PRIVACY POLICY
1. Introduction
The Jewish Chronicle Media Limited is a company incorporated in England with the company registration number 12562281, whose registered office is at
10 Fitzroy Square, London, W1T 5HP . Our registered VAT number is GB 347 3482 83.
We are committed to protecting your personal data. This privacy policy gives you detailed information on when and why we collect your personal data,
how we use it and how we keep it secure. Please read this policy carefully alongside our Terms and Conditions https://www.thejc.com/terms-and-
conditions and our Cookie Policy www.thejc.com/cookie-policy to understand our views and practices regarding your personal data and how we will treat
it.
More information can be provided on request. Definitions, and words in bold type, are defined in the Appendix at the end of this privacy policy.
2. Our responsibilities
For the purpose of the applicable Data Protection Legislation, we (The Jewish Chronicle) are the data controller of any personal data we process. As
a data controller, we are responsible for ensuring our systems, processes, suppliers and People comply with Data Protection Legislation in relation to
the personal data we handle.
We provide our Employees with training and require our Employees to comply with this privacy policy and our Cookie Policy when dealing with personal
data.
We take Personal Data Breaches very seriously, and are required to notify the Information Commissioner’s Office in the event of any such a breach.
When using, collecting and disclosing personal data, we follow the core data protection Principles underlying the Data Protection Legislation.
We have policies, procedures and records to demonstrate compliance with the Principles. Please contact us privacy@thejc.com for further information
on these policies, procedures and records.
3. How we collect, use and disclose your personal data
Generally, we collect your personal data when you interact with us (for example, when entering into a relationship with us as Customer, as an advertiser,
a third party service provider or one of our Employees). However, from time to time we also need to collect personal data from other third parties in
connection with our relationship with you. We also look at how our users access and use our Website, so we can offer the best possible experience. The
following tables, available by clicking the dropdowns, summarise how we collect, use and disclose your personal data and the legal basis for doing so:Types of personal data Collection Purpose Disclosure Retention Period
Information such as:
• technical information, including
the Internet protocol (IP) address
used to connect your computer to
the Internet, your login
information, browser type and
version, time zone setting,
browser plug-in types and
versions, operating system and
platform, type of device used to
access our Website and the
location of where you access our
Website via a mobile device;
• information about your visit,
including the full Uniform
Resource Locators (URL)
clickstream to, through and from
our Website (including date and
time), products you viewed or
searched for, page response
times, download errors, length of
visits to certain pages, page
interaction information (such as
scrolling, clicks, and mouse-
overs), and methods used to
browse away from the page and
any phone number used to call
our customer service number;
and
• Information we receive from
other sources. We may receive
information about you if you
use any of the other websites
we operate or the other
services we provide. Any data
so collected may be shared
internally and combined with
Your personal data is
collected when you:
• use our Website (e.g.
browsing, searching);
• search for a product;
• undertake advertising
via our Website,
publications and other
promotional activities;
• participate in
discussion boards or
other social media
functions;
• enter a competition,
promotion or survey;
• provide us with
personal information to
enable us to contact
you and let us know of
your marketing
preferences;
• contact us via email,
phone or any other
method; and
• contact us using our
online forms.
Your personal information is
used to:
• tailor and enhance your
user experience;
• conduct analysis on the
use of the App;
• improve the functionality
of our Website;
• ensure our Website
caters to our users’
preferences; and
• where you have given us
your clear, unambiguous
consent to do so, your
personal data may be
used to contact you about
and provide you with:
o communications
and/or marketing
material for which you
have specifically
subscribed; and/or
to contact you about, and
provide you with, the
communications we think
are relevant to you.
We shall only transfer personal
data to third parties which is
limited to the relevant purpose
and is adequately protected.
Your personal data may
be transferred to our third
party service providers
who support the operation
of our business. This
includes:
• business partners,
suppliers and sub-
contractors;
• advertisers and
advertising networks
and;
• analytics and search
engine providers.
Where you have given us
your clear, unambiguous
consent to do so, we may
pass your personal data to
selected third parties to
provide you with
information about services
we feel may interest you.
