The Daphne Jackson Trust regards the lawful and correct treatment of personal information as very important and is fully committed to the principles of data protection, as set out in the General Data Protection Regulation.
1. Why do we have this notice?
Our privacy notice will help you understand what information we collect, how we use it, and what choices you have.
A quick note on terminology: when we use the phrase “we” in this notice, it refers to the Daphne Jackson Trust only. Although out offices are based at the University of Surrey, we are an independent organisation with our own privacy arrangements.
When we say “our work”, we mean the services and activities undertaken by the Daphne Jackson Trust – such as our Fellowship scheme, training and conferences.
Under the General Data Protection Regulation (GDPR), the Daphne Jackson Trust is termed a ‘data controller’ which means that we are responsible for how and why personal data is used. We have appointed a Data Compliance Officer – Dr Andy Clempson who can help you with any queries about the information in this privacy notice: email@example.com, +44 (0)1483 689 162.
Please also note that this privacy notice covers the Daphne Jackson Trust website only. Other websites linked to or from this site are not covered by this notice.
2. Why do we collect and receive information that contains personal data?
We process personal data to undertake our work: namely providing fellowships that enable scientists and researchers to retrain and return after a career break of two or more years taken for family, caring or health reasons.
We aim to:
- enable women and men to return to research with confidence after a career break;
- maintain a talented STEM workforce by offering flexible Fellowships;
- support equality and diversity in the workplace; and to
- develop partnerships that extend the reach and increase the impact of the work of the Trust.
Under GDPR, we use ‘legitimate interests’ to process the vast majority of your data. ‘Legitimate interests’ means the interests of our organisation in conducting and managing our activities to enable us to undertake our work. For instance, we may contact you about upcoming fellowship opportunities or conferences we organise, but we do so in a way to send you only the information you are interested in.
We only rely on legitimate interests where we consider that any potential impact on you (positive and negative), how intrusive it is (from a privacy perspective) and your rights (under data protection laws) do not override our interests in us using your information in this way. You can tell us if you wish to be contacted differently, or not at all – see section 9 in this document.
If you are applying for a fellowship, we store some information about you to enable us to process your application. A small amount of the information we collect and use is sensitive personal information as described in section 3. Where we collect this, we require your explicit consent. This is a separate arrangement to our legitimate interests. Your consent is required in order to proceed at certain stages of the application process. This is made clear to you at the time you submit this information to us.
Where you are (or were) an employee or volunteer with the Trust, our legal basis is neither that of legitimate lnterests or consent. Instead, as per the norm, it becomes that of entering a contract (see your employment contract for further details).
3. What personal data could we hold about you?
In order for us to undertake our work, we may store information about you. For fellowship applicants (successful and unsuccessful, including previous fellows), we hold information that you provide when you contacted us. We ask you for personal information so we know who you are, whether you are eligible for a fellowship and how to best to reach you.
We also hold information about those who work closely with us on non-fellowship matters. For instance, if you have attended one of our events or work at a University that hosts one of our fellows and have interacted with us, we may have some of your details on file.
We use the personal information to administer our relationship with you, taking into account any stipulations you have made over the manner in which we do this. Information that you supply is treated in confidence and in accordance with the principles of the GDPR.
The types of personal data we hold about you depends on your relationship with us and what information you have provided. For instance, if we have had very limited communications via email, it’s likely we will only have your name and email address as part of this interaction. For those who have (or had) a fellowship with us, it is likely we have much more information about you that was collected at the time of your application submission. It may include:
- Your full name, title, gender, nationality and date of birth
- Your job title and career history
- The email address and phone number you contacted us with or provided to us
- The name and address of the organisation you work (or worked) for
- The reasons behind your career break to confirm your eligibility for a fellowship:
- For family reasons, we may ask you to confirm the number and ages of your children as well as child care arrangements
- For health and caring reasons, some brief details about the nature of these.
This is classed as special category data under GDPR. It is considered more sensitive and therefore we ask for your explicit consent to collect this information. We only collect the minimum amount of information we need to assess your eligibility and delete it as soon as it’s no longer needed.
- Your research area of expertise, technical skills and retraining requirements
- Any awards, publications and conference presentations you have been associated with
- Professional memberships
- Languages written and spoken
- If you attend our events, we may have dietary requirements and accessibility arrangements stored on file, although these are deleted when no longer needed
- Depending on social media privacy settings, you might give us permission to access information from those services for example when you publicly tag us in a photo.
- On occasion we may use legitimate interest to process photographs where it is not practical to gather and maintain consent such as large-scale events. On such occasions we will make it clear that this activity will take place and give you the opportunity to exercise your rights.
