Privacy Policy

Jnetics is a charity registered in England and Wales with number 1134935.

This privacy policy sets out how Jnetics, processes personal data (that is, information by which an individual can be identified) collected by us in the course of our lawful activities, in accordance with the Data Protection Act 2018, the UK General Data Protection Regulation and any related or subsequent legislation and regulations in force from time to time (the ‘Data Protections laws’). This policy has been put in place to protect your rights under the Data Protection laws, and it is important that you understand what we will do with your data and are happy with this.

If you want to discuss any matter relating to how your data is used or to notify us of any changes to your details or communication preferences, please call us on 020 8158 5123 or write to the Data Protection Officer at info@jnetics.org or at Jnetics, 505 Centennial Park, Centennial Avenue, Elstree WD6 3FG. We may require that requests for certain information be submitted in writing.

References to the processing of information includes the collection, use, storage and protection of data. Jnetics is the ‘data controller’ for the purposes of this policy, except where otherwise stated, and the policy extends those working for or with Jnetics and, to the extent set out below, anyone else processing data on our behalf from time to time.

Children of any age have the same rights over the data processed about them as adults, although their ability to understand and to exercise these rights, including when giving consent, will vary depending on their age and capacity. We therefore ask those legally responsible for those aged under 18 with whom we engage to understand that our obligations are to each of those children separately as individual data subjects and to work with us accordingly. References in this policy to ‘you’ or ‘your data’ includes reference to children’s data, as the context allows.

This policy was reviewed in September 2025.

Organisations are permitted to process data if they have a legal basis for doing so. Jnetics processes data on the basis that:

• Jnetics has a legitimate interest in processing the data in accordance with our charitable purposes; and/or
• Express and informed consent has been given by the person whose data is being processed; and/or
• It is necessary in relation to or in anticipation of a contract, agreement or ongoing arrangement for the provision of services which someone has entered into with Jnetics or because someone has asked for something to be done so they can enter into a contract, agreement or arrangement with us; and/or
• There is a legal obligation on Jnetics to process data.

If and to the extent that Jnetics is relying on solely consent as the basis for processing data, we are required to obtain your explicit consent and you can modify or withdraw this consent at any time by notifying us in writing, although this may affect the extent to which Jnetics is able to provide services to or interact with you in future.

Where consent is sought in relation to a child under the age of 16 years of age, we will ask that someone legally responsible for them provides such consent. Where we (in the capacity of a ‘data processor’) receive such data from another data controller, such as a school, we do so in reliance on the express or implied assurance that it is being shared with us lawfully and with all due authority.

We may change this policy from time to time and any such changes will be published on our website. Notwithstanding any change to this policy, we will continue to process your personal data in accordance with your rights and our obligations in law.

We process the data necessary for Jnetics to fulfil its charitable Objects to improve the prevention and diagnosis of Jewish genetic disorders in the UK, together with fundraising, marketing and awareness raising activities, keeping our service users and supporters informed of our activities, and the effective running of Jnetics as an operational and fundraising charity through those working for and with us, our trustees and volunteers. Data collected and processed may include, but not be limited to:

• Names and contact information such as telephone numbers, email and postal addresses of all those engaging with us, registering for events, activities, screening or testing, or to work with us as staff, volunteers or other contractors, or who donate to or support Jnetics and our;
• Information necessary for the employment of staff or the engagement of volunteers, including that necessary to pay salaries or fees;
• All necessary information relating to our obligations for the safeguarding, welfare and protection of children and adults at risk, such as references and Disclosure and Barring Service checks;
• Information that you provide to us in order to receive services from Jnetics, including that which is of a sensitive personal or medical nature;
• Donor and volunteer records and preferences, including, where necessary, bank or payment details and details of tax status in order to process payments and claim Gift Aid;
• Such other information as is relevant and necessary for Jnetics to carry out its activities, charitable purposes and legal obligations.

Such data may be collected, for example, when you provide it, whether through our website or otherwise, by enquiring about our services or register for them by completing the relevant forms, when making a donation, when you fill in your details on a pledge card or Gift Aid form, when you provide us with information about yourself if you apply to work for Jnetics as a volunteer or employee, or when you otherwise provide us with personal data in some other way.

