Privacy statement for clients and customers of Islamic Council

Islamic Council is committed to protecting your privacy.

This Privacy Statement sets forth our current privacy practices regarding the information we collect when you or your computer interact with Islamic Council and all our initiatives. 

By accessing our services including our online services and our website, you acknowledge and fully understand our Privacy Statement and freely consent to the information collection and use practices described in this Privacy Statement.

In this Privacy Statement references to “we”, “us” and “our” are to Islamic Council and all our initiatives. References to “our Website/s” or “the Website/s” are to Islamic Council and all our initiatives. 

As a “data controller” we are responsible for deciding how we process personal data about you. We take your privacy seriously and we are fully committed to protecting your personal data at all times. We will only process your personal data in accordance with applicable data protection laws, adhering to the principles (as applicable) contained in the GDPR.

Islamic Council does not share personal data with any other organisation for marketing purposes and we do not sell personal data. 

We have written this privacy statement to inform you about why we collect and use personal data when you share it with us, in what circumstances we may share your personal data with another organisation, and your individual rights with regard to your personal data.

We are committed to being fully open and honest to you about why we collect and use personal data. This is the right thing to do and it will also help you understand and exercise your rights over your personal data.

Our Data Protection Officer (DPO) is responsible for ensuring that this privacy notice is maintained.

That post is held by Dawood Drankai, the Case Operations Manager. 

What information we collect and how

The information we collect online and offline may include the following:

• Your personal details you knowingly provide us with through forms and email, such as name, address and/or telephone number etc.
• Your IP Address. This is a string of numbers unique to your computer that is recorded by our web server when you request any page or component on the Website. This information is used to monitor your usage of the Website.
• Data recorded by the Website which allows us to recognise you and your preferred settings. This saves you from re-entering information on return visits to the site. Such data is recorded locally on your computer using cookies.
• If you consent to and go through a case booking process with us and you proceed past the initial enquiry stage, then we will gather more information on you through any assessment processes and forms we have in place. – for more information on this you may want to refer to our Data Protection and Privacy Policy

When we might gather personal information

We have 5 points of information gathering during an application process that involves personal data

1. Initial enquiry forms
2. Any case booking forms and file upload functions that may ask for more data
3. Recordings and notes from telephone conversation as part of case bookings and case operations
4. Meetings and interviews
5. Any compliance checks we may need to process

Type of information gathered

1. Basic contact and identifier details collected via Initial enquiry forms
2. More comprehensive personal information gathered as part of case bookings and case operations
3. Meetings, interviews and queries we may have with regards to cases over the phone or via online or in person meetings.
4. More comprehensive or special category data e.g., health, criminal records, financial data etc. that might be gathered as part of case operations.

Legal basis for gathering personal data

Data may be captured for purposes set out in our Data Protection and Privacy Policy, such as:

• To enable the effective and fair operation of adjudication, reconciliation and giving advice, including arriving at conclusions.
• To enable the effective operation of any other Islamic Council operation or work, in line with relevant laws and regulations.

How long we hold Information

We may hold information for a period after its use has been fulfilled and this also includes closing any cases that were opened with us.

The following information shows the different categories of client or customer personal data we hold and how long we hold that data:

• Personal data shared with us that has not resulted in a case being opened – anonymised and archived after 12 months for historical research and statistical purposes in accordance to Article 5(1)(e) GDPR
• Personal data or more comprehensive or special category data shared with us that has a case open with us – anonymised and archived after 3 years for historical research and statistical purposes in accordance to Article 5(1)(e) GDPR
• Any records relating to payments including invoices and receipts – permanently deleted after 6 years

How we hold personal data

Islamic Council holds personal data on the following storage devices and services for data that it captures:

1. A Customer Relationship Management software
2. A user interface environment
3. An online meeting service
4. A cloud based data storage server
5. Physical storage devices
6. Physical storage of printed files, paper documents and hand written notes and letters

What we do with your personal information

We use information gathered to provide clients and customers with the best possible service.

Additionally, we use cookies and the data you give us to build a statical picture of the service we offer or to keep in contact with you throughout the process. This includes holding online or in person meetings, making telephone calls and sending messages to the numbers and contacts that you provide.

Cookies

Our website uses cookies for statistical analysis, to improve user experience, to monitor user behaviour and to alter information presented to users based on their preferences. Any information gathered by our use of cookies is compiled on an aggregate, anonymous basis. We do not otherwise track any information about your use of other websites. We will not share your data with any third party.

Most web browsers automatically accept cookies; however, you may delete, or disable cookies in your browser settings.  Please note that you may not be able to take full advantage of a website if you disable cookies.

Analytical research

Google Analytics/Double Click

• Our website uses Google Analytics, a web analytics service provided by Google. The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers.
• Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity, and providing other services relating to website activity and internet usage.
• Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
• Further information about Google’s privacy policy may be obtained from http://www.google.com/privacy.html.
• We use Google Analytics remarketing codes to log when users view specific pages or take specific actions on the website. This allows us to provide targeted advertising in the future.
• If you do not wish to receive this type of advertising from us in the future you can opt out using the DoubleClick opt-out page http://www.google.com/settings/ads/onweb#display_optout

Facebook

• If provided, your email address may be used to create custom audiences on Facebook.
• Custom audiences are used to deliver advertisements to website visitors on Facebook based on email addresses. We do this to target other customers through pre-defined criteria set by the marketing platform.
• We use this data in accordance with Facebook’s Data Use Policy which can be found under: http://www.facebook.com/about/privacy/.

Your rights

You may make a formal request for access to personal data and/or special category data that we hold about you at any time. This is known as a Subject Access Request. Such a request must be made in writing, and we must respond within one month. Please note that under the GDPR we are permitted to extend the one-month period for responding by an additional two months where, in our view, your request is complex or numerous in nature.

Under certain circumstances, by law you also have the right to request:

1. To have your personal data corrected where it is inaccurate
2. To have your personal data erased where it is no longer required. Provided that we do not have any continuing lawful reason to continue processing your personal data, we will make reasonable efforts to comply with your request:
3. That your personal data be transferred to another person
4. To restrict the processing of your personal data where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending, or you require us to keep it in connection with legal proceedings; and
5. To object to the processing of your personal data, where we rely on legitimate business interests as a lawful reason for the processing of your data.

You also have the right to object where we are processing your personal information for direct marketing purposes.

We have a duty to investigate the matter within a reasonable time and take action where it is deemed necessary. Except for the purposes for which we are sure we can continue to process your personal data; we will temporarily stop processing your personal data in line with your objection until we have investigated the matter.

If we agree that your objection is justified in accordance with your rights, we will permanently stop using your data for those purposes. Otherwise, we will provide you with our justification as to why we need to continue using your data.

We keep our privacy statement under regular review and we will place any updates on this web page. If material changes are made, we will place a prominent notice on our website.

This privacy statement was last updated on November 2023.

If you have questions regarding information, we hold about you or our Privacy Statement, its implementation, failure to adhere to this privacy statement and/or our general practices, please contact our Data Protection Officer.

Email: [email protected]

Post: Data Protection Officer, Islamic Council, Floor 3, London Muslim Centre, 92 Whitechapel Road, London, E1 1JQ