All Daphne Jackson Trust staff take responsibility for keeping this personal information as up to date, accurate and secure as possible and all have been trained in data protection.
We do not source information about you from anyone but you.
4. How do we use your information?
We use your information solely for the purposes of furthering the objectives of the Daphne Jackson Trust. For example:
- If you are a fellow or an applicant, we’ll use your information to administer this process.
- If you attend one of our events or ask us a question, we will use your information to respond accordingly.
- If you are connected with the Trust in some other way (such as a peer reviewer or employee/volunteer), we’ll use your information for the specific purpose involved.
We don’t use your information for marketing or fundraising, but we may send you information from time to time with updates about the Trust and events we are running. You can choose not to receive this by letting us know at any time (see section 9 in this document).
We store your personal data just for the intended purposes of the Trust. We don’t pass it on to other organisations without letting you know. We collect only the minimum amount of information necessary and keep it only for as long as necessary, after which it is deleted or destroyed in line with our Data Retention Policy. Generally, we keep information concerning our fellows indefinitely. For other personal information, we keep it for 5 years, during which time, if we haven’t heard from you, we’ll delete it on your behalf.
5. What other information could we hold?
The Daphne Jackson Trust may also collect and receive:
- Billing and other information: if you donate or leave a legacy to the Daphne Jackson Trust, we may collect and store the billing address, credit card information or other payment methods provided to us. If you leave a legacy to us, we may use information regarding next of kin that you may have provided us to administer this.
- Service usage information: from time to time, we conduct surveys and interviews with individuals and organisations from the sector. We will explain any specific privacy notices as part of the activity, should it differ from this privacy notice.
- Website traffic: we store some information to enable us to see how popular pages on our website are. This typically involves assessing aggregated information, such as IP addresses. Analysing this information allows us to tailor our services better.
- Device information: we may collect information about the device you are using to access our services such as the type of device it is, the operating system you are using, its settings, application IDs / unique identifiers and cache data. Whether we collect some or all of this information depends on what type of device you are using and its settings.
6. How do we protect the security of your information?
The Daphne Jackson Trust takes security seriously. We take physical, managerial and technical measures to protect the information you provide to us from loss, misuse, and unauthorised access, alteration or disclosure. This includes using physical locks, access restriction, encryption and password protection where possible and practical for us to do so. These steps take into account the sensitivity of the information and the current state of technology.
Please note that the Daphne Jackson Trust uses third parties like Google Analytics for website analytics. You may opt-out of third-party cookies from Google Analytics on its website.
8. When can we share and disclose your information?
For the majority of the time we do not share the information with other organisations. However, on rare occasions, we may share some limited information specific to the activity we are undertaking. Where practically possible, we will tell you about such instances as they occur. For example, if you attend a Daphne Jackson Trust Conference, we may share your name, the organisation you work for and accessibility or dietary requirements with host building. This is to ensure we meet safety and security measures as well as catering for your specific needs. In such cases, the information is shared securely only for that event and is destroyed afterwards.
The Daphne Jackson Trust may also share information with others, subject to a Data Sharing Agreement:
- With third party service providers and agents: we may use third party payment processors and mailing houses to process information and undertake our activities.
- To comply with laws: such as legal or regulatory requirements and to respond to lawful requests, court orders and legal process.
- To enforce our rights, prevent fraud and for safety: to protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud.
9. Your right to object to the way in which we process your information
Under GDPR, you have rights over how the personal information we hold about you is handled. These include your right to:
- access the information we hold about you;
- ask us to stop contacting you;
- amend your information or have inaccurate information changed;
- delete your information;
- change your preferences (for instance if you would prefer us to only contact you about certain things or restrict what information we have about you);
- object to the way we process your information, including anything not mentioned above.
You can do this by contacting the Daphne Jackson Trust via DJMFT@surrey.ac.uk or any member of the team (https://daphnejackson.org/about-us/meet-the-team/). We will action your request within 1 month or sooner, providing there is no reasonable reason we cannot comply.
If you have any questions about this Privacy Notice or practices, please contact us via DJMFT@surrey.ac.uk. If you prefer not to use email, you can contact us via:
The Daphne Jackson Trust
Department of Physics
University of Surrey
Telephone +44 (0)1483 689166
10. How do I report a concern about how you have used my data?
If you feel we haven’t handled your data properly, please do contact the Chief Executive of the Daphne Jackson Trust, Dr Katie Perry, and we will do everything we can to rectify the problem. If you feel this doesn’t go far enough, or if you want to report your concern elsewhere, you can contact the Information Commissioner’s Office: https://ico.org.uk/concerns/
11. Changes to this Privacy Notice
We may change this notice from time to time, details of which will be displayed here. If you continue using our services after those changes are in effect, you agree to the revised notice.