We shall only transfer
personal data to third
parties which is limited to
the relevant purpose and is
adequately protected.
We will ensure we keep all
personal data up to date and
shall archive and then
permanently delete any
personal data which is not
necessary for the purpose.
Users of our Website and Appdata collected on this site. We
are also working closely with
third parties (including, for
example, business partners,
sub-contractors in technical,
payment and delivery services,
advertising networks, analytics
providers, search information
providers, credit reference
agencies) and may receive
information about you from
them. This includes our
business partners on any
Reader Offers advertised in the
Jewish Chronicle or online
atwww.thejc.com and;
• your name and email
address/other contact details
when using the Website; and
• your name and email address
when using the App.Subscribers to Jewish Chronicle Newsletters
Types of personal data Collection Purpose Disclosure Retention Period
Information such as:
• your name;
• email address/other contact
details;
• your phone number;
• your country of residence;
• your age; and
• payment details.
Your personal data is
collected when you:
• use our Website (e.g.
browsing, searching);
• correspond with us by
phone, e-mail our
otherwise;
• register to use our site;
• subscribe to our
service;
• provide us with
personal information to
enable us to contact
you and let us know of
your marketing
preferences; and
• contact us via email,
phone or any other
method;
• contact us via text
message or similar
messaging services
and;
• contact us using our
online forms.
Your personal information is
used to:
• carry out our contractual
obligations
• tailor and enhance your
user experience;
• contact you about, and
provide you with, the
communications we think
are relevant to your
interests and preference;
and
• contact you and provide
you with information about
our services.
Your personal data may
be transferred to our third
party service providers
who support the operation
of our business.
Where you have given us
your clear, unambiguous
consent to do so, we may
pass your personal data to
selected third parties to
provide you with
information about services
we feel may interest you.
We shall only transfer
personal data to third
parties which is limited to
the relevant purpose and is
adequately protected.
We will ensure we keep all
personal data up to date and
shall archive and then
permanently delete any
personal data which is not
necessary for the purpose.Jewish Chronicle Customers
Types of personal data Collection Purpose Disclosure Retention Period
Information such as:
• your name;
• your postal and email
address;
• your phone number(s); and
• photographs of your house,
letter box or front door.
Your personal data will be
collected from various sources
including:
• use our Website (e.g.
browsing, searching);
• correspond with us by
phone, e-mail or otherwise;
• register to use our site;
• subscribe to our service;
• make an order for one of
our products;
• provide us with personal
information to enable us to
contact you and let us
know of your marketing
preferences; and
• contact us via email,
phone or any other
method; and
• contact us using our
online forms.
Your personal data will be
used for the following
purposes:
• delivering and improving
the services we provide to
you;
• delivering any products to
your place of residence;
• internal administration
management purposes;
• fulfilling our contractual
obligations;
• fulfilling our legal
obligations; and
• where you have given us
your clear, unambiguous
consent to do so, your
personal data may be used
to contact you about and
provide you with:
o communications
and/or marketing
material for which you
have specifically
subscribed; and/or
o to contact you about,
and provide you with,
the communications
we think are relevant
to your interests and
preferences.
Your personal data may be
transferred to:
• our third party service
providers who support
the operation of our
business;
• other parties involved in
the transaction, for the
purposes of fulfilling our
contractual obligations;
• where you have given
us your clear,
unambiguous consent
to do so, we may pass
your personal data to
selected third parties
to provide you with
information about
services we feel may
interest you.
We shall only transfer
personal data to third
parties which is limited to
the relevant purpose and is
adequately protected.
We will ensure we keep all
personal data up to date and
shall archive and then
permanently delete any
personal data which is not
necessary for the purpose.Service Providers
Types of personal data Collection Purpose Disclosure Retention Period
Information such as your:
• name and business
information;
• name and email
address of your
representatives;
• identification
documentation; and
• payment details.
Your personal data will be
collected from you directly.
Further information (e.g. to
verify your identity) may be
collected from third parties,
such as publicly available
sources.
Your personal data will be used
for relationship management and
file opening, administration, to
fulfil our contractual obligations
and as required by law (e.g. anti
money laundering).
