Privacy Policy

We take your privacy seriously 

The Joint Council for the Welfare of Immigrants is a charity registered in England and Wales (no 1117513) and a Registered Company (no 02700424). This Privacy Policy will explain how our organisation uses the personal data we collect from you when you use our website. 

This policy covers: 

  • What information do we collect?
  • How do we collect data?
  • How will we use your data?
  • How do we store your data?
  • International transfers of your data
  • How long will we keep your data?
  • How can you tell us your communication preferences?
  • What are your data protection rights?
  • Cookie policy
  • Privacy policies of other websites
  • Changes to our privacy policy
  • How to contact us
  • How to contact the appropriate authorities
  • Credit


What information do we collect? 

The information we collect, either directly from you or via third parties (where you have agreed to this), may include: 

  • Name 
  • Address 
  • Email address 
  • Phone number 
  • Contact preferences 
  • Bank account details for setting up a Direct Debit 
  • Bank card details for making payments or donations 
  • Employer details 
  • Taxpayer status for collecting Gift Aid 
  • “Special category” data, such as gender and ethnicity information collected during recruitment that we use to ensure we’re complying with equalities legislation and employment law. 

We may also collect and record any other relevant information you share with us about yourself. We may collect and process data relating to your interactions with us, such as your donations, registration for events or participation in our campaigns.  

How do we collect data? 

We collect the following data: 

  • Personal details you provide when interacting with us. For example, when signing up for our emails, making an enquiry through our website, making a donationbooking onto an event or training course, interacting with emails we send, or applying for a job or voluntary position, you may submit personal information, such as your name, email address, postal address and other contact details. 
  • We may collect contact details for relevant practitioners from publicly available sources, for example the details of immigration law practitioners in the directory of OISC registered practitioners. 
  • We may also collect data via third parties, when you choose to make it available to us. For example, if you make a donation to JCWI via JustGiving or Facebook, and choose to make your personal or contact details available to JCWI, we may collect this data.  
  • We may collect anonymised and aggregated data relating to your usage of this website or interaction with our contentThis may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service usePlease see the section on Cookies, below, for more information.  

How will we use your data? 

We may use your data in a number of ways, including: 

  • To provide you with information or services, and answer queries that you have made to us; 
  • To process donations and payments, and to keep records of these in line with charity accounting practices; 
  • If you have opted in to email communications from us, we may contact you to ask you to take action, to provide you with information or resources we feel may be of interest to you, to ask for you to support our work financially or to promote services and events we provide; 
  • To contact you about our programme of training courses on immigration and asylum law; 
  • To analyse and improve the content and operation of our website; 
  • To analyse and improve our internal practices including our marketing and engagement plans; 
  • To direct advertisements and other communications to other people who may have similar interests or other characteristics to yours; 
  • To tailor advertising that is presented to you on the Internet according to your interests, preferences and other characteristics. 

How do we store your data? 

Your personal information will be held securely and will be safeguarded against any unauthorised use, disclosure, alteration or destruction.  

Although we use appropriate security measures once we have received your personal information, the transmission of information over the internet is never completely secure. We do our best to protect personal information, but we cannot guarantee the security of information transmitted to our website, so any transmission is at the user’s own risk. However, any payment card details (such as credit or debit cards) we receive on our website are passed securely to our payment processing provider according to the Payment Card Industry Security Standards. 

We will never sell or swap your data with any other organisation for marketing purposes.  

Financial transactions which originate on our website are handled by our payment services providers, Stripe (for card payments), GoCardless (for Direct Debits) or PayPal (for one off payments). We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services providers’ privacy policies and practices at  

We may be required to disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also be required to disclose data if it is necessary to do so for the purposes of maintaining adequate insurance coverage, managing risks or for the establishment, exercise or defence of legal claims. You will be informed in writing if a disclosure of your personal data is required under this policy.

Your data may also be available to our website provider to enable us and them to deliver their service to us, carry out analysis and research on demographics, interests and behaviour of our users and supporters to help us gain a better understanding of them to enable us to improve our services. This may include connecting data we receive from you on the website to data available from other sources. Your personally identifiable data will only be used where it is necessary for the analysis required, and where your interests for privacy are not deemed to outweigh their legitimate interests in developing new services for us. In the case of this activity the following will apply: 

  • Your data will be made available to our website provider  
  • The data that may be available to them include any of the data we collect as described in this policy. 
  • Our website provider will not transfer your data to any other third party, or transfer your data outside of the EEA. 
  • They will store your data for a maximum of 7 years. 
  • This processing does not affect your rights as detailed in this privacy policy. 

