Who we are
We are The John Ray Initiative, a registered UK charity. Our website address is: https://www.jri.org.uk. JRI runs the Christian Rural and Environmental Studies course and this has its own website https://www.cres.org.uk
What personal data we collect and why we collect it
The JRI Contacts Database
JRI maintains a contacts database for individuals who
- have signed up to receive our news and updates mailings
- are Members and Associates of the John Ray Initiative
- attend JRI and CRES events
- are current and former students and tutors of the CRES course
This information is used to keep individuals informed as per their requests – it is organised to show geographical location preferences and the preferred methods for contact (email, post, telephone). Information is only obtained from the individuals themselves. For organisations, contact information may be obtained from public sources (e.g. an organisation’s website). JRI does not share this information with any third party, and it is only used in accordance with the charitable purposes of the charity.
Specific to the CRES Course
The IP address and location of site visitors are recorded for the purpose of analysing site usage. No personal data is stored or discovered by JRI from this process.
At present no comments to posts are permitted on the JRI website.
The CRES website has a private ‘Member Zone’ containing posts, pages, resources and a discussion forum. Access to these parts of the CRES website is restricted to registered users of the site. Registration is available to current CRES students, tutors, course administrators and individuals permitted access by the CRES Course Director. Registration requires declaration of the status of the site user, and agreement to the Terms and Conditions for use of the site. The site is moderated and inappropriate comments are taken down, with users registrations being revoked if necessary. CRES site users set up their own profiles and manage their own passwords; this data is held only within the website. CRES passwords are not stored outside the WordPress CMS, and are not accessible to any other user, including administrators.
Visitors to the website can download and extract any location data from images on the website. Many images are subject to copyright restrictions and we request that these are respected.
The website includes the option to contact JRI via a contact form. This form requests email and name details only. The email which is generated from this form is held within the email system only and nothing is added to any database unless the contact form specifically requests this action.
Embedded content from other websites
In general it is JRI practice to only provide links to external material rather than embed content.
Who we share your data with
Data is not shared with any third party. A request to JRI for a contact with a person known to be connected to JRI is passed to the person for their own response, it is not actioned by JRI staff.
Data is not received from any third party.
Data is not used with any automated decision making or profiling process.
How long we retain your data
Data is held until it is no longer useful for the purposes for which it was recorded. The charity maintains a historical record of who attended conferences and events, and who contacted JRI and for what purpose. Personal contact details are maintained for those who are current mailing recipients, members and associates. JRI strives to keep this information up to date.
What rights you have over your data
You can request to receive a copy of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we hold your data & how it is protected
The data is held online in a secure server at a UK location. Some data is held on laptop hard drives used by JRI staff. The security and use of these devices has been audited and use is secured by means of
- passwords and encryption to the devices
- passwords and encryption to files and folders
- protocols to govern how data is accessed and used
- regular security maintenance procedures to ensure that the most up-to-date software is being used
Data breach procedures
If JRI considers that a data breach has occurred then all individuals who may have been affected by the breach will be notified immediately, stating the nature of the breach, the data which may have been compromised, the actions being undertaken by JRI to secure the data held, the review process, and any action which may be required by the individual.
If individuals cannot be directly contacted then posts will be made on the website and via social media (Facebook and Twitter) to advise of the situation.
The mailing database is processed using Mailchimp. The mailing list has been set up using GDPR protocols provided by Mailchimp which include
- options within every email sent to update details or to unsubscribe from the list
Our contact information
The John Ray Initiative may be contacted about General Data Protection Regulation matters by email using this link. Please use the subject line: GDPR
To contact by post please write to The JRI Administrator, The John Ray Initiative, City Works, Alfred Street, Gloucester, GL1 4DF
This policy was last reviewed and updated in OCTOBER 2018