By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Cookie Policy for more information.

Privacy Policy

Updated 15 December 2023

‍

This Privacy Policy (“the Policy”) explains how and why CAGE processes personal data concerning visitors to its website, subscribers to its mailing list, social media, donors and supporters of its campaigns, and its wider online community building objectives.

‍

The Policy does not cover all of the personal data processing undertaken by CAGE, for example in respect to its case work, legal documentation, human resources and operational logistics. These processing activities are covered by appropriate internal policies and procedures and relevant information is provided to data subjects at the point of collection or otherwise as required by law.

If you have a question about how CAGE processes personal data, whether in accordance with the Policy or any other processing operation, please email contact@cage.ngo.

‍

Data controller

‍

CAGE (CAGE Advocacy UK Ltd) is a limited company registered with Companies House (06397573) having its registered office at c/o Premier Business Centre, 47-49 Park Royal Road, London, NW10 7LQ.

‍

CAGE is the controller of the data covered by the Policy.

‍

CAGE also works with service providers who process data under its instruction, and which may in some situations act as controllers of some or all of the personal data that is processed by them in the course of providing particular services. This includes, but is not limited, to the social media platforms on which CAGE is present (see further Data sharing and transfers, below).

‍

CAGE is registered with the UK data protection supervisory authority, the Information Commissioner’s Office (# ZA709332)

‍

‍Guiding principles

‍

CAGE advocates for due process, the rule of law and an end to the injustices of the War on Terror.

‍

CAGE is committed to processing personal data in accordance with the UK Data Protection Act 2018, the UK General Data Protection Regulation (UKGDPR), the Privacy and Electronic Communications Regulations (PECR) (collectively ‘UK Data Protection Laws’) and the EU General Data Protection Regulation (EUGDPR), and to respecting the rights of data subjects.

‍

Any terms mentioned in this Policy will have the same meaning as defined under the Data Protection Laws provided above.

‍

Purposes of data processing

‍

CAGE processes personal data concerning users of its online services and resources for the following purposes:

To maintain the CAGE website and keep it secure
To communicate with you
To build and manage the online community that supports CAGE’s work
To advocate in support of CAGE’s objectives and engage with people on social media platforms
To receive and process orders placed in the CAGE online shop
To enable people to register to attend CAGE events and subscribe to our newsletter
To receive and process donations to CAGE online
To disseminate information and promotional communications from CAGE
To understand how the CAGE website is used in order to assess the impact of its work and improve its communication and dissemination strategies
To keep records that enable CAGE to comply with accounting requirements and statutory obligations

‍

Legal basis for processing

‍

CAGE processes personal data for the above purposes on the following legal bases:

With consent, where data subjects volunteer their personal information and may withdraw that consent at any time, for example in respect to the CAGE mailing list
In its legitimate interests, where CAGE has to process personal data in order to achieve the above objectives and ensures that the processing is necessary, proportionate and does not adversely impact the fundamental rights of data subjects
For contractual purposes, where personal data is needed to enter into a contract or fulfil a particular contractual obligation, for example in respect to its use of online donation platforms
To comply with legal obligations, where data processing is necessary for CAGE to comply with the law or a statutory data retention period

‍

Sensitive (“special category”) data

‍

CAGE does not collect any special category data from users of its online services.

‍

Use of the internet also generates metadata about individuals and their activities which is retained by internet service providers and may be made available to law enforcement agencies and intelligence services. This data can be used to build up a detailed profile of individuals or communities. Those concerned about this kind of surveillance are encouraged to take steps to preserve their privacy, for example by using a VPN or the Tor browser.

‍

Cookies

‍

Like almost all websites, CAGE uses cookies in order to make its website function efficiently, maintain its security, improve user experience, facilitate interaction with third party service providers and understand how users interact with the material on its website.

‍

A cookie is a small file that is stored by your browser or elsewhere on the hard drive of your computer, subject to user preference. Detailed information about how cookies work is available from allaboutcookies.org.

‍

The website CAGE uses the following type of cookies:

Necessary cookies, which are required to enable the CAGE website to function and remain secure
Statistics cookies, which help CAGE understand how visitors use its website by collecting and reporting anonymised information
Marketing cookies, which are used to track visitors across websites in order to tailor advertising.

‍

The CAGE website also allows its users to share content using social media buttons. Posting information to social media platforms results in the controllers of those platforms collecting personal data about the account owner and their online activities (see further Social media, below).

‍

Opting out

‍

With the exception of the necessary cookies, visitors to the CAGE website can disable the cookies used by the CAGE website by configuring their internet browsers to block cookies. Individuals using different devices in different locations will need to ensure that each browser is configured according to their preferences. Please note that if browser settings are configured to block all cookies (including necessary cookies), some of the services provided by the CAGE website may not be available.

