MOVEMBER GENERAL PRIVACY
Date of last revision 26 April 2018 v1.0
Movember is committed to protecting your privacy and the confidentiality of any personal data which you provide to us.
The choice of how much information you provide to Movember is yours and of course if you want to use Movember's Services, make a donation, or otherwise participate in Movember programs and events, Movember will require certain information from you in order to provide the services or conduct the programs and events. In order to ensure we adhere to data protection legislation we will only ask for the relevant personal data required to offer you services.
The Data Controller for Movember Europe is based in London, UK:
52-54 Rosebery Ave,
Telephone: 020 7952 2060
Our Data Protection Officer is:
Stuart Read, General Counsel, who can be contacted at email@example.com
How we collect your personal data.
We want to make sure you receive the communications that are most relevant to you, be it through visiting our website or receiving emails, post, phone calls, text, through push notifications on our app, or in person.
We collect your personal data in the following ways:
When you directly interact with us – this could be if you ask about our work; when you set up a Mo Space, sign up and fundraise for our campaigns; purchase Movember products; apply for a job or when you provide your data over the phone, by email, via the website or app, through the post, or in person e.g. at Movember events.
When you interact with us through our partners, for example, the Distinguished Gentleman’s Ride, and have provided your consent for your contact details to be shared with us.
When you interact with us through other third parties – this could be if you provide a donation through a third party such as Just Giving and provide your consent for your personal information to be shared with us.
From other information that is publicly available – in order to tailor our communications and make contact with potential corporate fundraisers and individual donors, we may collect information about you from publicly available sources, such as LinkedIn, Companies House, social media platforms and web search engines such as Google. We may use third parties who collect publicly accessible data as a service to do this ensuring that they are adhering to data protection law requirements in their collection processes before any such data is shared.
Further detail about how we collect your personal data is provided below in relation to the purposes for processing your personal data.
Our purposes for processing personal data
The following sets out all of the purposes of processing of personal data Movember undertakes, setting out how we process your personal data to achieve the purpose:
To keep you informed about Movember fundraising campaigns, our events, health information and news about the Movember Foundation, and the incredible outcomes achieved with the funds raised.
We will ask for your email address to provide this information to you. You will be required to ‘opt-in’ to receive these emails from us and can unsubscribe at any time by amending your account preferences when you are logged in to the website, or by clicking the ‘unsubscribe’ or ‘update email settings’ links at the bottom of emails, or by sending an email to firstname.lastname@example.org. You can also choose to opt-out of hearing from us and other charities through the Fundraising Preference Service provided by the Fundraising Regulator in the UK.
To provide supporters with a Mo Space page to show fundraising activities you undertake along with money raised
We provide our supporters with a personal fundraising hub, called Mo Space, which enables users to showcase their activities, motivations, collect donations and find tools and support for fundraising.
When you sign up to fundraise you will automatically receive daily updates on the amount raised and notified of any new donations made to you. You can limit receiving these emails through your account settings.
We have provided settings on your Mo Space to enable you to limit the public view of your personal data:
Description of Privacy Settings on Mo Space
Your Mo Space page is visible everywhere on Movember.com and is also accessible to website search engines to display in their search results
Your Mo Space is visible everywhere on Movember.com but is hidden from website search engines. This is the default setting for all users.
Limited Movember View
Your Mo Space will only be visible to enable supporters to make a donation to you and to your team members. Your Mo Space is hidden from website search engines and through the main search functionality on Movember.com.
If you are fundraising as part of a Mo Team your Mo Team Captain will be able to access the teams email addresses, you can opt-out of this through the ‘Team Communication’ option in the Privacy section of ‘My Account’.
In some cases the search engines do not re-index their searches so your Mo Space and/or Movember event may still appear on those search engines after you have changed your profile settings. If you have a concern that a particular search engine hasn’t removed your Mo Space and/or Movember event from their search results please contact us at email@example.com and we will contact the search engine directly to request deletion of the reference to your Mo Space and/or Movember event in their search results.
We want our Mo Sistas and Mo Bros to get the most out of using their Mo Space so we will send some helpful emails when you first set up.
We want to encourage your fundraising efforts so we enter all Mo Bros and Mo Sistas who have registered at uk.movember.com into our annual prize draw. We will notify our winners by email. You can choose to opt-out of being entered into the automatic prize draw by emailing firstname.lastname@example.org
To make a donation
You have the option to make your donation anonymously should you choose to, so that the amount of your donation will be displayed on the Mo Space but your name will not be displayed.
