Privacy Policy | The Jewish Agency - U.S.Privacy Policy

THE JEWISH AGENCY FOR ISRAEL

Privacy and Data Protection Policy and Notice

Table of Contents

  1. WHICH INFORMATION MAY WE COLLECT?
  2. HOW DO WE COLLECT PERSONAL DATA ON USERS OF OUR SERVICES?
  3. WHAT IS THE PURPOSE OF PERSONAL DATA WE COLLECT
  4. SHARING DATA GATHERED BY THE JEWISH AGENCY WITH THIRD PARTIES
  5. WHERE DO WE STORE YOUR DATA?
  6. INTERNATIONAL DATA TRANSFERS
  7. DATA RETENTION
  8. SERVICES AND WEBSITE DATA COLLECTION AND COOKIES
  9. SECURITY AND STORAGE OF INFORMATION
  10. DATA SUBJECT RIGHTS
  11. GENERAL
  12. MINORS
  13. CHANGES TO THIS PRIVACY POLICY

 

The Jewish Agency for Israel (“The Jewish Agency“, “we“, “our“, “us“) respect the privacy of its partners, affiliates, Olim and Aliya candidates, Shlichim, program participants, beneficiaries, volunteers, donors, employees, and site visitors as well as website users and visitors of social media pages managed by us, and any other individuals with whom we interact (“you“, “your“, “they“, “User“, or “Data Subjects“) and is committed to protect the personal information that they share with it. We are transparent about our practices regarding the information we may collect and use when you use, express interest or participate in the Services (as defined below), apply for a position, are employed by us, visit our websites or otherwise engage with us, and describe our practices in this policy and notice.

The Jewish Agency is committed to fostering a strong and enduring connection between Jewish individuals worldwide and Israel. Through a diverse range of programs, we strive to strengthen Jewish identity and community bonds.. To achieve its missions, The Jewish Agency sends Israeli emissaries (Shlichim) to Jewish communities around the world to educate about Israel and create a personal connection to the Jewish State; offers volunteer initiatives in which Israeli and Diaspora Jews collaborate to support vulnerable populations, both Jewish and non-Jewish; provides services to individuals immigrating to Israel; offers Israel Experience programs through its subsidiaries or partner organizations, such as Masa Israel Journey and Birthright Israel; supports at-risk children, the elderly, and other vulnerable groups in Israel through educational, recreational, and residential programs; and operates or funds various initiatives that provide opportunities for Jews to connect, collaborate, and build meaningful relationships – whether through shared living experiences, professional engagements, or community programs. The Jewish Agency also supports at-risk children, the elderly, and other vulnerable groups in Israel through educational, recreational and residential programs (all together the “Services“).

Individuals making use of these Services are entitled to protection for their data as described in this policy and notice (the “Privacy Policy“). A User may be either an individual using or interested in using the Services in their private capacity or an entity representative. In addition, we collect personal data from individuals, or individuals provide personal data when using the Services, at our sites, websites, in the course of employment or candidates for staff positions, and others. This Policy also describes The Jewish Agency’s practices for collecting, using, maintaining and processing information.

Users who wish to engage with us or to use our Services may be asked to provide The Jewish Agency with certain information including Personal Data and sensitive information as further detailed in this Privacy Policy. The Jewish Agency’s use of this information in connection with the Services will be undertaken in accordance with this Privacy Policy and The Jewish Agency’s Terms of Use.

Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

For the purposes of the EU General Data Protection Regulation (“GDPR“), US State Privacy laws, and other data protection laws, to the extent any of these are applicable, The Jewish Agency will generally be regarded as a data controller (or , Data Owner etc).

1. WHICH INFORMATION MAY WE COLLECT?

Summary: we collect various categories of personal data in order to fulfill our Services, meet our contractual obligations, and also to meet various legitimate interests, such as optimization, fraud prevention and marketing
Data we collect about you prior to, from, and in relation to your use of the Services.

We collect and process non-identifiable and anonymous information, and also collect several categories of personal data (“Personal Data“), including sensitive personal data , through your use of the Services. Personal Data which is being gathered consists of any details which are personally identifiable and which are provided consciously and voluntarily by you or on your behalf, or by an organization you represent or are associated with or through your use of our website and registration to, participation and use of our Services, by email, or other ways in which you communicate and interact with us. This may include your, and your spouse and dependents’, name (first and last), nickname, birthdate, gender, nationality, job title, phone number(s), identification number, gender, department you work in, national security number, address, country, city, postcode, email and other contact details, family status, your bank account, credit card and other such payment and billing details, credentials regarding the right to work in your jurisdiction, employment history, vocational and academic skills and qualifications, interests and preferences, preferences concerning Aliya and Israel, information regarding your health including any physical or mental health conditions and allergies and other information you may choose to provide to us directly or that we independently collect or receive about you with connection to the Services. The Jewish Agency may also collect the email addresses of people who communicate with us via email or via messenger services or other social media platforms or create accounts and login credentials.

