JT Group Limited – Data Protection Notice
This is the data protection notice referred to in the various JT Terms and Conditions applicable to our products and services (the “Conditions“). Terms defined in the relevant Conditions shall have the same meaning in this notice unless otherwise defined in this notice.
This notice applies to any natural person (a “data subject” or “you“) entering into a Contract with JT (“we” or “us“) or in relation to whom JT receives personal information in relation to a Contract. We may update this notice at any time.
JT is a ‘data controller’. This means that we are responsible for deciding how we hold and use personal information about you. We are required under the Data Protection (Jersey) Law 2018 and the Data Protection (Bailiwick of Guernsey) Law 2017 (as applicable, the “Data Protection Laws“) to notify you of the information contained in this notice.
It is important that you read this notice, together with any other data protection notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
JT will process your personal information on the following legal bases:
- it is necessary for the performance of a contract to which you are a party (the “contractual necessity” basis);
- it is necessary for compliance with a legal obligation (other than a contract) to which JT is subject (the “legal obligation” basis);
- it is necessary for the purpose of legitimate interests (the “legitimate interests” basis) pursued by JT or a third party provided your interests and fundamental rights do not override those interests;
- if it is necessary to protect vital interests (life and limb) of the data subject or another person (the “vital interests” basis); or
- if it is necessary for any legal proceedings, obtaining legal advice or establishing, exercising or defending legal rights (the “legal proceedings” basis).
The purposes for which (and, in parentheses, the relevant legal bases on which) JT shall process your personal information in relation to the Contract are as follows:
- performing the Contract and providing the Service (legitimate interests and, where the data subject is a party to the Contract, contractual necessity);
- dealing with complaints or enquiries in relation to the use of the Service (legitimate interests);
- assisting the emergency services in an emergency (legitimate interests and, in some circumstances, vital interests);
- debt collection, credit referencing and preventing fraud, theft and other unlawful activity (legitimate interests); and
- compliance with applicable law or orders of a court or other body of competent jurisdiction (legal obligation).
Some of the above bases for processing will overlap and there may be several bases which justify the use of your personal information. We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
If you fail to provide certain information when requested, we may not be able to perform our obligations under the Contract and we may be prevented from complying with our legal obligations. In such circumstances, JT may suspend the Service and/or terminate the Contract.
JT may disclose your personal information to members of the JT Group. JT may also disclose it to external third parties, to include: partners, suppliers, sub-contractors or agents engaged by JT for the purpose of performing the Contract and providing the Service; other parties engaged to perform services for, or on behalf of, JT; persons making a complaint or an enquiry in relation to the use of the Service; the emergency services (if you make an emergency call), including your approximate location; other communications service providers and network operators; credit reference and debt collection agencies; appropriate authorities for the purpose of preventing fraud, theft and other unlawful activity; and commercial partners for joint promotions with that third party. JT may also be required to share your personal information with a third party or body in circumstances where such disclosure is required to satisfy any applicable law or regulatory requirements. Disclosures to law enforcement agencies, regulatory organisations, government bodies or agencies, courts or other public authorities may occur if JT is authorised, or is required, by law to do so. If there is a change (or expected change) in who owns JT or any of JT’s assets, JT might also share personal information to the new (or prospective) owner. If JT does, that party will have to keep the shared information confidential.
JT may need to transfer your personal information to a jurisdiction that is outside of Jersey, Guernsey and the European Economic Area (“EEA”). The EEA consists of countries in the European Union, Switzerland, Iceland, Liechtenstein and Norway: they are considered to have equivalent laws when it comes to data protection and privacy. The laws of the Bailiwicks of Jersey and Guernsey have been deemed “adequate” for the purposes of EU data protection standards. This kind of data transfer may happen if, for example, a member of JT’s Group, a JT supplier or a service provider is based outside Jersey, Guernsey and the EEA, or if you use JT’s services and products while visiting countries outside these jurisdictions. If JT sends your information to a jurisdiction that is not in the EEA or the Channel Islands, JT will make sure that your information is properly protected. JT will also ensure that there is a legal agreement that covers the data transfer. In addition, if the country is not considered to have laws that are equivalent to EU data protection standards then we will ask the third party to enter into a legal agreement that reflects those standards.
JT will store your personal information for no more than 6 years after your Contract has ended.
Under the Data Protection Laws, you will have the right in certain circumstances to:
- request access to your personal information (commonly known as a ‘data subject access request’). This enables you to receive a copy of the personal information held about you and to check that it is being lawfully processed;
- request correction of your personal information. This enables you to have any incomplete or inaccurate information held about you corrected;
- request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You will also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
- object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes;
- request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information, for example if you want us to establish its accuracy or the reason for processing it; and
- request the transfer of your personal information to another party.
If you wish to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, or request the transfer of your personal information to another party, you should contact JT in writing. JT has appointed a data protection officer who may be contacted at email@example.com. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if the request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We do not envisage that any decisions will be taken about you using automated means, however we will notify you in writing if this position changes.
Under the Data Protection Laws, you will have the right to make a complaint at any time to either the Jersey or Guernsey Data Protection Authority, the Island’s respective supervisory authorities for data protection issues.
Your Right to Object
It is important that you understand that you have a right to object to us processing your personal information where we do so exclusively on the basis of legitimate interests. As set out above, this applies to where we are processing your data for the purposes of:
- performing a Contract to which you are not a party
- dealing with complaints or enquiries in relation to the use of the Service
- assisting the emergency services where there is no risk to life or limb
- debt collection, credit referencing and preventing fraud, theft and other unlawful activity
JT Group GDPR programme
The General Data Protection Regulation (GDPR) is a new data protection law that was approved by the European Commission in April 2016 and applies to all EU Member States from 25th May 2018.
