Welcome to Aegis Trust’s Privacy and Cookies Policy

1. Hello, we’re Aegis Trust, 15 Bridge Street, Newark, Nottinghamshire, NG24 1EE, United Kingdom (“Aegis Trust”). This policy sets out how we handle your personal data. When we say ‘we’, ‘us’ or ‘Aegis’ it’s because Aegis Trust owns and runs the following web Sites: Aegis Trust websiteKigali Genocide MemorialGenocide Archive of RwandaGenocide Research Hub. 
2. If we say ‘policy’ we’re talking about this privacy policy. If we say ‘user terms’ we’re talking about the rules for using each of the Sites. The rules vary by product and each product makes them separately available and seeks consent to them separately to this policy.

What kind of personal information do we collect?

4. We collect certain personal information about visitors and users of our Sites.
5. The most common types of information we collect include things like: user-names, member names, email addresses, IP addresses, other contact details, survey responses, payment information, transactional details, tax information, support queries, forum comments, content you directly consent to us making available on our Sites (such as quotes, photos orinterviewsas well as web analytics data. 

How do we collect personal information?

6. We collect personal information directly when you provide it to us, automatically as you navigate through the Sites, or through other people when you use services associated with the Sites.
7. We collect your personal information when you provide it to us: create an account (e.g. Genocide Research Hub), make an online donation, respond to campaigns, appeals or competitions; volunteer or fundraise on our behalf; subscribe to a newsletter or email list; contribute content for use on our website (such as an interview); submit feedback; fill out a survey; or send us a communication.
8. Except where permitted by law, we will never collect sensitive personal data about you without your consent.

Personal information we collect about you from others

8. Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. In particular:
1. Financial and/or transaction details from payment providers located in the UK, and US in order to process a transaction;
2. Third party service providers (like JustGiving or Virgin Money Giving) who are located in the UK, which may provide information about you when you link, connect, or login to your account with the third party provider and they send us information such as your registration. The information varies and is controlled by that service provider or as authorized by you via your privacy settings at that service provider.

Why do you need my details and how do use them?

9. We will process your personal information in accordance with our obligations under applicable data protection laws and regulations, particularly for the following reasons:
a) to administer your donation or support your fundraising, including processing Gift Aid;
b) to provide you with information you have asked for;
c) to comply with applicable laws and regulations, and requests from statutory agencies
d) for our own internal administrative purposes, and to keep a record of your relationship with us;
e) to provide you with information about us, our fundraising campaigns, our services, and any other information, products or services that we provide or provide access to (and manage your communication preferences in this regard and more generally);
f) to ensure that content from our website is presented in the most effective manner for you and for your computer/mobile device; or
g) to improve our service by contacting you for feedback.
h) To operate the site, verify identity when logging into an account, respond to any issues or monitor activity to ensure compliance with the user terms of that Site.
i) Where you give us consent:
1. providing you with updates about our work and campaigns; and
2. providing you with fundraising related information.
j) For purposes which are required by law, or responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.

When do we disclose your personal information to others?

10. We will disclose personal information to the following recipients:
1. entities that are part of Aegis Trust which are located in the UK, Rwanda or other locations where Aegis has charitable operations;
2. subcontractors and service providers who assist us in connection with the ways we use personal information (as set out above), in particular: website hosting providers; technical and engagement support services; analytics services and payment processing services.
3. our professional advisers (lawyers, accountants, financial advisers, etc.) which are located in the UK, Rwanda;
4. regulators and government authorities in connection with our compliance procedures and obligations;
5. other recipients where we are authorised or required by law to do so.

Where do we transfer and, or store your personal information?

11. We are based in the UK, with operations in Rwanda and other countries so your data will be processed in the UK and / or Rwanda. In order to protect your information, we take care to work with subcontractors and service providers who we believe maintain high standards of data security compliance.

How do we keep your personal information secure?

12. We store personal information on secure servers that are managed by us and our service providers in the UK and Rwanda. Hard copy files for instance relating to our field work are kept in secure locations. Personal information that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate.

How can you can access your personal information?

13. You can access some of the personal information that we collect about you by logging in to your account. You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. You can also close anaccount you may have with us for any of our Sites at any time. To make an access or correction request, contact our privacy champion using the contact details at the end of this policy.

How can I control my communication preferences?

14. Where you have given your express consent to do so (e.g. if you have subscribed to an e-mail list or have indicated that you are interested in receiving newsletters or updates from us), we will send you communications by email about our work and campaigns.
15. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
16. You also have choices about cookies, as described below. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies some parts of our Sites may not work properly in your case.

What kind of information do you collect for web analytics?