Your personal data may be
disclosed to:
• our Customers;
for the purposes of fulfilling
our contractual obligations.
We shall only transfer
personal data to third
parties which is limited to
the relevant purpose and is
adequately protected.
We will ensure we keep all
personal data up to date and shall
archive and then permanently
delete any personal data which is
not necessary for the purpose.Subscribers to our promotional material
Types of personal data Collection Purpose Disclosure Retention Period
Information such as your:
• name;
• address;
• email address; and
• payment details.
Your personal data is
collected when you register
and ‘opt in’ to receive:
• marketing/promotional
material; and
• details of events.
You can contact us
privacy@thejc.com at any
time to amend your
preferences or opt out of
communications from us. You
will also be sent the option to
opt out of future
communications in every
communication you receive
from us.
Where you have given us your
clear, unambiguous consent to
do so, your personal data will be
used to:
• contact you about, and
provide you with, the
communications we think
are relevant to your interests
and preferences; and
• understand our subscribers’
preferences and interests so
we may improve our
services, communication
and marketing material.
Your personal data may be
transferred to our third
party service providers who
support the operation of our
business.
Where you have given us
your clear, unambiguous
consent to do so, we may
pass your personal data to
selected third parties to
provide you with information
about services we feel may
interest you.
We shall only transfer
personal data to third
parties which is limited to
the relevant purpose and is
adequately protected.
We will ensure we keep all
personal data up to date and shall
archive and then permanently
delete any personal data which is
not necessary for the purpose.Our Employees and people making an application to become one of our Employees
Types of data Collection Purpose Disclosure Retention Period
Personal data such as
• your name, address,
contact details,
education and
employment history;
• background checks
(financial and criminal);
• identification
documentation;
• right to work status;
• information relating to
next of kin/ dependants;
and
• financial information
including bank details
and identifiers (e.g.
National Insurance
numbers).
We may also process
sensitive personal data
such as
• health details
• racial origin
• religious beliefs;
and
• information about
offences/ alleged
offences.
Your personal data will
be collected from various
sources including:
• your application
form/CV;
• recruitment agencies
and websites;
• providers of
background checks;
• notes and records
kept for the duration of
your employment
(including absences,
appraisals,
disciplinary action);
• providers of
occupation health
services; and
• CCTV and security
access devices.
Your personal data will be used
for the following purposes:
• human resources
administration;
• assessing
suitability/eligibility and/or
fitness to work;
• security; and
• training.
Photographs and images of you,
your name, and information
about your education and
employment may be used in our
marketing and promotional
material including our Website.
Your personal data may be
transferred to
• our third party service
providers who support the
operation of our business;
• our Customers; and
for the purposes of fulfilling our
contractual obligations.
We shall only transfer personal
data to a third party which has
been limited to the relevant
purpose.
We will ensure we keep all
personal data up to date and shall
archive and then permanently
delete any personal data which is
not necessary for the purpose.Users of our advertising space
Types of personal data Collection Purpose Disclosure Retention Period
Information such as your:
• name and business
information;
• name and email
address of your
representatives;
• images used to identify
you; and
• identification
documentation.
Your personal data will be
collected from you directly.
Further information (e.g. to
verify your identity) may be
collected from third parties,
such as publicly available
sources.
Your personal data will be used
for, to fulfil our contractual
obligations and as required by
law (e.g. anti money laundering).
Your personal data may be
disclosed to:
• our Employees;
for the purposes of fulfilling
our contractual obligations.
We shall only transfer
personal data to third
parties which is limited to
the relevant purpose and is
adequately protected.
We will ensure we keep all
personal data up to date and shall
archive and then permanently
delete any personal data which is
not necessary for the purpose.4. Legitimate interest of the controller
To ensure that our processing of data is fair to you we have used Legitimate Interests Assessment (LIA) to evaluate our requirements against the impact
to you as a data subject. We maintain this assessment as part of this privacy notice to show fair, reasonable, proportionate, open, honest and transparent
processing of your data. The assessment is as follows:
Area Test Response
The legitimate interest(s) Who benefits from the processing? In what way? We both benefit, as analysis of how and where you
connect to our site means that we can improve it for you
and optimise this to most customers browsers,
platforms, languages and locations. We also use it to
safeguard both you and us by recording your connection
data should anything go wrong.
