PRIVACY POLICY – CHILD RIGHTS AND YOU UK

(Please read this document carefully to understand how we collect, store and use your personal data.

Child Rights and You UK Ltd. (herein after called CRY UK) is committed to your privacy and security online. This Privacy Policy describes CRY UK’s online information collection practices.

This policy applies to “users” and “customers” (or “you”) of CRY UK; that is anyone ordering, registering or interacting with any product or service from CRY UK.

Collection and use of your information:
The information you provide us, and that which we gather based on your activity, helps us to deliver more relevant content as well as create a more seamless experience across the products and channels through which you may access that content. We collect and store some information about you in order to deliver products and services to you. We share some of that information with trusted suppliers (including payment providers and postal services) to ensure the delivery of those products and services. We also collect information when you use our products and services

How We Collect Information Online
When you visit our site we may ask you to complete a survey, answer simple questions or make a donation. These may include questions such as where you live, your email address and your interest in receiving emails from CRY UK. We collect this information so that we can determine what kinds of products and services are of most interest to you. From time to time CRY UK may offer contests, or other promotions. If you participate in a contest, or other promotion on our site, you will most likely be asked to provide personally identifiable information about yourself, such as your name, age, address and/or email address. Please review the terms applicable to the particular contest, or other promotion, as they may contain important information about how we use your personally identifiable information. To the extent that such terms conflict with this privacy policy, the rules particular to the contest, or other promotion will govern.

Visiting Our Website
You can browse our site anonymously without identifying yourself during your visit. We will obtain information that personally identifies you when you specifically choose to provide it. For example, during your visits to our websites, you may request information, contact us, make donations, or purchase CRY UK products or services. You will then need to give us certain personal information just as you would if you were communicating with us in person, by mail or by telephone. Be assured that we maintain electronic security safeguards to help protect personal information about our donors that we obtain via the internet and offline.

Online Tracking We and our service providers may use “cookies” or “similar technologies” on our site to track activity and transactions on an individually identifiable basis if you apply for or use a CRY UK product or service online. We may use identification information we collect in order to protect against actual or potential fraud. In order to constantly improve our website and better serve our donors online and offline, CRY UK may use various tracking methods (such as cookies and other technologies, etc.) to gather information about site visitors’ browsing activities.
Server log files: Your Internet Protocol (IP) address is logged in our server log files along with other information about your activity on our site. We use your IP address for purposes of calculating site usage levels, helping diagnose problems with our servers, and generally administering the site. Collecting IP addresses is a standard practice on the Internet.

Information we collect Information you provide us which we need in order to provide you with our services and products there is certain personal information that we need in order to provide the products and services that you have chosen. Examples of details we collect include:

  • Name
  • Postal address (including postcode)
  • Email address
  • Telephone No.
  • Payment details

We collect this data using the lawful basis: Legitimate Interest In addition to the above, examples of the details we collect could include:

  • Job
  • Title
  • Work email
  • Company
  • Country
  • Industry

Other parts of CRY UK may ask for different information such as phone numbers, gender or date of birth, as indicated when you interact with those products or services

  • We use this data to:
  • To spread awareness of upcoming events related to CRY UK and our work on the ground in India. To invite people to visit our website and to donate to our cause.
  • We collect this data using the lawful basis: Consent

Information we collect through your use of our Website
When you use our online platform, we collect information that helps us to deliver the service you have chosen and to improve your experience. This is done through cookies and other technologies. Examples of the type of information we may collect are:

  • Browser
  • Email Provider
  • The pages you read on our websites and how you got to them
  • Device
  • IP address
  • Internet Connection
  • Location (in some cases)

You can also volunteer to disclose additional information which may not be essential for us to deliver a service to you. By providing it you help us to ensure we communicate with you in a way that’s most relevant, useful and engaging for you. We may collect and ask for additional information when you order, donate, register, subscribe or make use of our products or services in any way, for example in person, via our marketing campaigns, via phone or mail orders, or our websites.

Information we receive from third parties
We occasionally work with third parties who provide additional information that you have shared with them, such as your telephone number and postal address (for example if you’ve moved house). Some third parties may also share information about your interaction on our sites to help us personalise our services to you.

Information we do not track
We do not track or collect any sensitive information about you. This includes race, religion, ethnicity, and political opinion.

