The Daphne Jackson Trust regards the lawful and correct treatment of personal information as very important and is fully committed to the principles of data protection, as set out in the General Data Protection Regulation.
1. Why do we have this notice?
Our privacy notice will help you understand what information we collect, how we use it, and what choices you have.
A quick note on terminology: when we use the phrase “we” in this notice, it refers to the Daphne Jackson Trust only. Although our offices are based at the University of Surrey, we are an independent organisation with our own privacy arrangements.
When we say “our work”, we mean the services and activities undertaken by the Daphne Jackson Trust – such as our Fellowship scheme, training and conferences.
Under the General Data Protection Regulation (GDPR), the Daphne Jackson Trust is termed a ‘data controller’ which means that we are responsible for how and why personal data is used. Our staff can help you with any queries about the information in this privacy notice – please contact DJMFT@surrey.ac.uk or +44 (0)1483 689 162.
Please also note that this privacy notice covers the Daphne Jackson Trust website only. Other websites linked to or from this site are not covered by this notice.
2. Why do we collect and receive information that contains personal data?
We process personal data to undertake our work: namely providing Fellowships that enable scientists and researchers to retrain and return after a career break of two or more years taken for family, caring or health reasons.
We aim to:
- enable women and men to return to research with confidence after a career break;
- maintain a talented STEM workforce by offering flexible Fellowships;
- support equality and diversity in the workplace; and to
- develop partnerships that extend the reach and increase the impact of the work of the Trust.
Under GDPR, we use ‘legitimate interests’ to process the vast majority of your data. ‘Legitimate interests’ means the interests of our organisation in conducting and managing our activities to enable us to undertake our work. For instance, we may contact you about upcoming Fellowship opportunities or conferences we organise, but we do so in a way to send you only the information you are interested in.
We only rely on legitimate interests where we consider any potential impact on you (positive and negative), how intrusive it is (from a privacy perspective) and your rights (under data protection laws) do not override our interests in us using your information in this way. You can tell us if you wish to be contacted differently, or not at all – see section 9 in this document.
If you are applying for a Fellowship, we store some information about you to enable us to process your application. A small amount of the information we collect is sensitive personal information as described in section 3. Should we ever want to share this with third parties, we require your explicit consent. This is a separate arrangement to our legitimate interests and it would be made clear to you at the time, with clear rationale as to why and the option for you to say no.
Where you are (or were) an employee or volunteer with the Trust, our legal basis is neither that of legitimate interests or consent. Instead, as per the norm, it becomes that of entering a contract (see your employment contract for further details).
3. What personal data could we hold about you?
In order for us to undertake our work, we may store information about you. For Fellowship applicants (successful and unsuccessful, including previous fellows), we hold information that you provide when you contacted us. We ask you for personal information so that we know who you are, whether you are eligible for a fellowship and how to best to reach you.
We also hold information about those who work closely with us on non-fellowship matters. For instance, if you have attended one of our events or work at a University that hosts one of our Fellows and have interacted with us, we may have some of your details on file.
We use the personal information to administer our relationship with you, taking into account any stipulations you have made over the manner in which we do this. Information that you supply is treated in confidence and in accordance with the principles of the GDPR.
The types of personal data we hold about you depends on your relationship with us and what information you have provided. For instance, if we have had very limited communications via email, it’s likely we will only have your name and email address as part of this interaction. For those who have (or had) a Fellowship with us, it is likely we have more information about you that was collected at the time of your application submission. It may include:
- Your full name, title, gender, nationality and date of birth
- Your job title and career history
- The email address and phone number you contacted us with or provided to us
- The name and address of the organisation you work (or worked) for
- The reasons behind your career break to confirm your eligibility for a fellowship:
- For family reasons, we may ask you to confirm the number and ages of your children as well as child care arrangements
- For health and caring reasons, some brief details about the nature of these.
This is classed as special category data under GDPR. We do not share this information with third parties without asking for your consent.
- Your research area of expertise, technical skills and retraining requirements
- Any awards, publications and conference presentations you have been associated with
- Professional memberships
- Languages written and spoken
- If you attend our events, we may have dietary requirements and accessibility arrangements stored on file, although these are deleted when no longer needed
- Depending on social media privacy settings, you might give us permission to access information from those services for example when you publicly tag us in a photo
- On occasion we may use legitimate interest to process photographs where it is not practical to gather and maintain consent such as large-scale events. On such occasions we will make it clear that this activity will take place and give you the opportunity to exercise your rights.
All Daphne Jackson Trust staff take responsibility for keeping this personal information as up to date, accurate and secure as possible and all have been trained in data protection.
We do not source information about you from anyone but you.
4. How do we use your information?
We use your information solely for the purposes of furthering the objectives of the Daphne Jackson Trust. For example:
- If you are a Fellow or an applicant, we’ll use your information to administer this process.
- If you attend one of our events or ask us a question, we will use your information to respond accordingly.