Are there any wider public benefits to the
processing?
Yes. In the detection and prevention of crime, we can
provide law enforcement with enhanced information to
help protect other websites and users on the wider
internet.
How important are those benefits? We have an obligation to report crime and help the
community at large prevent further crime or damage.
What would the impact be if you couldn’t go
ahead?
We would remove our website from the public facing
internet as we could not meet the requirement of
confidentiality, integrity and availability of this service to
our customers.
Would your use of the data be unethical or
unlawful in any way?
No. We will use the data in two ways:
1. Pseudonymised for website stats to improve the
website for users;
2. IP address and connection information for the
detection and prevention of crime that would be
shared with law enforcement if a data breach or
security incident with the website occurred.necessity test Does this processing help to further that interest? Yes. The analysis of how and where you connect to our
site means that we can improve it for you and optimise
this to most customers browsers, platforms, languages
and locations. We also use it to safeguard both you and
us by recording the data should anything go
wrong. This way we can investigate and provide any
relevant information to law enforcement.
Is it a reasonable way to go about it? Yes. These methods used by us are the same as for
most global websites.
Is there another less intrusive way to achieve the
same result?
No. We collect only the minimum level of information
necessary to both improve and protect the website.
Balancing test What is the nature of your relationship with the
individual?
There may or may not be a relationship with the
individual. This will be unknown at the time of
interaction and data collection.
Is any of the data particularly sensitive or private? No. The data that is collected is not overly sensitive
from a data privacy standpoint. As every computer and
device connected to the Internet is assigned an Internet
Protocol (IP) address – which is recorded in most places
you visit on the internet. The data from a security point
of view could be quite sensitive and therefore, will be
protected in line with Article 32 – technical and
organisational security measures.
Would people expect you to use their data in this
way?
Yes. We consider this would meet most individual’s
reasonable expectations.
Are you happy to explain it to them? Yes. This Legitimate Interest Assessment, documents
our interests and is published as part of our data privacy
notice.
Are some people likely to object or find it
intrusive?
People may object to this, and have the right to do
so. Individuals always have the right not to use ourwebsite and can seek our information from partners or
other sources on the internet that are not under our
direct control.
What is the possible impact on the individual? We will know their IP address, which could reveal their
approximate location to us. will also know specifics
about the web browser and system that they have used
to connect to us and their usage patterns on our
websites, pages visited, length of time on the site
etc. This data will be appropriately safeguarded to
ensure it cannot be misused, and will not be used for
any other purposes than stated.
How big an impact might it have on them? The impact will be low to the individual, unless they have
committed a crime, at which point their data would be
reported to law enforcement and other authorities like
the ICO as appropriate.
Are you processing children’s data? Yes. We will sometimes publish photographs of
Children in our publications. When processing any
child’s data we will obtain consent from the person with
parental responsibility for the child.
Are any of the individuals vulnerable in any other
way?
Not knowingly.
Can you adopt any safeguards to minimise the
impact?
All safeguards in line with the requirements of the GDPR
will be in place, and all data will be protected in line with
Article 32 – technical and organisational security
measures.
Can you offer an opt-out? Yes. You can contact us at any time on
privacy@thejc.com to request a change to your data
preferences.5. Transfer of Data between Jurisdictions
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"), namely Israel and/or
the United States of America. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe
engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting
your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely
and in accordance with this privacy policy.
[All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted [using SSL technology].] Where we have
given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password
confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we
cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will
use strict procedures and security features to try to prevent unauthorised access.
6. Your rights
Personal data must be processed in line with an individual’s rights, including the right to:
• request a copy of their personal data;
• request that their inaccurate personal data is corrected;
• request that we stop processing your personal data;
• request that their personal data is deleted and destroyed when causing damage or distress;
• to object to the processing to of your personal data and;
• opt out of receiving electronic communications from us.