‍

Internet users may also be able to configure their browser to prevent website owners tracking their web usage using the Do Not Track (DNT) function (see allaboutdnt.com). The CAGE website honours DNT requests.

‍

Even if you block analytics and targeting cookies and set your browsers to DNT, information about your web usage may still be collected by Google Analytics. Google has produced a specific Google Analytics Opt-out Browser Add-on, which you should install if you wish to try to prevent Google collecting this kind of data about you.

‍

If you have signed up to receive information about CAGE’s work by email and no longer wish to receive this material, you can opt-out by using the unsubscribe link provided in CAGE’s email communications or by submitting a request to contact@cage.ngo.

‍

Information security

‍

CAGE takes reasonable steps to protect personal data against loss, misuse, and unauthorised access, alteration, disclosure or destruction.

‍

CAGE also undertakes checks on the service providers and processors it uses to ensure that they have implemented adequate information security controls in respect of the data provided by CAGE or via the CAGE website.

‍

Information transmitted across the internet remains vulnerable to unauthorised access. The transmission of such data is therefore at the individual’s own risk.

‍

Data sharing and transfer

‍

CAGE works with carefully selected third party service providers and affiliates which perform tasks, including the processing of personal data, necessary for the organisation to meet the objectives set out above. Wherever possible, CAGE does not allow service providers to use personal data provided by CAGE or via its website for their own purposes or to disclose it to other third parties. CAGE also verifies that these service providers store personal data in the EU and only transfer it outside of the EU in accordance with EU law. A list of third-party service providers and affiliates to which data may be transferred is available on request using the contact details below.

‍

In some instances, service providers may act as controllers of some or all of the data that is provided in order for them to provide a particular service. This is more likely to be the case when the services are provided by an external website or application, for example where CAGE uses social media platforms (see further below).

‍

CAGE will never sell personal data and will refuse to comply with law enforcement requests for access to personal data concerning users of its online services that it believes to be unwarranted, and unless legally prohibited or unable to do so, will notify the data subjects concerned. Third party service providers may also be compelled to disclose data for purposes other than which it was collected.

‍

Social media

‍

CAGE uses social media and social networking to increase the reach and impact of its work. Personal data processed by social media platforms is subject to the terms and conditions of the platform owners, which may act as controllers of that data. Individuals who engage with CAGE’s social media accounts should check the relevant terms, which are subject to regular change, to understand how their data may be used.

‍

CAGE has accounts with the following social media platforms:

X, used in accordance with X’s Privacy Policy
Facebook, used in accordance with Facebook’s Data Policy
YouTube, used in accordance with YouTube Privacy Guidelines
Instagram, used in accordance with Instagram’s Privacy Policy
Telegram, used in accordance to Telegram's privacy policy
TikTok, used in accordance to TikTok's privacy policy.

‍

CAGE’s social media accounts and pages are managed by CAGE staff members.

‍

External websites

‍

The CAGE website includes links to other websites which may also collect personal data about users or deploy cookies on their devices subject to their own data processing and privacy policies. CAGE has no control over the operation of other websites and while it seeks to ensure that all external links point only to responsible data controllers, external links are followed at the user’s own risk.

‍

Data retention

‍

CAGE retains personal data only as long as it is needed for the purpose for it was collected. CAGE may keep data for longer if it is under a legal obligation to retain it or to maintain necessary records for legal, financial, compliance, or other reporting obligations. CAGE may also retain data about the use of its online services for statistical analysis or research purposes.

‍

Data Subjects Rights

‍

Individuals whose personal data is processed by CAGE have the following rights in accordance with UK and EU data protection law:

The right to be informed as to whether CAGE holds data about them
The right of access to that information
The right to have inaccurate data corrected
The right to have their data deleted
The right to opt-out of particular data processing operations
The right to receive their data in a form that makes it “portable”
The right to object to data processing
The right to receive an explanation about any automated decision making and/or profiling, and to challenge those decisions where appropriate

‍

To make a subject access request or complaint contact contact@cage.ngo or write to:

Managing Director
CAGE
Premier Business Centre
47-49 Park Royal Road
London NW10 7LQ

‍

Requests can be submitted at any time. CAGE will respond to any such requests in accordance with UK data protection laws and the EUGDPR.

‍

Data subjects may also be entitled to lodge complaints in regard to data processing or the handling of subject access requests with data protection supervisory authority in their country of residence. In the UK the relevant supervisory authority is the Information Commissioner’s Office. For data subjects covered by EUGDPR, relevant supervisory authority names and contact details are listed here.

‍

Changes and revisions

‍

Should CAGE make changes to this Policy, the date and nature of the change will be indicated below.

‍

Should the change have a material impact on the handling of personal data, CAGE will contact the data subjects to inform of the changes and where appropriate seek their consent.

‍

Revisions

‍

The Policy was published on 15 December 2023, replacing an earlier iteration.

‍