We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
Majlis Khuddamul Ahmadiyya (UK) (‘MKA UK’) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
In the course of our activities we collect the following personal information when you provide it to us:
Certain types of personal information are in a special category under data protection laws, as they are considered to be more sensitive. Examples of this type of sensitive data would be information about health, race, religious beliefs, political views or biometric information.
We only collect this type of information about you to the extent that there is a clear reason for us to do so, for example asking for health information if you are taking part in a sporting event, or where we ask for information for the purpose of providing appropriate facilities or support. We will also collect this type of information if you make it public or volunteer it to us.
Wherever it is practical for us to do so, we will make why we are collecting this type of information clear and what it will be used for.
We also obtain personal information from other sources as follows:
Depending on your settings or the privacy policies for social media and messaging services like Facebook, WhatsApp or Twitter, you might give us permission to access information from those services, for example when you publicly tag us in an event photo.
We will use your personal information to:
We may share your data with our associated charities and third parties. These third parties may include:
Where we are under a legal or regulatory duty to do so, we may disclose your details to the police, regulatory bodies or legal advisors, and/or, where we consider this necessary, to protect the rights, property or safety of MKA UK, its staff, visitors, users, members or others.
We will not share your personal information with any other third party.
MKA UK has specific criteria to determine how long we will retain your information for, which are determined by legal and operational considerations. For instance we are required to keep some personal information for tax or health and safety purposes, as well as keep a record of your interactions with us.
We must have a “legal basis” for each use we make of personal information as per Data protection laws. The relevant legal bases are set out in the General Data Protection Regulation (EU Regulation 2016/679) and in current UK data protection legislation.
Consent is where we ask you if we can use your information in a certain way, and you agree to this (for example when we send you communication via post, phone, text or e-mail). Where we use your information for a purpose based on consent, you have the right to withdraw consent for any future use of your information for this purpose at any time.
We have a basis to use your personal information where we need to do so to comply with one of our legal or regulatory obligations. For example, in some cases we may need to share your information with our various regulators such as the Charity Commission, Fundraising Regulator, Information Commissioner, or to use information we collect about you for due diligence or ethical screening purposes.
We have a basis to use your personal information where we are entering into a contract with you or performing our obligations under that contract. Examples of this would be if you are buying something from us (for instance some branded merchandise or, in some cases, an event place), applying to work/volunteer with us.
We have a basis to use your personal information where it is necessary for us to protect life or health. For instance if there were to be an emergency impacting individuals at one of our events, or a safeguarding issue which required us to contact people unexpectedly or share their information with emergency services.
We have a basis to use your personal information if it is reasonably necessary for us (or others) to do so and in our/their “legitimate interests” (provided that what the information is used for is fair and does not unduly impact your rights).
We consider our legitimate interests to include all of the day-to-day activities MKA UK carries out with personal information. Some examples not mentioned under the other bases above where we are relying on legitimate interests are:
We only rely on legitimate interests where we consider that any potential impact on you (positive and negative), how intrusive it is from a privacy perspective and your rights under data protection laws do not override our (or others’) interests in us using your information in this way.
When we use sensitive personal information (please see the “What personal information we collect” section above), we may require an additional legal basis to do so under data protection laws, so will either do so on the basis of your explicit consent or another route available to us at law for using this type of information (for example if you have made the information manifestly public, we need to process it for employment, social security or social protection law purposes, your vital interests, or, in some cases, if it is in the public interest for us to do so).
In some circumstances, MKA UK or some of our suppliers may transfer your data outside the European Economic Area (EEA) – this may include a country which may not be subject to the same data protection laws as companies based in the UK. In these circumstances, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law, and appropriate safeguards are in place. These include imposing contractual obligations of adequacy or requiring the recipient to subscribe or to be certified with an international frame work of protection.
If you would like further information please contact us (see ‘How to contact us’ below). We will not otherwise transfer your personal data outside of the United Kingdom OR EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.If you would like to exercise any of those rights, please:
If you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 30 days for this to take place.
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: [0303 123 1113].
This privacy notice was published on 15th May 2018 and last updated on 15th May 2018.
We may change this privacy notice from time to time, when we do we will update this on our website. We will also email you (if we hold a valid address for you).
Please contact us, if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us, please send an email to [email protected] or write to MKA UK, Data Protection Department, Sarai Khidmat, 31 Gressenhall Road, London, SW18 5QH.
If you would like this notice in another format (for example: audio, large print) please contact us (see ‘How to contact us’ above).