JT Group Limited (“JT Group”) has a GDPR programme that is well underway to ensure that we are ready for the new legislation when it takes effect on the 25th of May. For a number of years, JT Group has had a dedicated data protection officer to ensure compliance with privacy obligations who also oversees the implementation of the GDPR
The data protection relationship with JT Group
Dependant on the nature of the services we are providing you, the JT Group of companies may act as a data controller or as your data processor.
When we are acting as data controller (for example, when providing telecommunications services) we will ensure that our personal data processing activities comply with the obligations laid out within the GDPR.
If we are ever processing personal data on your behalf as a data processor (for example, when providing certain managed services) then we will work with you to ensure that the processing is GDPR compliant.
If you are unsure about what data protection role JT Group is playing when providing you with your services, then please contact your account manager for more specific advice.
JT Group privacy programme
JT Group has developed policies, procedures, controls and measures to ensure continued compliance with the GDPR and its principles, including staff training, policy documents, audit measures and assessments.
Ensuring and maintaining the security and safety of personal and/or special category data belonging to the individuals with whom we deal is paramount to our company ethos. JT Group adheres to the GDPR legislation and its associated principles in all processes and functions.
Privacy by design
JT Group has implemented the ‘Privacy by Design’ methodology for product and service development to enable us to ensure compliance with any privacy requirements, in compliance with GDPR.
So, what is a cookie?
A cookie is usually a small piece of data sent from a website and stored in your web browser while you are browsing a website. When you browse the same website in the future, the data stored in the cookie can be retrieved to notify the website of your previous activity.
What are cookies used for?
Cookies are used on more than 90 per cent of sites and serve many functions. For example, they can help us to remember your username and preferences, analyse how well our website is performing, or even allow us to recommend content we believe will be most relevant to you. Certain cookies contain personal information. For example, if you click on ‘remember me’ when logging in, a cookie will store your username. Most cookies won’t collect information that identifies you, but will instead collect more general information, such as how users arrive at and use our websites or a user’s general location. These cookies are divided into the following four categories:
- Necessary Cookies that are essential for the operation of our website.
- Functional Cookies that allow us to remember your preferences.
- Performance Cookies that analyse how our visitors use our websites and to monitor website performance.
- Tracking/Targeting Cookies that allow social media sites and our advertisers to serve you content we believe is relevant to you.
Advertising cookies Advert management system
Third party adverts
Many of the adverts displayed on jerseyinsight.com are generated by third party companies. Some of these third parties use anonymous cookies to track how many people have seen a particular ad, or to track how many people have seen it more than once. The same cookies are also used to track the amount of clicks that an advert has generated, this is used for statistical reporting. The companies that generate these cookies have their own privacy policies, and jerseyinsight.com has no access to these cookies. Third party advertising cookies may also be used to target users with relevant adverts, based on their user habits on jerseyinsight.com.
Turning cookies off in browsers
Please remember that if you do choose to disable cookies, you may find that certain sections of our website do not work properly.
- Click the wrench icon on the browser toolbar and select ‘Settings’.
- Click ‘Show advanced settings’.
- In the ‘Privacy’ section, click the ‘Content settings’ button.
- To enable cookies in the ‘Cookies’ section, pick ‘Allow local data to be set’; this will enable both first-party and third-party cookies. To allow only first-party cookies, pick ‘Block all third-party cookies without exception’.
- To disable cookies, in the ‘Cookies’ section pick ‘Block sites from setting any data’.
- Note there are various levels of cookie enablement and disablement in Chrome. For more information on other cookie settings offered in Chrome, refer to the following page from Google: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647.
Microsoft Internet Explorer 6.0, 7.0, 8.0
- Click on ‘Tools’ at the top of your browser window and select ‘Internet Options’.
- In the options window navigate to the ‘Privacy’ tab.
- To enable cookies, set the slider to ‘Medium’ or below.
- To disable cookies, move the slider to the top to block all cookies.
- Note there are various levels of cookie enablement and disablement in Explorer. For more information on other cookie settings offered in Internet Explorer, refer to the following page from Microsoft: http://windows.microsoft.com/en-GB/windows-vista/Block-or-allow-cookies.
- Click on ‘Tools’ at the browser menu and select ‘Options’, select the Privacy panel.
- To enable cookies, check ‘Accept cookies for sites’.
- To disable cookies, uncheck ‘Accept cookies for sites’.
- Note there are various levels of cookie enablement and disablement in Firefox. For more information, refer to the following page from Mozilla: http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies.
- Click on ‘Setting’ at the browser menu and select ‘Settings’, select ‘Quick Preferences’.
- To enable cookies, check ‘Enable Cookies’.
- To disable cookies, uncheck ‘Enable Cookies’.
- Note there are various levels of cookie enablement and disablement in Opera. For more information on other cookie settings offered in Opera, refer to the following page from Opera Software: http://www.opera.com/browser/tutorials/security/privacy/.
Safari on OSX
- Click on ‘Safari’ at the menu bar and select the ‘Preferences’ option, click on ‘Security’.
- To enable cookies, in the ‘Accept cookies’ section select ‘Only from site you navigate to’.
- To disable cookies, in the ‘Accept cookies’ section select ‘Never’.
- Note there are various levels of cookie enablement and disablement in Safari.