The Joseph Levy Foundation is an independent grantmaking trust. We are a charity registered in England and Wales - charity number 1165225.

We are committed to protecting your data and privacy.  To do this we follow the laws and regulations that apply in the UK.  These are currently:

  • the EU General Data Protection Regulations (GDPR).
  • the applicable data protection legislation which includes the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003. 

This privacy notice tells you what to expect when we collect your personal information.  It tells you how we will use the information and the rights you have in relation to this.

Who looks after your personal information?

Your personal information will be held by the Joseph Levy Foundation (JLF).  More information about JLF can be found at

Your Personal Data

What do we need?

Under the terms of the Data Protection Act 1998 and GDPR 2018, JLF is what is known as the ‘Controller’ of the personal data you provide to us.  We will ensure we comply with all the protection these regulations give you. 

  1. We may need to collect your basic personal data (name, address, telephone number and email address).
  2. We may also collect information about your organisation and its employees and stakeholders including, where applicable, your directors, trustees, office addresses, email addresses, phone numbers and bank details.
  3. We do not gather information and statistics for the purpose of monitoring website usage e.g. via Google Analytics. 

Why do we need it?

We need to collect your basic personal data in order to assess your grant applications, award grants effectively, pay grants promptly and monitor the impact of our grants.  We ask for your contact details so that we can be sure the application is genuine and to provide us with a point of contact. 

We are not able to process an application without this personal information.

Under the GDPR, JLF processes personal data on the basis of:

  1. where we have your specific consent to use your personal information for a specific purpose (for example, where we contact you by email).
  2. where we process your personal information for our legitimate interests (or those of a third party) in relation to our grantmaking and other charitable activities.
  3. where the processing of personal information is necessary to perform a contract with you (for example, where we have commissioned you to provide us a service).
  4. Where the processing of personal information is necessary to comply with a legal or regulatory obligation that applies to us (for example, in some instances, we may be required to share your information with the Charity Commission, Information Commissioners Office, other regulators or law enforcement agencies) or to use your information for due diligence or ethical screening purposes.

Why do we process your information?

We process your information for the purpose of:

  1. Dealing with your enquiries and requests.
  2. Administering application records.
  3. Maintaining information as a reference tool to develop grant making policy.
  4. Meeting statutory requirements in providing information to auditors for example, plus contractors or consultants or other professionals assisting with or advising on any of our business needs.
  5. For research and analysis purposes – this may include inviting you to participate in surveys or research related to our work.
  6. For our charitable purposes (for example, where we tell stories to explain our objectives and the work we do). 
  7. For the provision of services or administration (for example, preparing reports about our work).
  8. Notifying you about changes or updates to our services or our funding processes.
  9. Carrying out fraud prevention (and money laundering checks), undertaking credit risk activities and in relation to legal claims we take or defend.
  10. Safeguarding those who work for or with us (or we otherwise engage with).
  11. Processing and administering your application for a job (or to volunteer).

What do we do with it?

When you apply for a grant we will collect, process and store some personal data that relates to, and identifies you.  The information you provide to us will be transferred to, and held in, our customer relationship management (CRM) system.

This information includes, but is not limited to, your name, address, telephone number and email address, and any other information collected on making an application to the extent necessary to process your application, and manage any grant that we award.

All the personal data we collect is processed by our staff and trustees in the UK.  We use cloud-based data storage which means that, as part of the services we offer to you, the information you provide to us may be processed and stored in countries or international organisations outside of the European Economic Area (EEA). 

If we transfer your information outside of the EEA in this way, and the third country or international organisation in question has not been deemed by the EU Commission to have adequate information protection laws, we will provide appropriate safeguards and we will be responsible for ensuring your privacy rights continue to be protected as outlined in this notice.  

Where does the processing take place?

We process your data at our offices.

Who will see your data?

Your information may, for the purposes set out in this Privacy Policy, be disclosed for processing to:

  1. Our employees
  2.  Our Trustees
  3. Third party consultants, contractors or other service providers who may access your personal information when providing services (such as IT support services and external advisers) to us.
  4. Government bodies and law enforcement agencies and in response to other legal and regulatory requests.
  5. Meeting statutory requirements in providing information to auditors for example, plus contractors or consultants or other professionals assisting with or advising on any of our business needs.

We may also publish the names of some organisations that have received grants from us in our annual report and accounts and/or on our website.

How long do we keep it?

We will retain your data for the time needed to assess your application, the duration of any grant award that may be made to your organisation, the duration of any grant management function that may arise from your application and for as long as we may need to analyse data to inform future grant making policy/processes.  The minimum retention period will normally be seven years after the end of any grant funding period.

Information security
We believe that we have appropriate policies, rules and technical measures to protect the personal data which we have under our control (having regard to the type and amount of that data), from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss.

All of our employees and data processors who have access to, and are associated with, the processing of your personal information are obliged to respect the confidentiality of your information.

We ensure that your information will not be disclosed to government institutions or authorities except if required by law or when requested to by regulatory bodies or law enforcement organisations.

Please be aware that communications over the Internet, such as emails/webmails are not secure unless they have been encrypted.  Your communications may route through a number of countries before being delivered.  We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

What are your rights?

If at any point you believe that the information we process about you is incorrect you may request to see this information and have it corrected or deleted.  If you wish to raise a complaint on how we have handled your personal data, you can contact our offices and we will investigate to resolve the matter.

If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complain to the Information Commissioner’s Office (ICO).

Under the General Data Protection Regulation (GDPR) 2018, you have a number of rights in relation to your personal information including:

  1.  The right to access the personal information we have about you. Individuals can find out if we hold any personal information by making a ‘subject access request’ (SAR) under the GDPR.
  2. The right to ask us to correct personal information that is wrong or incomplete.
  3. The right to ask us to stop using or delete your personal information.
  4. From 25 May 2018, you will have the right to receive any personal information we have on you including: our purpose for processing your personal data, our retention period for that personal data, and who it will be shared with.  This is called ‘privacy information’.

How do we collect data?

Visitors to our website

We do not currently use cookies.

We do not currently collect individual data about the users of our website.

People who email us 

We monitor all emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

People who make a complaint to us 

When we receive a complaint from an individual, we will hold details of the complaint and the identity of the complainant and any other people involved in the complaint.

We will only use the personal information we collect to resolve the complaint and to check on the level of service we provide.

Organisations applying for a grant 

We collect personal information about individuals when they make enquiries or apply for a grant or donation from JLF.  Information is given to us over the phone or by email or by post.

Any personal information provided in the application is used only for assessing the grant application and the ongoing administration and management of any grants that are awarded. 

We publish information about successful projects on our own website, including the amount of grant awarded and the organisation that received the grant with a link to their website.

Information of unsuccessful applicants is held strictly for historical purposes.

Links to other websites
This privacy notice does not cover the links within this site linking to other websites.  We encourage you to read the privacy statements on the other websites you visit.

JLF is not responsible for the content or security of external websites.

The content of this website is the copyright of the Joseph Levy Foundation.  

If you wish to copy, republish, retransmit, redistribute or make available material from our website, please seek our prior consent. 

If you wish to use our logo, please contact us at

In no event will JLF be liable for any damages whatsoever arising out of or related to this website.

This website is designed with the aim of accessibility for all users.  If you come across any pages or features which do not work correctly or view correctly, please let us know at

Changes to this privacy notice
We will keep our privacy notice under regular review. This privacy notice was last updated on 23 July 2020.

How to contact us
If you want to request information about our privacy policy you can email us at or write to us at our offices:

Joseph Levy Foundation
1 Bell Street