If you purchase products or make a donation to a Mo Bro or Mo Sista you may provide Movember with credit card details and other information which will allow Movember to process the transaction. Please note that Movember does not store credit card information.
We can provide you with either a personal or business receipt when you make your donation. We will require an email address to provide this to you.
Gift Aid (UK)
Gift Aid is a scheme you can opt-in to which enables registered charities to reclaim tax on a donation made by a UK taxpayer, effectively increasing the amount of the donation. We will require your name and address to process this which we will only use for this purpose. This information is provided to HMRC (Her Majesty’s Revenue and Customs, responsible for the collection of taxes in the UK) who enable the Gift Aid donation to be made. To ensure the data is accurate we use third parties to cleanse the data before we make it available to HMRC, ensuring access to this data is limited and secure. Further information on Gift Aid can be found here:
We are legally required to retain donor details for 6 years, including Gift Aid information. We have a retention schedule in place to ensure your data is not held for longer than is necessary for this purpose.
Country Specific Provisions
We are required to provide donors’ personal data, names and NIF numbers, to Spanish regulatory authorities on an annual basis. We are required to provide copies of all donation receipts for our German campaign to the Germany regulators in order to satisfy tax requirements. Donors’ name, address plus donation details are provided via our tax advisors in Germany.
To purchase Movember products or merchandise
We will require your contact details as well as payment details when you purchase Movember products or merchandise to ensure we are able to send your purchases to the correct address. If you purchase products or make a donation to a Mo Bro or Mo Sista you may provide Movember with credit card details and other information which will allow Movember to process the transaction. Please note that Movember does not store credit card information. We use Shopify, the online retail platform, to process your orders and payments.
To monitor and ensure optimal outcomes of Men’s Health initiatives funded by Movember
The net funds raised by our fundraisers and donors are committed to programmes supporting prostate cancer, testicular cancer, mental health and suicide prevention and men’s health initiatives run by the Movember Foundation or through our Men’s Health Partners such as Prostate Cancer UK and the Scottish Association of Mental Health.
For projects that are funded within a research framework, we endeavour to ensure that researchers obtain the appropriate research ethics approvals which enable us to ensure that any participants are provided with information as to how their personal data may be processed and who it may potentially be shared with as part of the particular project, before gaining their consent to take part.
It is important that we are able to measure the outcomes of these projects to ensure that funded programmes are world-class and aligned with our strategic outcomes. A key obligation is ensuring that we only receive anonymised data from programmes for this purpose.
We fund most programmes through an open public call for applications, and enable any person to be notified of forthcoming grant opportunities. To enable this, we ask for contact details of researchers to enable us to notify them of opportunities.
We do ask to hear about your experience, mainly through the use of surveys, on the outcomes of our programmes. We do this through either third party or our own websites. Where recipients of Movember programmes choose to provide this direct feedback, Movember will analyse the data to ensure programmes are delivering the resources, information or interventions to improve their health outcomes.
To advertise our work through digital ads
We use Digital Agencies to advertise the work of Movember through digital ads which is achieved using email addresses and cookies (please see below for further information about cookies).
If we send your details to Facebook for this purpose they will be hashed before they are sent, and Facebook only briefly uses the data for matching purposes then deletes it: https://www.facebook.com/ads/manage/customaudiences/tos.php
If you wish to opt out of having your details provided to Facebook or other social media platforms for the purpose of targeted advertising, please contact us at email@example.com
Personal data provided to Movember by partner organisations
We work closely with partner organisations and want to provide you with an opportunity to hear more about the work of Movember through other websites that you may visit in relation to Men’s Health. We will endeavour to ensure our partner organisations gain your consent before any contact details are made available to Movember.
We receive personal data from partner organisations who provide opportunities to fundraise for Movember which we require for audit purposes (see below).
Personal data provided to Movember by fundraising platforms
Movember also raises funds via online fundraising platforms such as Just Giving, Virgin Money Given, BT My Donate and Pay it Forward (Netherlands). Personal data provided on these external fundraising platforms is passed to us to enable us to meet our audit requirements (see below).
