This policy outlines the standards the Cherie Blair Foundation for Women will maintain and adhere in accordance with legal guidance. For more information relating to the Data Protection Act 2018 (General Data Protection Regulation) and with what legal basis we adhere to when collecting data, please refer to our General Data Protection Regulation (GDPR) Policy.
Who we are
The Cherie Blair Foundation for Women (the “Foundation”) enables women entrepreneurs to start, maintain and grow businesses so they can redefine the future for themselves, their families and communities.
The Foundation is a charitable company; it is registered with the Charity Commission (charity number 1125751) and Companies House (company number 06198893). It is also registered with the Information Commissioner’s Office as a data controller (registration number ZA338176).
What we do
The work of the Foundation can be categorised as follows: –
Our entrepreneurship programmes, products and services enable us to work with local partners to provide tailored training and guidance for women entrepreneurs. We also deliver game-changing business apps (for example, HerVenture) and financial training (for example, Road to Women’s Business Growth). As a result, entrepreneurs can transform their businesses – and their futures.
Our Mentoring Women in Business Programme matches women in low- and middle-income countries with male and female mentors around the world. Using our online platform, they work one-to-one for 12 months to share new perspectives, build new skills and take their businesses to a whole new level in line with the Mentoring Code of Conduct.
To help create a world where women and girls can build businesses on an equal footing with men, we advocate for change locally, nationally and internationally. Our expertise, network and experience mean we are perfectly placed to address the systemic and institutional barriers that hold women and girls back.
Through strategic research partnerships, analysis of our impact and qualitative studies involving the women and girls we work with, we reveal the barriers and opportunities facing women entrepreneurs – and build the case for an ecosystem that helps women thrive.
Your personal data and what we do with it
For information on what personal data we collect, how we use it and how long we keep it, please refer to the individual privacy policies below, as appropriate to your relationship with us.
You have various legal rights in relation to the information you give us, or which we collect about you, as follows:
- The right to obtain confirmation that we are processing your personal information (see below our Subject Access Request process);
- The right to access your information (see below our Subject Access Request process);
- The right to have your personal information rectified if it is incomplete or inaccurate;
- The right to have your personal information removed or deleted in certain circumstances, for example when you have withdrawn consent to it being processed and we have no other basis for processing it;
- The right to restrict the processing of your personal information in certain circumstances;
- The right to object to certain processing including the right to not be subject to automated decision-making and the right to object where we are processing your information on the basis of our legitimate interest;
- Where you have provided your consent to the processing, the right to withdraw consent to the processing of your data (without affecting the lawfulness of processing based on consent before its withdrawal); and
- The right to require us not to send you marketing communications.
Please note that the above rights are not absolute and requests may be refused where exceptions apply.
For a more detailed explanation of these rights, please see the Information Commissioner’s guidance.
Subject Access Request
You can ask us to confirm if we are keeping any personal information about you and you can also request to receive a copy of that personal information – this is called a Subject Access Request.
To make a Subject Access Request you will need to provide adequate proof of identity such as a copy of your passport, birth certificate, or driving license before your request can be processed. Please try to be as clear as possible about the information you are seeking, as this will help us respond to your request more efficiently. Once we have received your Subject Access Request and proof of identity, you will receive a response from us within one month.
If you would like to submit a Subject Access Request or exercise any of the other rights referred to above, please email firstname.lastname@example.org with the subject line being SUBECT ACCESS REQUEST [insert date]. Or you can write to The Data Protection Officer at PO Box 60519, London W2 7JU.
If you are not happy with how we handle any of your requests, queries, or concerns, you can contact the Information Commissioner’s Office (www.ico.org.uk), which oversees the protection of personal information in the UK.
Updating your Communications Preferences
We will respect your email privacy. You will not receive unsolicited marketing mail from the Foundation unless you have agreed to receiving communications from us. When contacting you via our newsletter we will always provide an unsubscribe link in the footer of the email. You can unsubscribe from other marketing emails by replying to the sender.
You can turn off HerVenture in-app notifications and/or app email notifications from the Profile section of the app. Please note that from time to time, our app may contain links to and from the websites of our partner organisations or others. If you follow a link to any of these websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check those third-party policies before you submit any personal information to those websites.
While participants are on the programme, they are not able to turn off their email notifications completely, as they contain important programme information. However, users are able to change the frequency they receive notifications by going to their profile settings.
Who do we share your personal data with?
We may also share data as required with advisors and auditors as legally required.
We set out below examples of data sharing. We will only ever share your data in other circumstances if we have your explicit and informed consent.
