Data Protection and GDPR

As you are probably already aware, the European Union has introduced new legislation regarding data protection. From 25 May 2018, all organisations storing or using the information of any EU citizens must adhere to these standards. It’s called the General Data Protection Regulation (GDPR), and it is pretty serious stuff. We’ve spent a lot of time getting to grips with what GDPR means for JENGA as an organisation as well as you as a JENGA supporter. After all, this is your data we’re talking about. We’ve done our best to take the heaps of information we’ve received and break it down into easily digestible pieces for you to understand. We want you to be comfortable with how we store and utilise your personal information as well as what powers you hold.

Before we get into the nitty-gritty details, we wanted to clarify a few things about JENGA that we think might be helpful. Firstly, it’s important to note that JENGA isn’t just one, single organisation. (Understanding the complexities of JENGA’s network will help to clarify exactly where your data is going – hang with us!)

JENGA currently only serves the needy and disadvantaged people of one country, Uganda. But the arms of JENGA extend much further, with supporters throughout Europe, Australia, North America, and the world over. JENGA officially registered as an NGO in Uganda in 2005 (JENGA Community Development Outreach), with a sister charity being set up in the UK two years later (JENGA Community Development Outreach UK). JENGA UK acts to support JENGA Uganda by helping with fundraising and providing accountability and administrative functions. These two officially registered charities partner with other organisations in the UK, Australia and the USA to assist with the processing of international donations, to raise awareness of JENGA Uganda’s work and to champion the growth and success of the organisation.

We tell you all of this because we want you to understand that some of your information may be passed along to our trusted JENGA partners who actively engage in supporting JENGA’s work. We will never sell your personal information for any reason.

If any of the information here feels unclear, or if you’re uncomfortable with something we’ve shared, please let us know! We want you to have complete assurance that JENGA really is keeping your information safe. It is also important to know that you can request for any of your information to be deleted at any time. Please just get in contact with us and we will walk you through the process.

For more specific information on how we use and store your data, please see below.

There are a number of different ways that JENGA may obtain your email address. For example, if you subscribe to our newsletters, send us a general query through the website or fill out a giving form. And while we do store that information, we can make you a few promises about what we will and won’t do with it:

1. We will never add you to any email list without your explicit consent.
2. We will never share your email address with anyone in exchange for money or other types of compensation.
3. We will keep your data stored as safely and securely as we can, holding your email addresses on either Mailchimp’s secure database, via our protected email accounts or on our accounting software. (If you’d like to know more about Mailchimp’s privacy policy, please click here.)

Having access to your email address allows us to keep you up to date on requested JENGA news, or to reach out to you about issues with your donations, contact information and/or child sponsorship updates.

As stated above, please note that you can request that we remove your stored information from our databases at any time – just send us an email here. In addition to this, every newsletter we send you includes the option to unsubscribe from our list.

If you interact with us by email, through filling out a JENGA Giving Form or by giving us a call with a question or concern (please do call, we love hearing from you!), JENGA may store your home and/or mobile phone numbers to assist with any future contact.

Just like your email addresses, we promise to only ever use this information for necessary JENGA communication. We won’t share it, abuse it or store it in an unprotected place.

To tell us you have changed your phone number, give us a ring or email us at

We promise to handle your postal address with the same care as all of your other personal data. We do store your address as and when it’s provided to us through online communication, Giving Forms, sponsorship information, etc.

Again, we will never distribute this personal information to anyone outside of JENGA’s network. And don’t worry, you won’t find a new piece of mail from us in your letterbox every week. We will only use your address for important JENGA correspondence, like mailing child sponsorship updates, donation information and our annual Christmas card.

We may very occasionally send you information about a specific appeal or fundraising event, but won't do this more than once in each calendar year. If you would prefer not to receive these, please just send us an email.

If you move house, please do let us know your new address! We'd hate to send post to the strange people in your old house! You can either give us a call or send an email to

We know that your financial information is sensitive, and we want to assure you that we treat it with the care it deserves. If we handle any of your financial information (bank account details, donation amounts, data relating to gift aid and tax or anything else that would be deemed ‘sensitive’), we promise to keep it safe.

If you decide to donate to JENGA, we will store your financial information for a period of 7 years. You can ask us to ‘forget’ any other personal information, but we are legally required to keep financial data for this period of time. We use Data Developments' ‘MyGiving Online’ and ‘Finance Coordinator’ to hold this information, all of which is stored either on their PCI DSS compliant servers or on a secure and password protected JENGA computer.

We make sure that the only people who have access to these financial records are those who require that access – namely our UK finance team, Ugandan accounts team, and UK trustees and coordinator. We will never pass any financial information on to anyone who is not directly involved in JENGA’s accounting and fundraising practices.

There are many different ways to give to JENGA, some of which are outside of our influence. Please see below for the privacy policies of our most commonly used finance partners:

Privacy Policy - Data Developments
Privacy Policy - Just Giving
Privacy Policy - PayPal
Privacy Policy - iZettle

Finally, if you would like some more extensive privacy protection information, you can read our full privacy policy. Please feel free to download it here.

JENGA has always been outspoken about just how much we love hosting volunteers. They add so much to our ministry! We also feel quite strongly about ensuring the safety not only of those who serve with us, but also the people of Mbale that they’ll be interacting with during their time in Uganda. Therefore, JENGA does require extensive information from our potential volunteers during their application process.

Before arriving in Mbale, JENGA may request access to personal and detailed information including, but not limited to, physical address, phone number, work history, a recent DBS check, a copy of your passport, etc.

This information is never shared. We promise to only request what is necessary and to only keep it as long as is required.