevant purpose and is

adequately protected.

We will ensure we keep all

personal data up to date and shall

archive and then permanently

delete any personal data which is

not necessary for the purpose.Our Employees and people making an application to become one of our Employees

Types of data Collection Purpose Disclosure Retention Period

Personal data such as

• your name, address,

contact details,

education and

employment history;

• background checks

(financial and criminal);

• identification

documentation;

• right to work status;

• information relating to

next of kin/ dependants;

and

• financial information

including bank details

and identifiers (e.g.

National Insurance

numbers).

We may also process

sensitive personal data

such as

• health details

• racial origin

• religious beliefs;

and

• information about

offences/ alleged

offences.

Your personal data will

be collected from various

sources including:

• your application

form/CV;

• recruitment agencies

and websites;

• providers of

background checks;

• notes and records

kept for the duration of

your employment

(including absences,

appraisals,

disciplinary action);

• providers of

occupation health

services; and

• CCTV and security

access devices.

Your personal data will be used

for the following purposes:

• human resources

administration;

• assessing

suitability/eligibility and/or

fitness to work;

• security; and

• training.

Photographs and images of you,

your name, and information

about your education and

employment may be used in our

marketing and promotional

material including our Website.

Your personal data may be

transferred to

• our third party service

providers who support the

operation of our business;

• our Customers; and

for the purposes of fulfilling our

contractual obligations.

We shall only transfer personal

data to a third party which has

been limited to the relevant

purpose.

We will ensure we keep all

personal data up to date and shall

archive and then permanently

delete any personal data which is

not necessary for the purpose.Users of our advertising space

Types of personal data Collection Purpose Disclosure Retention Period

Information such as your:

• name and business

information;

• name and email

address of your

representatives;

• images used to identify

you; and

• identification

documentation.

Your personal data will be

collected from you directly.

Further information (e.g. to

verify your identity) may be

collected from third parties,

such as publicly available

sources.

Your personal data will be used

for, to fulfil our contractual

obligations and as required by

law (e.g. anti money laundering).

Your personal data may be

disclosed to:

• our Employees;

for the purposes of fulfilling

our contractual obligations.

We shall only transfer

personal data to third

parties which is limited to

the relevant purpose and is

adequately protected.

We will ensure we keep all

personal data up to date and shall

archive and then permanently

delete any personal data which is

not necessary for the purpose.4. Legitimate interest of the controller

To ensure that our processing of data is fair to you we have used Legitimate Interests Assessment (LIA) to evaluate our requirements against the impact

to you as a data subject. We maintain this assessment as part of this privacy notice to show fair, reasonable, proportionate, open, honest and transparent

processing of your data. The assessment is as follows:

Area Test Response

The legitimate interest(s) Who benefits from the processing? In what way? We both benefit, as analysis of how and where you

connect to our site means that we can improve it for you

and optimise this to most customers browsers,

platforms, languages and locations. We also use it to

safeguard both you and us by recording your connection

data should anything go wrong.

Are there any wider public benefits to the

processing?

Yes. In the detection and prevention of crime, we can

provide law enforcement with enhanced information to

help protect other websites and users on the wider

internet.

How important are those benefits? We have an obligation to report crime and help the

community at large prevent further crime or damage.

What would the impact be if you couldn’t go

ahead?

We would remove our website from the public facing

internet as we could not meet the requirement of

confidentiality, integrity and availability of this service to

our customers.

Would your use of the data be unethical or

unlawful in any way?

No. We will use the data in two ways:

1. Pseudonymised for website stats to improve the

website for users;

2. IP address and connection information for the

detection and prevention of crime that would be

shared with law enforcement if a data breach or

security incident with the website occurred.necessity test Does this processing help to further that interest? Yes. The analysis of how and where you connect to our

site means that we can improve it for you and optimise

this to most customers browsers, platforms, languages

and locations. We also use it to safeguard both you and

us by recording the data should anything go

wrong. This way we can investigate and provide any

relevant information to law enforcement.

Is it a reasonable way to go about it? Yes. These methods used by us are the same as for

most global websites.

Is there another less intrusive way to achieve the

same result?

No. We collect only the minimum level of information

necessary to both improve and protect the website.

Balancing test What is the nature of your relationship with the

individual?

There may or may not be a relationship with the

individual. This will be unknown at the time of

interaction and data collection.

Is any of the data particularly sensitive or private? No. The data that is collected is not overly sensitive

from a data privacy standpoint. As every computer and

device connected to the Internet is assigned an Internet

Protocol (IP) address – which is recorded in most places

you visit on the internet. The data from a security point

of view could be quite sensitive and therefore, will be

protected in line with Article 32 – technical and

organisational security measures.

Would people expect you to use their data in this

way?

Yes. We consider this would meet most individual’s

reasonable expectations.

Are you happy to explain it to them? Yes. This Legitimate Interest Assessment, documents

our interests and is published as part of our data privacy

notice.

Are some people likely to object or find it

intrusive?

People may object to this, and have the right to do

so. Individuals always have the right not to use ourwebsite and can seek our information from partners or

other sources on the internet that are not under our

direct control.

What is the possible impact on the individual? We will know their IP address, which could reveal their

approximate location to us. will also know specifics

about the web browser and system that they have used

to connect to us and their usage patterns on our

websites, pages visited, length of time on the site

etc. This data will be appropriately safeguarded to

ensure it cannot be misused, and will not be used for

any other purposes than stated.