In Country Partners and Donors
We may share your personal data with partner organisations, which include both in country partners and donors, that work with us to deliver a service you have signed up for. For example, Bank of America supports our Mentoring Women in Business programme as a donor. Similarly, the ExxonMobil Foundation is a donor that has supported the HerVenture,Road to Growth and Road to Finance programmes. We may share case studies with women’s personal data (name and business details) but only if the participant completes the case study consent form. Donors may also receive anonymised data that provides info on the profile of participants, etc.
Our in country partners, include organisations such as the Enterprise Development Centre (EDC) in Nigeria and the Women’s Initiative for Startups and Entrepreneurship (WISE) in Vietnam.
All our partners have to have access to women’s personal data (incl. their names, contact details such as email address and phone numbers, and business information).
For HV: Partners access the HV admin tool to manage the Q&A function within the app. They also use the tool to send out push notifications to women about upcoming project related activities/events and can see women’s contact details in this process.
For R2G and R2F, partners review women’s application forms to R2G and R2F which include all their personal details and details about their business (incl revenue, employees etc). They also see their growth plans and have access to women’s profiles on the R2G and R2F platforms.
For R2L, partners review women’s application forms to indicate their interest for the training and these include their personal details and details about their business (incl how long their business has been in operation and the sector they operate in).
Our partners also use women’s contact details to help us follow up on surveys as part of data collection. During our analysis of data, we share anonymised, summary data with with partners.
Effective 2021, all contracts outline GDPR compliance requirements when working on behalf of the Foundation.. As existing contracts expire or come up for review these will also be edited to reflect GDPR requirements.
Service providers / processors
These include third parties that help the Foundation operate its email service, distribute its newsletter and develop and maintain any of its digital offerings, such as the Foundation’s Mentoring Platform and HerVenture app.
Transfers outside UK
Whilst we are a UK based organisation and your personal information will be stored within the UK, there may be certain circumstances where we will need to transfer your personal information to a destination outside the UK.
It may be processed by staff or third parties who work for, or carry out services on behalf of, the Foundation that operate outside the UK. Such parties may be our donors, delivery partners or our developers with whom we interact to deliver the work of the Foundation. Whenever we transfer your personal information outside of the United Kingdom, we ensure a similar degree of protection is afforded to it by ensuring that we apply appropriate safeguards such password protecting individual documents and files, or by using specific contract clauses approved by the UK.
Law enforcement and regulatory bodies
We may need to disclose your details if required to the police, regulatory bodies or legal advisors. Our regulatory bodies include HMRC, the Charity Commission, Companies House, the Information Commissioner’s Office and the Fundraising Regulator.
How do we keep your information secure?
We take appropriate security measures to protect your data against unauthorised access, alteration, disclosure or destruction. When sharing your data with third parties, we do so securely, including taking the following safeguards:
- PCI DSS standards. We comply with the Payment Card Industry Data Security Standards in relation to debit/credit card payments made on our website to protect financial information from theft and fraud.
- Methods of disposal. Paper documents are disposed of by shredding in a manner that ensures confidentiality.
- Firewalls and encryption. We use industry-standard and up-to-date firewall and encryption technology.
- Secure data transfers. When transferring your data we ensure it is protected by using a secure data transfer site.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our website and any transmission is at your own risk. Once we have received your personal information, we will use adequate procedures and security features to try to prevent unauthorised access.
For more information, please refer to our Record Retention Policy and our GDPR Policy.
The Foundation uses Google Analytics cookies to collect information about how visitors use our website. In addition, the Foundation’s Mentoring Women in Business Platform, accessible via the members only log-in section of our main website, also uses Google Analytics cookies. We use this information to help us improve the Website and the Platform, to remember a user’s choice of font size and to track usage of our Website and Platform.
The Google Analytics Cookies used by both the Foundation’s website and the Mentoring Women in Business Google platform will remain on your computer for a period of up to two years. You may set your browser, or your mobile settings, to block or delete cookies and local storage devices, but if you do so, you may not be able to access certain features of our Website. If you would like to know more about cookies, including flash cookies/local storage devices, the following websites provide useful information: www.allaboutcookies.org or www.youronlinechoices.eu
About the Cherie Blair Foundation for Women
The Cherie Blair Foundation for Women works with women entrepreneurs in low and middle income countries. We work together to enable women entrepreneurs to reach their potential. We are committed to eliminating the global gender gap in entrepreneurship and creating a future where women entrepreneurs thrive.
Since our inception in 2008, we have supported more than 200,000 women to start and grow successful micro, small and medium-sized businesses in over 100 countries.
Training, mentoring, networking, and collaboration are at the heart of our work, deploying technology innovatively to reach and connect with more women worldwide. Our approach opens doors for women entrepreneurs to networks, finance, new markets, investments and opportunities.
As a result, women create a future for themselves, their families, and their communities. In turn, they contribute to more robust economies, global gender equality and a thriving entrepreneurial sector.