To enable you to log into your Mo Space using your Facebook page
When you log in to your Mo Space using your Facebook page you will be asked to provide your Facebook Public Profile, which is always publicly visible on Facebook, and your email address in order to enable this. There is also an option to provide access to your Friend list and Work History should you choose to
To enable you to set up a Facebook Fundraiser to receive donations linked to your Movember fundraising page.
To use this function you will need to be able to login to your Mo Space using Facebook. Once you have done this you will be asked for permission to ‘Manage your Fundraisers’ which enables us to set up a Facebook Fundraiser on your behalf so that you can then view the combined fundraising totals from both your Mo Space and Facebook.
To enable us to send you Push Notifications through the Movember app
We have designed our Movember app to mirror the functionality of the website - so the data protection principles set out in relation to our website also apply to the Movember app, however, we can also provide direct messaging through ‘push notifications’ through the app.
You will be asked to opt in to receiving ‘push notifications’ from us. This allows a smartphone to receive and display social media or text message alerts even the device’s screen is locked. We use a third party mobile engagement platform who we provide your first name and gender with so that our push notifications can be personalised.
We use push notifications to tell you about Movember fundraising campaigns, our events, health information and news about the Movember Foundation, as well as share with you the incredible outcomes achieved with the funds raised. We may also send you motivational messages or suggestions to help you fundraise for the Movember Foundation.
Personal Data processed for employment purposes
We process personal data for employment purposes in line with data protection legislation and employment law obligations. We require personal data when processing candidates’ applications to Movember. For employees of Movember we require personal data and emergency contact personal data which is kept securely and only accessible by HR staff. Direct Line Managers of staff who hold some relevant employment information about their team members or about applicants for employment are directed to take reasonable steps to ensure this personal data is held securely. For tax purposes we are legally required to keep all employment data for 7 years after which we will ensure all personal data is removed from our paper and electronic systems.
We process health data for sickness absence purposes ensuring that appropriate security controls are in place for this processing of ‘special categories’ of personal data, as defined by the General Data Protection Regulation 2018.
We retain personal data related to professional memberships to ensure required accreditations are maintained.
We use external providers for our payroll processing and pension scheme for employees. We have appropriate contracts in place to ensure the security and confidentiality of any personal data provided for these purposes.
We also offer staff the opportunity to meet with an independent financial advisor for pension advice who requires personal data in relation to employees’ pay to provide tailored advice.
For Audit Purposes
Charities are required to be audited every year to ensure our financial statements are free from misstatement, and to ensure our internal financial controls are robust. We are required to make all information available for this purpose but ensure access to personal data is limited by providing view-only access on-site and by removing identifiers where applicable when required to disclose data for this purposes. External auditors are bound by auditing standards which includes controls to ensure they treat as confidential any personal data accessed while carrying out audits. We are also subject to audits by charity regulators in the UK and Europe.
To communicate the performance of Movember to our Board Members and Stakeholders
Where supporters have provided their consent to appear in video clips or to share their personal story, we may present these to our Board Members and Stakeholders as part of reporting our performance. Generally though, any data presented to the Board for performance reporting purposes will be anonymised.
To provide our supporters with fundraising packs
We will require your postal address to provide you with a fundraising pack when you request one. We may also occasionally use your postal address to say thank you for your fundraising efforts.
To enable you to connect fitness tracking devices and apps to support your fundraising activities
As part of Movember’s “Move” fitness challenge, you can connect your fitness tracking device or app (Fitness Tracker) to your Movember account via third party service provider called Human API, Inc, so that your fitness activity data can be shown on your Mo Space fundraising page
We use Human API, Inc, for this purpose as it allows us to offer connections to various fitness trackers through one system so that we can receive data from different types of fitness trackers in a standard format.
When you choose to connect your fitness tracker, you are granting Human API, Inc, permission to access and store all existing Activity Data from your fitness tracker, and the permission to access and store any future Activity Data you may create, until you choose to disconnect your fitness tracker. Human API, Inc, will then share your Activity Data with Movember so that it is visible on your Mo Space. Movember will only access and store Activity Data that was created after you connected your fitness tracker to your Mo Space.
Activity Data includes the activity type, duration, distance, steps, calories, source information (and GPS coordinates in the case of some Fitness Tracker devices) but may change from time to time dependant on the device being used. You can select which Activity Data to display on your Mo Space, or you can choose to automatically post all of your Activity Data from your Fitness Tracker to your Mo Space.