International transfers of your data 

Some of our suppliers run their operations outside the European Economic Area (EEA) – this may include a country which may not be subject to the same data protection laws as companies based in the UK.  In these circumstances, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law, and appropriate safeguards are in place. 

How long will we keep your data? 

Recruitment  Recruitment data should be held for 12 months from the date an appointment is made. 
Casework and advice  Casework files and records of legal advice and 

proceedings should be held for six years from the date a case is closed. 

Mailing list and subscribers  Mailing list subscribers’ data should be held as long as the subscriber has consented to us holding their data. 
Financial records – including membership payments, donations, and customers.  


Records relating to members and regular donors should be held for seven years from the date they are no longer ‘active’ (e.g. the data membership expires or a direct debit is cancelled).  

Records relating to one off donations and payments, such as purchases from our online shop or payments for training courses, should be held for seven years from the date of the transaction.  

How can you tell us your communication preferences? 

You can let us know when making a payment or donation on our website, or registering for an event, whether and how you would like us to keep in touch with you.  

You can update your preferences, such as unsubscribing, at any time, by following the Unsubscribe link in the footer of our emails, or by contacting us at, by phone on 020 7251 8708 or by writing to us at 

Data Protection Officer
441 Caledonian Road
N7 9BG


If we have collected your data via a publicly available source, for example immigration law practitioners who are registered with the OISC, you can opt out of communications by following the Unsubscribe link in the footer of our emails, or using the contact details above. 

If you have indicated that you do not wish to be contacted for marketing purposes, we will maintain your details on a suppression list to help ensure that we do not continue to contact you for marketing purposes.  However, we may still need to contact you for administrative purposes, including (but not limited to): 

  • Processing a donation you have made and any related Gift Aid; 
  • Providing you with the information you need to participate in an activity or event for which you have registered (e.g., a marathon); and 
  • Explaining and apologising where we have made a mistake. 

Similarly, if your contact details have changed or you think any information we have about you is incorrect or incomplete, you can always update or correct the information we hold about you by contacting us using the details above. 

What are your data protection rights? 

Under data protection law, you have certain rights over personal information that we hold about you. These rights are summarised below.  

Right to be informed: You will be told why we process your data, how long it will be held for and who it will be shared with. This is called ‘Privacy Information’ and it is made available at the time your data is collected.  

Right of Access: You have the right to access your personal data. This is called ‘Subject Access’ and a request for this information should be responded to within one month.  

Right to Rectification: You have the right to request that we correct personal information you believe is inaccurate and any request should be responded to within one month.  

Right to Erasure: You have the right to be forgotten and a request for erasure should be responded to within one month. This right is qualified, however, and does not apply if data must continue to be held in order to comply with other laws, rules and regulations.  

Right to Restrict Processing: You have the right to ask that their data (even if it continues to be held) is not processed or used and requests should be responded to within one month. 

Right to Data Portability: You have the right to obtain and reuse your personal data. If we provide subject access, the data will be in a format that you can access and reuse.  

Right to Object: In some circumstances you have the right to object to the processing of your data. For example, you have an absolute right to stop your data being used for direct marketing. If there is a compelling reason (e.g. a legal obligation) to continue processing your data, we will inform you.  Any objection should be responded to within one month. 

You can assert your rights, raise a concern, or make a complaint about how we process your personal data by contacting our Data Protection Officer using the contact details above. It will be helpful if you explain your request or concern and describe the personal information you are referencing as specifically as possible. In order to action your request, we may need to request further information or request that you provide proof of identity. 

If you are not happy with how we have handled your request or complaint, you can contact the Office of the Information Commissioner, which oversees the protection of personal data in the UK. See for details. 

Alternatively, you may choose to contact the Information Commissioner directly about your complaint, regardless of whether you have raised it with us first. 

Privacy policies of other websites 

Our website contains links to other websites. Our privacy policy relates only to our website, so if you click on a link to another website, you should read their privacy policy. 

Changes to our privacy policy 

We keep our privacy policy under review and will place any updates on this webpage.

This policy was published on 8 December 2020. 

On 26 October 2021 the address of the Data Protection Officer was updated.

On 10 October 2022 a new Cookie Policy was introduced and this policy was updated to reflect this.

How to contact us 

If you have any questions about this policy, the data we hold about you, or you would like to exercise any of your data protection rights, please do not hesitate to get in touch.  

You can contact us by emailing, by phone on 020 7251 8708 or by writing to us at 

Data Protection Officer
441 Caledonian Road
N7 9BG

How to contact the appropriate authorities. 

You can contact the Office of the Information Commissioner, which oversees the protection of personal data in the UK, by visiting  


 This document was created using a template from SEQ Legal (