How big an impact might it have on them? The impact will be low to the individual, unless they have

committed a crime, at which point their data would be

reported to law enforcement and other authorities like

the ICO as appropriate.

Are you processing children’s data? Yes. We will sometimes publish photographs of

Children in our publications. When processing any

child’s data we will obtain consent from the person with

parental responsibility for the child.

Are any of the individuals vulnerable in any other

way?

Not knowingly.

Can you adopt any safeguards to minimise the

impact?

All safeguards in line with the requirements of the GDPR

will be in place, and all data will be protected in line with

Article 32 – technical and organisational security

measures.

Can you offer an opt-out? Yes. You can contact us at any time on

privacy@thejc.com to request a change to your data

preferences.5. Transfer of Data between Jurisdictions

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"), namely Israel and/or

the United States of America. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe

engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting

your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely

and in accordance with this privacy policy.

[All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted [using SSL technology].] Where we have

given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password

confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we

cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will

use strict procedures and security features to try to prevent unauthorised access.

6. Your rights

Personal data must be processed in line with an individual’s rights, including the right to:

• request a copy of their personal data;

• request that their inaccurate personal data is corrected;

• request that we stop processing your personal data;

• request that their personal data is deleted and destroyed when causing damage or distress;

• to object to the processing to of your personal data and;

• opt out of receiving electronic communications from us.

Should you wish to make a request in line with your rights as an individual, please forward it to us using details provided in the contacts section

privacy@thejc.com at the end of this privacy policy. Our Employees must notify or inform our Data Protection Officer immediately if they receive such a

request.

The Data Protection Legislation gives you the continuing right to access information held about you. Your right of access can be exercised in accordance

with the Data Protection Legislation (as applicable).7. Security

Information security is a key element of data protection. We take appropriate measures to ensure our systems, processes, suppliers and People secure

personal data and protect it from loss or unauthorised disclosure or damage. Please contact us privacy@thejc.com if you require further information

regarding our policy and approach to information security.

8. Computer Security

Keep yourself safe from malware and viruses with adequate, up to date security on your computer. You can usually download free basic protection from

providers such as AVG and McAfee, but for more comprehensive cover, it's best to choose security software. Keep your software switched on and up to

date, and make sure that your operating system has the latest updates. It's a good idea to run regular scans on your computer.

When you're opening emails, be careful. Don't click on links to download files or open attachments you haven't asked for, or aren't expecting, as they may

contain viruses. Back up all your files so they're available if the worst happens and your computer is infected by a virus.

9. Cookies

Our Website uses cookies to distinguish you from other users of our Website. This helps us to provide you with a good experience when you browse our

Website and also allows us to improve our Website. For detailed information on the cookies we use and the purposes for which we use them see our

Cookie Policy www.thejc.com/cookie-policy.

10. Changes to our privacy policy

We keep our privacy notice under regular review. If we make changes to our Privacy Policy that affect how we handle your data, we will let you know by

email. Minor changes will not be notified. You can check our Privacy Policy at this page at any time. This privacy notice was last updated on 24 November

2021.

11. Contacts and complaints

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to privacy@thejc.com. You should direct all

complaints relating to how the firm has processed your personal data to our Data Protection Officer.

Our Employees must inform our Data Protection Officer immediately if they receive a complaint relating to how we have processed personal data so our

complaints procedure can be followed.

Date updated 24 November 2021.Appendix

App: a specialised program downloaded by a user through the “App store” or “Google play” on to a mobile device.

Children: a child is a person under the age of 13 years old.

Controller: a personal/organisation who determines the purpose for which, and the manner in which, any personal data is processed.

Customer: a current or prospective customer, being someone who purchases any products sold or services offered for sale via the Jewish Chronicle.

Data Protection Legislation: the Data Protection Act 1998 and any other applicable laws relating to the processing of personal data including the Privacy and

Electronic Communications (EC Directive) Regulations 2003 and all related regulations, regulatory codes of practice, opinions and guidance issued from time to

time, including by the Information Commissioner, and in each case any amending, superseding or replacement applicable law including (from and including 25

November 2021, where applicable) the General Data Protection Regulation 2016/679/EU.

Employees: all people providing services to or working for us, including but not limited to our employees, directors, members, and contractors.

Personal data: information (including opinions) which relates to an individual and from which he or she can be identified either directly or indirectly through other

data which we have or are likely to have in our possession. These individuals are sometimes referred to as data subjects.

Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal

data transmitted, stored or otherwise processed by an organisation electronically. A personal data breach may mean someone outside the organisation gets

unauthorised access to personal data, but a breach can occur if there is unauthorised access within the organisation or if an employee accidentally alters or

deletes personal data.

Principles: these core principles specify personal data should be: processed lawfully, fairly and in a transparent manner; collected for specified, explicit and

legitimate purposes; adequate, relevant and limited to what is necessary; accurate and, where necessary, kept up to date; kept for no longer than is necessary;

processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction

or damage, using appropriate technical or organisational measures. Additionally, organisations must adhere to the principle of accountability.

Process: the ‘processing’ of personal data captures a wide range of activities, and includes obtaining, recording and holding personal data and performing any

operation of the personal data (including erasure/destruction).

Processor: any person (other than an employee of the data controller) who processes the data on behalf of the data controller.

Purpose: the purposes identified in the “Purpose” column of the tables in section 3 of this privacy policy (How we collect, use and disclose your personal data),

as applicable.

Third party: a person, organisation or other body other than the data subject, controller or processor.

Website: the website currently located at the URL: https://www.thejc.com/ (including all pages linked within the site map).