How we use your information
We primarily use your information for the purpose of delivering the products and services that you have chosen and to personalise our interactions with you. For further details about this, and other ways we may use your information, please read the sections below.

To provide products and services

  • To fulfil your orders and contracts with us, this includes our third party specialised payment providers.
  • To manage customer service queries and complaints.
  • To manage your privacy preferences and to ensure you only receive communications that you have requested, which may include using your details to suppress you from communications.
  • To detect and reduce fraud including fraudulent orders.
  • To prevent users from posting illegal, offensive or objectionable comments on our site.

To deliver marketing and advertising

We need your consent to use your information for some specific purposes such as marketing and brand response communications. Ways in which we will use your information if you consent are as follows:

  • We may send marketing communications via a range of channels including email and you can opt out of these at any time. If you give us marketing permission, we may contact you to tell you about special offers and related or similar products or services within CRY UK.
  • We will ask you if you wish to opt-out of such marketing when you first sign up to receive our products or services. You can also opt out of email marketing by clicking the unsubscribe link at the bottom of our emails or you can contact us. This does not apply to important service notifications such as payment confirmations or where we have some other legal basis for contacting you.

Other uses of your information
Other than where we have asked for your consent, we mainly rely on two other separate bases to lawfully use your information. First, we need to use your information in certain ways to provide our products or services to you, in accordance with our contracts with you. In this case, it is necessary for us to use your information so that we can deliver the products or services you have chosen. Second, as described in more detail below, in certain cases, we may use your information where necessary to further our legitimate interests, where those legitimate interests are not overridden by your rights or interests: * To measure customer and user response and engagement with our products and services such as online content and email. This may include sharing your information with third parties who help us to analyse and measure these things.

  • To ensure our products (including websites) are compatible with the browsers and operating systems used by most of our visitors.
  • To help us improve our customer and user experience. We may send customer satisfaction surveys (for which we may share your information with third party suppliers employed by us).
  • To detect and reduce fraudulent activity and for other security related purposes such as to help us protect against harassment, IP infringement, crime or other security issues.
  • For any purpose required by law or regulation and to verify information that we provide to third parties for compliance and audit purposes. We may share your personal data with a third-party auditing organisation so they can verify and review our policies, processes and procedures for compliance with relevant standards.
  • You have the right to object to any of the above uses of your information, please contact us if you wish to do so. We will consider all objections reasonably, but there may be legal reasons where we deem that the use of your information is still appropriate. We will explain our decision to you in a timely manner.

Social media
CRY UK publishes content on social media platforms e.g. Twitter, Facebook, LinkedIn through both “organic” and “paid” methods to reach current and potential readers:

  • “Organic” methods describe where content and/or offers are published onto a social platform so that they may appear in your social platform’s content, without being promoted or forced to appear more prominently, e.g. CRY UK’s Facebook Page.
  • “Paid” methods describe where content and/or offers are published onto a social platform so that they will appear more prominently, or be shown to users that do not currently follow CRY UK social pages e.g. a promoted tweet on your Twitter Timeline. We may place one or more social media platform “tags” on our website in order to better understand how CRY UK may be of best value to you by providing you with the most relevant content available according to what you have chosen to read on our own website. These tags only record information to help us understand so that we may provide more relevant content and/or offers to you, on social media platforms.

We do not have direct access to your personal data on your social media platforms.

How we work with third parties
As mentioned, in some instances, we disclose personal information to third parties when it is necessary to deliver a service or organisation goal related product, or to help us improve your experience with us, or when we are required to do so by contract or law. “Third parties” include agents, subcontractors and other associated organisations. We have in place contracts to ensure the information remains secure and limited in use, and if we do not have a legitimate business reason to pass on your information, we will ask you to give consent first. Some examples of when we share your information are below:

  • When you make a payment on any of our sites your payment will be processed by a specialist payment processor to ensure a secure transaction. All payment processors used by CRY UK are compliant with required security standards.
  • When we send you an email, these are delivered by marketing platforms. As part of this service, certain information such as message opens, clicks and formatting etc are recorded to help deliver the best email experience.
  • We also employ third parties to carry out statistical analyses and conduct surveys on our behalf.
  • To provide information for auditing purposes by official regulators.