Human API, Inc and Movember will continue to receive your Activity Data unless and until you choose to disconnect your fitness tracker in the My Account section.
When you choose to disconnect your Fitness Tracker, you will have the choice to either:
Disconnect and Keep my Moves
Movember will no longer have access to your future Activity Data recorded by your Fitness Tracker. Movember will still have access to your Activity Data for the purpose of displaying the fitness activities you have chosen to show on your Mo Space. Human API, Inc. will also no longer have access to your future Activity Data, and Movember will send a request on your behalf to remove all of your Activity Data from their database.
Disconnnect and Delete my Data
Movember will no longer have any access to your future Activity Data recorded by your Fitness Tracker and will delete all of your Activity Data from our database. Human API, Inc. will also no longer have access to your future Activity Data, and Movember will send a request on your behalf to remove all your Activity Data from their database.
Please note, we reset this aspect of the Mo Space annually in line with our campaign year so Movember will not be retaining your Activity Data for more than a year if you do not choose one of the options above. Human API, Inc. will continue to have access to your Activity Data after the Mo Space reset. Please contact us at firstname.lastname@example.org to request Movember to send a request on your behalf to remove all your Activity Data from the Human API, Inc. database.
To enable us to communicate with our corporate fundraisers
We actively search for corporate contacts via publicly available information from websites such as LinkedIn and Facebook or by performing Google searches. We will treat corporate email addresses as personal data for this purpose
The following sets out the technical and organisation security measures employed by Movember to ensure your personal data is kept confidential and secure by Movember and our partner organisations / third party suppliers
Lawful basis for processing
For most processing of personal data we will be asking for your consent, however, some processing will be based on legitimate interests or for the purposes of entering into a contract e.g. where we require certain personal data in order to provide a service you choose to use. We would only rely on the lawful basis of legitimate interests where we are assured that we would not be using your data in a way you would not expect taking into account your rights and interests.
Disclosure of Personal Information:
We may disclose your personal information to our suppliers or other external third parties for outsourcing some of the functions and services relating to the purposes for which your personal information may be processed by Movember, for storage and otherwise to enhance our Services. When we contract external services providers, we may provide them with your personal information, but only to the extent required for them to fulfil that contract, or where you would reasonably expect Movember to disclose it to a third party for a particular purpose.
We will not sell your personal information to other parties.
Security & storage of your information:
Movember takes reasonable steps to ensure the security of all information it collects, including that the information is protected from misuse and loss and from unauthorised access, modification or disclosure. For example, your personal information may be stored and maintained in a secure cloud-based environment, which can be accessed only by authorised personnel. Some of these services are hosted by third parties located in Australia and the United States. However, as no data transmission over the internet or information stored on servers accessible through the internet can be guaranteed to be fully secure, we cannot ensure or warrant the security of any information you send to us or receive from us online.
It may sometimes be necessary to transfer personal data overseas, in particular to Australia and the Unites States. When this is needed information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of the General Data Protection Regulation and associated legislation. Wherever your data is transferred, it may be accessed by the courts, regulatory bodies, and law enforcement and national security authorities, according to the laws in the relevant jurisdiction.
Retaining your personal data.
We will retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, audit or reporting requirements. We may also retain your personal data for a reasonable period afterwards to allow us to respond to any follow up enquiries or complaints.
Your rights in relation to personal information:
Your rights in relation to how organisations process your personal data have been significantly enhanced under the new General Data Protection Regulation 2018. The following sets out how Movember will ensure we meet all of these increased rights.
1. The right to be informed
2. The right of access
You may request access to your personal information collected by Movember. Please send an email to email@example.com and we will endeavour to respond as soon as possible and in any event within one calendar month of receiving your request. There may be some legal or regulatory reason why access is denied or amendment refused. If this is so, we will tell you why.
3. The right to rectification
If you believe any of your personal information held by Movember is not accurate, complete or up-to-date, Movember will take reasonable steps to correct the information. You can make a request for rectification verbally or in writing. To request that your personal information be corrected or updated, please send an email to firstname.lastname@example.org We will respond to your request within one calendar month.