17. When you visit our Sites, there’s certain information that’s recorded which is generally anonymous information and does not reveal your identity. If you’re logged into your account some of this information could be associated with your account. We’re talking about the following kinds of details:
1. your IP address or proxy server IP address’;
2. the domain name you requested;
3. the name of your internet service provider is sometimes captured depending on the configuration of your ISP connection;
4. the date and time of your visit to the website;
5. the length of your session;
6. the pages which you have accessed;
7. the number of times you access our site within any month;
8. the file URL you look at and information relating to it;
9. the website which referred you to our Sites; and
10. the operating system which your computer uses.

Information about children

19. Our Sites are not suitable for children under the age of 12 years, so if you are under 12 we ask that you do not use our Sites or give us your personal information. If you are 12 to 18 years pls, you can browse the Sites but you’ll need the supervision of a parent or guardian to become a registered user. It’s the responsibility of parents or guardians to monitor their children’s use of our Sites.

Information you make public or give to others

20. If you make your personal information available to other people, we can’t control or accept responsibility for the way they will use or manage that data. There are lots of ways that you can find yourself providing information to other people, like when you post a public message on a forum thread, share information via social media, or make contact with another user (such as a third party Author) whether via our Sites or directly via email. Before making your information publicly available or giving your information to anyone else, think carefully. If giving information to another user via our Sites, ask them how they will handle your information. If you’re sharing information via another website, check the privacy policy for that site to understand its information management practices as this privacy policy will not apply.

How long we keep your personal information

21. We retain your personal information for as long as is necessary to provide the services to you and others, and to comply with our legal obligations. If you no longer want us to use your personal information for our work, you can request that we delete or remove your personal information from any lists we may hold. Please note that we will retain information as necessary to comply with the law, prevent fraud, collect fees or resolve disputesThe information we retain will be handled in accordance with this Privacy Policy.

When we need to update this policy

22. We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
23. When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this web page.

How you can contact us

24. If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact our privacy champion in writing to Aegis Trust, 15 Bridge Street, Newark, Nottinghamshire, NG24 1EE, UK; or to info@aegistrust.org
25. We’re really glad you made it to the end of the privacy policy, because knowing this is the best way to understand how your personal information is used and how to best manage it!

If you’re a user or visitor in the European Economic Area these rights also apply to you:

1. For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.

How you can access your personal information

2. You are also entitled to ask us to port your personal information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below.
3. These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent.
4. Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.
5. If you have unresolved concerns you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.

Both personal information and personal data have the same meaning in the context of this Privacy Policy.

Aegis Trust Privacy Policy, effective date 25 May 2018



Cookies Policy

How do we use Cookies?

1. What are cookies?

1.1 Like most websites, we use cookies.  Cookies are tiny pieces of data saved on your computer or mobile device.  There are several types of cookie and they each have different functions or uses.

2. How do you use cookies?

2.1 We use cookies for a variety of reasons:

(a) Essential cookies – these are required for the operation of our website, for example to enable you to log in to secure areas of the website or make use of a shopping cart and e-payment services.

(b) Analytic/performance cookies – these allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

(c) Functionality cookies – these are used to recognise you when you return to our website so that we can personalise our content for you and remember your preferences, e.g. whether you are signed up to email alerts.

(d) Targeting cookies – these record your visit to our website, pages you have visited and links you have followed. We may use this information to make our website and the advertising displayed to you more relevant to your interests, and may share this information with third parties for this purpose.

2.2 The table below provides more information about the cookies we use and why:

Type of cookie Function and further information

Google analytics: This is common performance cookie that many websites use.  It allows us to collect anonymous information about how you and other users use our website and helps us to improve the website.

3. Third party websites and social networks

3.1 If you click on a hyperlink from our website to any third party websites (e.g. if you ‘share’ content from our website with friends or colleagues on social media), you may be sent cookies from these third party websites. They will do so pursuant to their own policies on privacy and cookies.  It’s a good idea to check their privacy policies to fully understand their use of cookies.

3.2 Some of the content on our website is provided by third parties. This includes but is not limited to: Google Maps for interactive mapping, YouTube or Vimeo for hosted video and Flickr for images.  When you visit a page containing content from one of these sites a cookie may be set.  We do not have any control over these cookies and they will be set pursuant to the third party’s own policies on privacy and cookies.

4. Disabling cookies

4.1 By using our website you consent to our use of cookies as updated from time to time and the cookies we use will be stored on your device (unless rejected or disabled by your browser).

4.2 Internet browsers normally accept cookies by default. However, it is possible to set an internet browser to reject cookies.  If you do not accept our use of cookies as set out in this policy, please set your internet browser to reject cookies.  This may impair your ability to use our website so that some features may not work.

5. Changes to this policy and further information

5.1 We may update our use of cookies, and this policy, from time to time, so please check this policy regularly.

5.2 You can find out more about cookies generally and how to disable them at allaboutcookies.org.