We process your personal data for the operational reasons stated above, and in particular for the following purposes:

• For internal record-keeping, invoicing, communication and administration;
• To carry out the services provided to service users whilst ensuring the safeguarding, welfare and protection of children and adults at risk to whom we owe a duty of care;
• To work with schools, colleges and other partner organisations and their staff with whom we liaise to provide our services;
• To comply with any legal obligations and to protect parties’ interests in cases of dispute;
• To let you know about Jnetics’ activities, events and campaigns or related matters which we think may be of interest to you;
• To share such information as is necessary and lawful with other service providers in pursuance of our charitable purposes, including to safeguard any children and adults at risks with whom we engage.

If you or someone acting on your behalf provides information about another person, such as a service user, you warrant that you have the legal authority to share such data with us and have informed such person(s) (or in the case of someone under the age of 16, a person legally responsible for them) that their data is being shared with us and about our Privacy Policy.

Data processed will be retained only for as long as the purpose for which it was collected continues and for as long as is reasonable and permissible in law. Accordingly, the periods for which we retain data will vary depending on the purposes for which it was collected and relevant statutory or other requirements.

In addition to those circumstances mentioned above, we will only share data with trusted third parties (including those outside the European Economic Area) to the extent and where necessary for us to provide services to service users and support Jnetics’ activities through fundraising and promoting our work (such as online platforms for secure data storage or for email communications), to process payments (such as through online payments platforms or providers) and only once we are satisfied that any such use of data will accord with our privacy policy and all applicable legal requirements. We will never sell your personal information and will not share it without your explicit consent, except as stated above.

You, as the data subject, may request deletion of your data at any time in writing, subject to any overriding legal requirement for its retention, such as the need, where appropriate, to comply with legal or safeguarding obligations or the requirements of HMRC or other regulatory authorities, or to prevent the commission of or to assist in the investigation of an actual or suspected criminal offence. We may keep certain data on a ‘suppression list’ so we know, if requested, not to contact you or process your data in future until further notice.

You may request details of personal information which we hold about you, which we must provide within 30 days of your verified written request. Those legally responsible for a child may request such details about the child. Any such request must be submitted in writing, and we reserve the right to seek verification of the identity of persons making such requests before we respond. A small fee may be payable if an information request is particularly onerous.

You may choose to restrict the collection or use of your personal information, but this may impact or limit the way in which we are able to interact with you. You may, at any time, change your mind about what information we hold about you, or if we continue to hold it at all, subject to any legal obligation we have to retain data, and as stated above.

You are responsible for the accuracy of data you have provided to Jnetics. If you believe that any information, we are holding on you is incorrect or incomplete, please write to us as soon as possible at the address given above. We will promptly correct any information found to be incorrect.

Where your data has been supplied to us by another party, such as a school, meaning that Jnetics is processing it on behalf of that other party and is acting as a data processor, please note that in order to exercise your rights over your data you should submit any request relating to it to the party that supplied the data to us.

In the unlikely event that there is any kind of a breach of our duties and obligations under this policy or the Data Protections laws, we will take immediate steps to isolate and rectify the problem. Should the breach be serious one (where there is a risk of, for example, discrimination, damage to reputation, financial loss or loss of confidential information) we have a duty to report that matter to the individuals affected and to the Office of the Information Commissioner.

You can obtain further information about Data Protection and privacy laws and your rights by visiting the Information Commissioner’s website at: ico.org.uk/for-the-public

We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the data we process. Persons processing data on behalf of Jnetics do so in accordance with this policy and on the basis that Jnetics is satisfied that they can and will adhere to our high standards for data protection and security.

The transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. Please note that, unless encrypted, email messages sent via the internet may not be secure and could be intercepted and read by someone else. Please bear this in mind when deciding whether to include personal or sensitive information in any email messages you send to us.

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We may use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

We may also collect and store information about your browsing device, including, where available, your IP address, operating system, and browser type, together with certain anonymous statistical data about your browsing activities and patterns which does not contain any personal data.

For more information, please see our Cookie Policy here: www.jnetics.org/cookie-policy.

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy policy. You should exercise caution and look at the privacy policy applicable to the website in question.