Should you wish to make a request in line with your rights as an individual, please forward it to us using details provided in the contacts section
privacy@thejc.com at the end of this privacy policy. Our Employees must notify or inform our Data Protection Officer immediately if they receive such a
request.
The Data Protection Legislation gives you the continuing right to access information held about you. Your right of access can be exercised in accordance
with the Data Protection Legislation (as applicable).7. Security
Information security is a key element of data protection. We take appropriate measures to ensure our systems, processes, suppliers and People secure
personal data and protect it from loss or unauthorised disclosure or damage. Please contact us privacy@thejc.com if you require further information
regarding our policy and approach to information security.
8. Computer Security
Keep yourself safe from malware and viruses with adequate, up to date security on your computer. You can usually download free basic protection from
providers such as AVG and McAfee, but for more comprehensive cover, it's best to choose security software. Keep your software switched on and up to
date, and make sure that your operating system has the latest updates. It's a good idea to run regular scans on your computer.
When you're opening emails, be careful. Don't click on links to download files or open attachments you haven't asked for, or aren't expecting, as they may
contain viruses. Back up all your files so they're available if the worst happens and your computer is infected by a virus.
9. Cookies
Our Website uses cookies to distinguish you from other users of our Website. This helps us to provide you with a good experience when you browse our
Website and also allows us to improve our Website. For detailed information on the cookies we use and the purposes for which we use them see our
Cookie Policy www.thejc.com/cookie-policy.
10. Changes to our privacy policy
We keep our privacy notice under regular review. If we make changes to our Privacy Policy that affect how we handle your data, we will let you know by
email. Minor changes will not be notified. You can check our Privacy Policy at this page at any time. This privacy notice was last updated on 24 November
2021.
11. Contacts and complaints
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to privacy@thejc.com. You should direct all
complaints relating to how the firm has processed your personal data to our Data Protection Officer.
Our Employees must inform our Data Protection Officer immediately if they receive a complaint relating to how we have processed personal data so our
complaints procedure can be followed.
Date updated 24 November 2021.Appendix
App: a specialised program downloaded by a user through the “App store” or “Google play” on to a mobile device.
Children: a child is a person under the age of 13 years old.
Controller: a personal/organisation who determines the purpose for which, and the manner in which, any personal data is processed.
Customer: a current or prospective customer, being someone who purchases any products sold or services offered for sale via the Jewish Chronicle.
Data Protection Legislation: the Data Protection Act 1998 and any other applicable laws relating to the processing of personal data including the Privacy and
Electronic Communications (EC Directive) Regulations 2003 and all related regulations, regulatory codes of practice, opinions and guidance issued from time to
time, including by the Information Commissioner, and in each case any amending, superseding or replacement applicable law including (from and including 25
November 2021, where applicable) the General Data Protection Regulation 2016/679/EU.
Employees: all people providing services to or working for us, including but not limited to our employees, directors, members, and contractors.
Personal data: information (including opinions) which relates to an individual and from which he or she can be identified either directly or indirectly through other
data which we have or are likely to have in our possession. These individuals are sometimes referred to as data subjects.
Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal
data transmitted, stored or otherwise processed by an organisation electronically. A personal data breach may mean someone outside the organisation gets
unauthorised access to personal data, but a breach can occur if there is unauthorised access within the organisation or if an employee accidentally alters or
deletes personal data.
Principles: these core principles specify personal data should be: processed lawfully, fairly and in a transparent manner; collected for specified, explicit and
legitimate purposes; adequate, relevant and limited to what is necessary; accurate and, where necessary, kept up to date; kept for no longer than is necessary;
processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction
or damage, using appropriate technical or organisational measures. Additionally, organisations must adhere to the principle of accountability.
Process: the ‘processing’ of personal data captures a wide range of activities, and includes obtaining, recording and holding personal data and performing any
operation of the personal data (including erasure/destruction).
Processor: any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
Purpose: the purposes identified in the “Purpose” column of the tables in section 3 of this privacy policy (How we collect, use and disclose your personal data),
as applicable.
Third party: a person, organisation or other body other than the data subject, controller or processor.
Website: the website currently located at the URL: https://www.thejc.com/ (including all pages linked within the site map).