- If you are connected with the Trust in some other way (such as a peer reviewer or employee/volunteer), we’ll use your information for the specific purpose involved.
We don’t use your information for marketing or fundraising, but we may send you information from time to time with updates about the Trust and events we are running. You can choose not to receive this by letting us know at any time (see section 9 in this document).
We store your personal data just for the intended purposes of the Trust. We don’t pass it on to other organisations without letting you know. We collect only the minimum amount of information necessary and keep it only for as long as necessary, after which it is deleted or destroyed in line with our Data Retention Policy. Generally, we keep non-sensitive information concerning our awarded Fellowships indefinitely. Any sensitive information is deleted on completion of the Fellowship. If you aren’t a Fellow but you have interacted with us in another way, we normally keep a brief record of your contact details on file for 9 years, after which time, if we haven’t heard from you, we’ll delete it on your behalf.
5. What other information could we hold?
The Daphne Jackson Trust may also collect and receive:
- Billing and other information: if you donate or leave a legacy to the Daphne Jackson Trust, we may collect and store the billing address, credit card information or other payment methods provided to us. If you leave a legacy to us, we may use information regarding next of kin that you may have provided us to administer this.
- Service usage information: from time to time, we conduct surveys and interviews with individuals and organisations from the sector. We will explain any specific privacy notices as part of the activity, should it differ from this privacy notice.
- Website traffic: we store some information to enable us to see how popular pages on our website are. This typically involves assessing aggregated information such as IP addresses. Analysing this information allows us to tailor our services better.
- Device information: we may collect information about the device you are using to access our services such as the type of device it is, the operating system you are using, its settings, application IDs / unique identifiers and cache data. Whether we collect some or all of this information depends on what type of device you are using and its settings.
6. How do we protect the security of your information?
The Daphne Jackson Trust takes security seriously. We take physical, managerial and technical measures to protect the information you provide to us from loss, misuse, unauthorised access, alteration or disclosure. This includes using physical locks, access restriction, encryption and password protection where possible and practical for us to do so. These steps take into account the sensitivity of the information and the current state of technology.
Please note that the Daphne Jackson Trust uses third parties like Google Analytics for website analytics. You may opt-out of third-party cookies from Google Analytics on its website.
8. When can we share and disclose your information?
For the majority of the time we do not share the information with other organisations. However, on some occasions, we may share some limited information specific to the activity we are undertaking. Where practically possible, we will tell you about such instances as they occur. For example, if you attend a Daphne Jackson Trust Conference, we may share your name, the organisation you work for and accessibility or dietary requirements with the host building. This is to ensure we meet safety and security measures as well as catering for your specific needs. In such cases, the information is shared securely only for that event and is destroyed afterwards.
During the process of awarding Fellowships, the Daphne Jackson Trust may share sensitive information with third parties such as sponsors. Before doing this, we do ask for your explicit consent, giving you clear rationale as to why and the option for you to say no.
We may, on occasion, need to share other information (not related to Fellowship applications) with others, subject to a Data Sharing Agreement:
- With third party service providers and agents: we may use third party payment processors and mailing houses to process information and undertake our activities.
- To comply with laws: such as legal or regulatory requirements and to respond to lawful requests, court orders and legal process.
- To enforce our rights, prevent fraud and for safety: to protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud.
9. Your right to object to the way in which we process your information
Under GDPR, you have rights over how the personal information we hold about you is handled. These include your right to:
- access the information we hold about you;
- ask us to stop contacting you;
- amend your information or have inaccurate information changed;
- delete your information;
- change your preferences (for instance if you would prefer us to only contact you about certain things or restrict what information we have about you);
- object to the way we process your information, including anything not mentioned above.
You can do this by contacting the Daphne Jackson Trust via DJMFT@surrey.ac.uk or any member of the team (https://daphnejackson.org/about-us/meet-the-team/). We will action your request within 1 month or sooner, providing there is no reasonable reason we cannot comply.
If you have any questions about this Privacy Notice or practices, please contact us via DJMFT@surrey.ac.uk. If you prefer not to use email, you can contact us via:
The Daphne Jackson Trust
Department of Physics
University of Surrey
Telephone +44 (0)1483 689166
10. How do I report a concern about how you have used my data?
If you feel we haven’t handled your data properly, please do contact the Chief Executive of the Daphne Jackson Trust, Dr Katie Perry, in the first instance and we will do everything we can to rectify the problem.
If you feel this doesn’t go far enough, or if you want to report your concern elsewhere, you can contact the Information Commissioner’s Office: https://ico.org.uk/concerns/
11. Changes to this Privacy Notice
We may change this notice from time to time, details of which will be displayed here. If you continue using our services after those changes are in effect, you agree to the revised notice.
- December 2019: we have updated section 4 to include more information on the types of information we process.
- January 2020: we clarified our use of explicit consent should we ever share sensitive information with third parties.