Third parties who pass information to us
CRY UK uses additional information such as telephone numbers or postcodes from third parties (like researchers or telemarketing agents, who have gathered this information lawfully) to help us to contact you or to help us make marketing decisions. These third parties may give us access to your personal information, if you have allowed them to do so.
We may also work with third parties to identify individuals who may be interested in our organisation goals and services or in some cases our sponsors / advertisers’ products and services. These third parties may give us access to your personal information, if you have allowed them to do so. In any communication you receive from us, through these third parties, we make sure to identify ourselves (and them) so that you know who has the access to your information.

IMPORTANT:
Please note that the collection, use, and disclosure of information by these third parties are described in their own privacy policies, and consequently may differ from that set out in CRY UK Privacy Policy. We are not responsible for those third party privacy policies, and you should ensure that you have read and understood all applicable privacy policies before proceeding.

Why do we share data outside of the EU
We may transfer personal data to a country outside of the European Economic Area (EEA), for example if a third party we share data with has servers located outside of the EEA. If this is the case we will obtain your consent or otherwise ensure that the transfer is legal and your data is secure by following the EU’s guidelines.

Cookies and similar technologies
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. Cookies can be used by web servers to identify and track users as they navigate different pages on a website to understand the areas in which they show interest and identify users returning to a website.

Types of Cookies
Cookies can be set to expire: on a specified date after a specific period of time when a transaction has been completed or when a user turns off his/her browser. A cookie that is erased from memory when a visitor’s browser closes is called a “session” cookie. Cookies that expire based on a time set by the Web server are called “persistent” cookies. Persistent cookies may be used in some cases, for example, to recognise when a visitor returns to a website. The web browser will send the cookie information from the initial visit back to the website. This is useful to the visitor if he or she has established a password at a particular website and wants to be identified by that site to perform a function or transaction. To browse anonymously, you may set your browser to disable cookies or delete cookies. Please note that disabling cookies for some services will impact ability to use that service. Refusing Cookies on CRY UK’s Website Customers may choose not to accept cookies. Your web browser may alert and permit you to refuse cookies. When you receive an alert, you may choose at that time to refuse that cookie. If the use of cookies is a concern to you, then please make sure your browser has this capability, and that you set your browser to alert you accordingly. Newer browser versions allow you to be alerted or to automatically refuse cookies. You may need to download a more current version of your web browser from your service provider in order to obtain this option. Note: Some product features and services provided by CRY UK require you to accept a cookie in order to be able to use the particular functionality or service. These cookies are used to establish a link between the user and the application server. The cookies contain unique session IDs, and no customer data is stored on the cookies.

Refusing Cookies on CRY UK’s Website
Donors or visitors may choose not to accept cookies. Your web browser may alert and permit you to refuse cookies. When you receive an alert, you may choose at that time to refuse that cookie. If the use of cookies is a concern to you, then please make sure your browser has this capability, and that you set your browser to alert you accordingly. Newer browser versions allow you to be alerted or to automatically refuse cookies. You may need to download a more current version of your web browser from your service provider in order to obtain this option. Note: Some product features and services provided by CRY UK require you to accept a cookie in order to be able to use the particular functionality or service. These cookies are used to establish a link between the user and the application server. The cookies contain unique session IDs, and no other data is stored on the cookies.
To browse anonymously, you may set your browser to disable cookies or delete cookies or you can use “incognito” mode to remove cookies immediately after browsing. If you block or delete cookies, you will not be able to use all the features or it may have a negative impact on the usability of many websites.

How We Protect the Information We Collect
CRY UK takes a number of steps to protect the privacy of information obtained from our donors. In accordance with our privacy policy, when donors to the CRY UK websites, provide personal information like bank account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account, these details are NOT stored in our servers and this information is not accessible to any of our employees or contractors. However this information will be passed or supplied to our banking partners directly by encrypting and protecting using Secure Socket Layer (SSL) protocol.
Profile Information like an individual’s first name or first initial and last name in combination with any one or more of the following data elements are only disclosed to our employees and organisations with restricted access to their employees and contractors, who need to know that information in order to operate, develop, or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
CRY UK will not sell, share or trade our donors’ names or personal information with any other entity, nor send mailings to our donors on behalf of other organisations. This policy applies to all information received from donors, both online and offline, on any Platform (“Platform”, includes the CRY UK website and mobile applications), as well as any electronic, written, or oral communications.
To the extent any donations are processed through a third-party service provider, our donors’ information will only be used for purposes necessary for processing the donation. When we provide business partners with donor information in order to fulfil requests, we require that these parties agree to process such information on our instructions and with appropriate confidentiality and security measures. Additional disclosure may be made to other parties as required by law. Profile Information of donors like the individual’s first name or first initial and last name in combination with any one or more of the following data elements are only disclosed to our employees and organisations with restricted access to their employees and contractors, who need to know that information in order to operate, develop, or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. We keep information under physical, electronic and procedural controls that comply with federal standards. These controls help keep information from being changed or destroyed. We take appropriate security measures to protect against unauthorised access to data. These measures include internal and external reviews of our data collection, storage, and processing practices and security measures, including physical security measures to guard against unauthorised access to systems where we store our donors personal data. For example, if you make a donation by credit card, certain personal information may be supplied to our bank partner for purposes of processing a credit card transaction. In the unlikely event of a criminal breach of our security we will inform the relevant regulatory body within 72 hours and, if your personal data were involved in the breach, we shall also inform you.