4. The right to erasure
Also known as ‘the right to be forgotten’, you can now request for your personal data processed and held by us to be erased, unless there is another legal requirement for us to continue to process that data, in which case this will be explained to you in response to your request. You can request for us to erase your data either verbally or in writing. We will respond to your request within one calendar month.
5. The right to restrict processing
Similar to your right to request erasure of your personal data, you can request we restrict processing where you have issues with the content of the information we hold or with how we have processed your data. In these cases we would only apply the restriction for a certain period of time while we consider your request for doing so. You can request us to restrict processing either verbally or in writing. We will respond to your request within one calendar month
6. The right to data portability
Where technically feasible we will endeavour to provide you with a copy of your personal data in a format that can easily be transferred to another organisation. We will respond to your request within one calendar month. Please note this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
7. The right to object
You have the right to object to us using your data for marketing purposes or where the processing is based on legitimate interests.
8. Rights in relation to automated decision making and profiling
Movember does not process any personal data for automated decision making or for profiling as defined by the Regulation.
Please contact us at email@example.com to exercise any of your rights as above.
If you have a complaint about the handling of your personal information, please write to the address provided above or send an email to firstname.lastname@example.org.
If you are still not satisfied with the outcome of your complaint, you may write to the Information Commissioner’s Office at the following address:
Information Commissioner’s Office
You can also contact the Information Commissioner’s Office using their online form: https://ico.org.uk/global/contact-us/email/
Website Advertising and Analytics:
A pixel is a small amount of code on a web page or in an email notification which is used by organisations to learn how users are interacting with certain web content to help us improve our services and personalize your experience. Pixels use you online identifiers to do this along with an anonymised version of your social media site ID. We cannot see any personal data of individual users, but the collected data are saved and processed by social media sites.
You can amend your preferences or opt-out of website customised ads through Facebook and Twitter below:
Links to other websites
Movember is not responsible for the privacy practices or content of any other website or service that is linked to a Website, or for the privacy practices of any third party social media or other service providers that you can access through a Website. We encourage you to read the privacy policies of those websites or service providers, including, but not limited to, Facebook Fundraisers and Facebook donation functionality, which may require you to provide additional personal information.
The IP Address (Internet Protocol Address) is a unique address that computing devices such as personal computers, tablets, and smartphones use to identify itself and communicate with other devices in the IP network.
Movember uses IP addresses to ensure our users are directed to the correct version of our website dependant on the territory you are accessing our website from. We also use web log information provided through the IP address to understand any issues users may experiences while using our website to ensure a seamless service for our users.
What are cookies?
Cookies are small text files that are stored in your computer’s memory and hard drive when you visit certain web pages. They are used to enable websites to function or to provide information to the owners of a website.
- Analytical purposes: We use analytical cookies that allow us to recognise, measure and track visitors to our Websites. This helps us to improve and develop the way our Websites work, for example, by determining whether site visitors can find information easily, or by identifying the aspects of our Websites that are of the most interest to them. For these purposes, we may store the following:
- the name of the domain from which you accessed the internet
- the date and time you accessed our Websites
- the advert or internet address of the website from which you linked directly to our Websites
- the pages you accessed while visiting our Websites
- the device from which you accessed our Websites
- the location from which you accessed our Websites
In addition, we use a third party service providers, to provide certain analytics services to us in connection with the operation of the Websites, including (without limitation) the collection and tracking of the data and information listed above. We may disclose visitor data, including personally identifiable information, to enable those third party service providers to provide such services. Such data may be sent to those third party service providers and their local overseas suppliers, where the standard of data protection may be lower than the country in which you reside.
Your cookie preferences
- Usage preferences: Some of the cookies on our Websites are activated when visitors to our sites make a choice about their usage of the site. Our Websites then ‘remember’ the settings preferences of the user concerned. This allows us to tailor aspects of our sites to the individual user.
- Functional purposes: Functional purpose cookies store information that is needed by our applications to process and operate. For example, where requests within an application involve multiple stages, cookies are used to store the information from each stage temporarily, in order to facilitate completion of the overall request.
To make full use of our Websites, your computer or mobile device will need to accept cookies, as our sites will not function properly without them. In addition, cookies are required in order to provide you with personalised features on our websites.
Third party cookies
Amending cookie preferences
Our website uses Google Analytics who provide reports on website traffic data to help us understand usage and to ensure we continue to improve your experience when using our website.
You can amend your preferences or opt-out of Google Analytics here: