Privacy Policy

Who we are

Muslim Youth Network is a not-for-profit organisation in England and we are also a company limited by guarantee. 

We envision a community of Muslim youth who are inspired by revelation, grounded in reality, and who have the resolve to act and make a difference.

We seek our vision by sharing our values, engaging society, providing faith-inspired experiences, and developing a generation of principled leaders.

Using your details 

We at Muslim Youth Network highly value your privacy and understand that this is an Amanah (Islamic trust) upon us. Therefore, we aim to be as transparent as possible about why we need your details when you support us in our mission and how we will use them. Below is our privacy policy which explains why and how MYN processes a users details in the following: Website visitor, Email subscriber for updates, Registration for our events and donors & supporters for our work. 

When we get in touch ?

When you give us your details e.g. subscribe to receive email updates or register for our events, you may receive follow up information from us relevant to this activity, such as resources and details for an event or age-relevant projects if you consent to sharing your age with us. We will also contact you about our current and upcoming projects and other ways to support us by mailshots and newsletters because of you subscribing.

We make it very easy for you to opt out at anytime from our marketing. We aim to communicate with you in a way that keeps you involved with us as you see the impact of your support, therefore we will act according to your instructions – please notify your preferences with us via email by requesting an update profile form which tailors your email content based mainly on age group/educational status which can be found in all our emails. Alternatively you can just contact us via our website and write to us your communication preferences from there.

Sharing details – NOT 

We assure you that you will not receive offers from other organisations as a result of you sharing your details with us.

We may need to share some information with our service providers to help prepare and send communications or process your donations and other responses. However, these organisations will not use your details for their own purposes and will keep your details secure, and delete it when no longer needed. But some of these organisations may ask you to subscribe to them in which case this is your decision and extends beyond our remit an example of this financial detail processing by platforms such as GoCardless, LaunchGood and Stripe who process your financial data on our behalf when you make donations or register to paid events.

Details – What and Why ?

There are 3 main categories of details that we collect for different purposes should you share details. We ask for your:

  • Basic personal information: Name, email and age/educational status (pictures may also be taken depending on the event but we will ask for your consent)
  • Financial details: Card details for Direct-debit or one off payments in addition to your billing address 
  • Postal address: Postcode and street name 

These are the reasons we ask for the above information:

  1. We know how to address and contact you for our events and projects and sending tailored content based mainly on age/educational status as most of our projects are based on this categories (pictures will be used for publicity purposes)
  2. You can financially support our work on a consistent or one-off basis   
  3. We can deliver merchandise that you have chosen or as a gift

Occasionally, we may ask you to re-verify your details to ensure that they are up to date in our systems to receive the relevant marketing and for your support to continue. This will be done once a year by an email which have an update profile form link for you to choose your preferences.

Collecting details – How ?

MYN may collect your personal data in the following circumstances:

1) When you give it to us DIRECTLY

E.g. make a donation, register for our events, communicate via email, physically attend events, subscribe to our mailing list and informing one of our members directly (e.g. in person or by messaging platforms such as WhatsApp and Telegram)

2) When you give it to us INDIRECTLY

E.g. donate online via GoCardless and organisations such as LaunchGood . These independent third parties provide access to your non-financial data to MYN in order to provide you an update of the many projects you are supporting. If for example you contribute large donations through these online donating platforms we may choose to contact you for secondary purposes such as being a more regular supporter or receiving discounts from future paid events. However, this non-financial data will only be shared with us given your consent which can be given during the transaction procedure. 

Sometimes your personal data is collected by an organisation working on our behalf, but as they are acting on our behalf we are the “data controller” and responsible for the security and proper processing of that data.

3) When using MYN Social Media

We may obtain your information through your use of social media such as Facebook, Twitter or LinkedIn, depending on your settings or the privacy policies of these social media and messaging services. To change your settings on these services, please refer to their privacy notices, which will tell you how to do this. Examples of this could be tagging our pages or liking and commenting. 

4) When information is publicly available

We may obtain information about individuals who may be interested in giving major gifts to charities or organisations like MYN. In this scenario, MYN may seek to find out their interests and motivations for giving through publicly available information. This information may include newspapers or other media coverage, open postings on social media sites such as LinkedIn, and data from Companies House. MYN will not retain publicly available data relating to major donors without their consent, which will be sought at the earliest practical opportunity.

Legal Requirement

We will comply with legal requests where disclosure is required or permitted by law (for example to government bodies for tax purposes or law enforcement agencies for the prevention and detection of crime, subject to such bodies providing us with a relevant request in writing).

Your data is only processed outside the EU where MYN has verified that appropriate standards and safeguards are in place an example of this is the U.S. crowdfunding platform, LaunchGood.

Keeping personal information – Length ?

We will hold onto your basic personal information for as long as is necessary for the relevant activity unless requested otherwise by yourself via email in person or telephone at which point the necessary activity will cease. Please see below our data retention policy which states other reasons for holding personal data and how long for. 

Opting Out/Changing information 

If you wish to stop or change how we communicate with you or update/delete the details we have of you, please email us via the following address:

You can also opt out of our emails by clicking on the unsubscribe link within any of our emails. Please bear in mind that some of these changes may take a week to occur. You can also request an update profile form to change your preferences for mail content, this will be available via small link in all our emails for you to click on.

Information security ?

We have appropriate technical controls in place to protect your personal details.  For example, our online forms are always encrypted and our network is protected and routinely monitored.

We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors.

We use external companies to collect or process personal data on our behalf. We do comprehensive checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they collect on our behalf, or have access to. We have a robust partner monitoring framework to ensure these contractual obligations are met.

How to make complaints about this policy or raise privacy concerns?

If you would like more information or have any questions about this policy, please contact our team by email at [email protected].

You also have the right to make a complaint direct to the UK’s data protection authority, the Information Commissioner’s Office (ICO). The ICO can be contacted at: https://ico.org.uk/global/contact-us/

Concerns can be also be logged via the ICO website.

For more information on how we are accountable for data, please see our Accountability Statement.

Changes to MYN privacy policy?

This Privacy Policy may be updated from time to time so you may wish to check it each time you submit personal information to MYN. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please do not continue to use the MYN website to submit personal information to MYN. If material changes are made to the Privacy Policy we will notify you by placing a prominent notice on the website.

DATA RETENTION POLICY

Overview

A Data Retention Policy form outlines the period of time information can be held. Data shall be maintained for as long as there is an operational need.

Purpose

This policy addresses the requirements surrounding Data Retention as set out by the General Data Protection Regulation (GDPR) and how MYN meets its obligations to individuals and the law regarding the retention of personal data.

Scope

This policy specifically applies to:

  • Staff, volunteers, consultants, contractors and, as appropriated, partnership organisations, partner staff and third parties
  • Records that are created, handled, stored or processed by MYN

Policy

This document sets out our policy for the disposal and retention of records. It applies to all records, both in paper and electronic form. Personal data shall not be kept for longer than is necessary for a given purpose.

Data Storage Guidelines

All sensitive personal data is stored on a secure database or password protected files, to which only a limited number of relevant staff have access. It is deleted when no longer relevant or requested by yourself, is never shared with third parties without permission, and is available to you at any point should you wish to see it.

Data Retention Period

Six years as standard; exceptions apply where appropriate and this may change in future policy revisions based on new HMRC regulations (you will be notified as part of privacy policy update stated previously). We are aware that gift aid donation receipts must be kept for 6 years as part of HMRC standard and this is a legal obligation therefore must be retained for this period even if you do not provide us with consent.

Author

Talha Hanzala 

MYN Admin team 

ACCOUNTABILITY STATEMENT

At MYN, we regularly review our data protection policies, staff guidance and practice. By doing this, we ensure that we continue to be compliant with the law. It also means that our intended processing remains clearly explain, necessary and transparent. When Consent is required, we gather it in accordance with the law, and always consider the Rights of others before proceeding. Data is only shared by us where we have a defined purpose to do so and a data sharing agreement is in place. We welcome any enquiries from the public with regards to any personal information that we may hold.

On a regular basis, we assess the risks associated with processing data to ensure we are upholding the Rights and Freedoms of each individual. Before choosing to process data in a new way, we carry out thorough risk assessments. We maintain extensive records of our processing which includes incident logs. This helps us to measure our compliance and identify any weaknesses in our procedures.

We also monitor case law and the guidance of the ICO and EDPB. We are constantly reviewing our security measures (both technical and physical) and ensuring that appropriate safeguards are in place. We implement the Principle of Least Privilege (PoLP) to limit access to data to the minimum required to perform each role in the organisation. We also train our staff on the essentials of data protection.

Last updated: 03/04/2021

Scroll to Top