E-mail Communications
If you choose to send us an email message or provide your email id on our website, we may retain the content of the email, your email address, and our response in order to service your needs. If you agree to receive email offers or email messages from CRY UK, we may use the data that you provide to send you email offers that may be of special interest to you. If you unsubscribe from these email messages, you will not receive these messages from CRY UK via email. Please note that some CRY UK services or online programs require a valid email address in order to register and/or continue use of the service. You will receive email alerts or notification messages from these programs unless you unenroll from these services. CRY UK does not ask for or collect any bank account, credit card, debit card, security code, access code, password via email, text or telephone.

Email Opt Out or Unsubscribe
If you no longer wish to receive email offers or solicitations from CRY UK, you may unsubscribe by following the instructions in the original email you received. Unsubscribe instructions are generally located at the bottom of the email sent to you by CRY UK. If you opt out of e-mail solicitations, CRY UK reserves the right to contact you via email to service and maintain your user profile. For example, we may notify you about fraudulent activity, respond to any customer inquiries or requests, or alert you to website changes or outages. If you change your privacy choices, you may still get communications from us when you contact us. You may also get offers in connection with our maintaining and servicing your user account.

Links to Third Party Sites
CRY UK is not responsible for the information practices employed by sites linked to or from our website. In most cases, links to non-CRY UK websites are provided solely as pointers to information on topics that may be useful to the users of the CRY UK website. Since third party websites may have different privacy policies and/or security standards governing their sites, we advise our site visitors and donors to review the privacy policies and terms and conditions of these sites prior to providing any personal information.

Children’s Online Privacy
Protecting children on the Internet is very important to us. For that reason, CRY UK does not directly collect information at our websites from those we actually know are under 13, and no part of our website is intended to attract anyone under 13. Parents can be proactive and limit website access to their children by installing filtering software. Children’s access to the Internet can permit them to visit inappropriate websites and be exposed to unnecessary risks.

Your rights

  • the right to be informed about the collection and use of your personal data
  • the right of access to your personal data and any supplementary information
  • the right to have any errors in your personal data rectified
  • the right to have your personal data erased
  • the right to block or suppressing the processing of your personal data
  • the right to move, copy or transfer your personal data from one IT environment to another
  • the right to object to processing of your personal data in certain circumstances, and rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).

We also give you the option to manage your data via:

  • email
  • by writing to us.
  • While we do not hold personal data any longer than we need to, the duration will depend on your relationship with us.

Updates to this Privacy Policy
From time to time, we may change our Policy. If we do so, we will tell you. Our Policy is always available at https://www.ukcry.org/privacy-policy.html
When we change the policy, we will let you know by adding notices to our website. By continuing to access or use our services after those changes become effective, you agree to be bound by the revised privacy policy.
Alerting Us to Your Privacy Choices You may contact us to provide us with updates to your privacy choices. Also, you may tell us not to contact you. To do so, send an email to cry.uk@crymail.org, or contact us at CRY – Child Rights and You UK Ltd, C/O – Penningtons Manches LLP 125 Wood Street, London, EC2V 7AW. Please allow four to six weeks for your request to take effect. If you change your privacy choices, you may still get communications from us when you contact us. You may also get offers in connection with our maintaining and servicing your user account.

Child Rights and You UK is a registered charity no. 1119026. Registered in England as a company limited by guarantee having company number 05621889. Write to us at: C/o – Penningtons Manches LLP 125 Wood Street, London, EC2V 7AW. Email at: cry.uk@crymail.org