When using our websites or online platforms we manage, we may obtain location data related to the geographic location of your laptop, mobile device or other digital device information on which The Jewish Agency’s websites or platforms are used.

In some circumstances you may not have a legal obligation to provide information to us. However, we require certain information in order to provide the Services or to process your requests. If you choose not to provide us with certain information, we may not be able to provide you with the Services.
We do not sell or share your Personal Data with third parties, except as described in this Privacy Policy (for more information see section below titled: “Sharing Data gathered by The Jewish Agency with third parties”).

2. HOW DO WE COLLECT PERSONAL DATA ON USERS OF OUR SERVICES?

Summary: we collect Personal Data when you or your organization send it to us, or when a vendor, distributor or other business partner or affiliate, sends it to us; we collect Personal Data through our website and Services, and through our interactions with you.

There are two main methods we use:
We collect Personal Data required to provide the Services. When you register interest, or when you provide us information in meetings, conferences, programs, events, through surveys, by entering it manually through online forms or automatically, or when you otherwise engage with us, or when information is provided to us by third parties, affiliates, and related organizations.

We collect Personal Data through your use of our websites. In other words, when you are using a website or an application, we are aware of it and may gather, collect and record the information relating to such usage, either independently or through the help of third-party services as detailed below. This may include technical information and behavioral information such as the User’s Internet protocol (IP) address used to connect your computer to the Internet, your uniform resource locators (URL), operating system, type of browser, browser plug-in types and versions, screen resolution, Flash version, time zone setting, the User’s ‘click-stream’ on the website, the period of time the User visited the website, methods used to browse away from a page, and any phone number used to call our customer service number. We likewise may place cookies on your browsing devices (see section ‘Cookies’ below).

3. WHAT IS THE PURPOSE OF PERSONAL DATA WE COLLECT?

Summary: we process Personal Data to meet our contractual and legal obligations, protect our rights, and fulfill our organizational goals.

We will use Personal Data to provide and improve the Services and meet our contractual, ethical and legal obligations, including for example:
Processing which is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract:

  • carrying out our obligations arising from any contracts entered into between you and The Jewish Agency and/or any contracts entered into between a Customer and The Jewish Agency and to provide you with the information, products and Services that you request from The Jewish Agency;
  • administering your file with The Jewish Agency;
  • verifying and carry out financial transactions in relation to payments you make in connection with the Services;
  • contacting you for the purpose of providing you with technical assistance and other related information about the Services;

Processing which is necessary for the purposes of the legitimate interests pursued by The Jewish Agency or by a third party of providing an efficient and wide-ranging Service to users:

  • notifying you about changes to our Services;
  • soliciting feedback in connection with the Services;
  • replying to your queries, troubleshooting problems, detect and protect against error, fraud or other criminal activity;
  • contacting you to give you information and inviting you to take part in other programs offered by The Jewish Agency and or its subsidiaries, affiliates or third parties. We do this based on our legitimate interests in marketing our services and those of our affiliates;
  • contacting you to inform you of additional services which may be of interest to you. We do this based on our legitimate interests in marketing our services;
  • taking pictures or use the photographs you appear in and their various derivatives if you participate in our programs or events of any kind and publish them for all our needs, including marketing, advertising, resource mobilization and more. Materials used include printed and online deliverables, social media, press releases, donation requests, and more. We do this based on our legitimate interests in promoting the programs and the events held by The Jewish Agency and the services we provide;

Processing which is necessary for compliance with a legal obligation to which The Jewish Agency is subject:

  • compliance and audit purposes, such as meeting our reporting obligations in our various jurisdictions, and for crime prevention and prosecution in so far as it relates to our staff, members, facilities etc.
  • for security purposes and to identify and authenticate your access to and use of the Services;
  • if necessary, we will use Personal Data to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies as required by law, to collect debts, to prevent fraud, infringements, identity thefts and any other service misuse, and to take any action in any legal dispute and proceeding;

Personal Data which you provide us may be combined with personal data which may be provided by other sources, all of which will be used for the purposes set out above.

4. SHARING DATA GATHERED BY THE JEWISH AGENCY WITH THIRD PARTIES

Summary: we share Personal Data with our service providers, partners, related organizations and affiliates, and authorities where required.

We may transfer Personal Data to:
Related organizations, subsidiaries and affiliates
This includes: any member of our group, which means our subsidiaries – whether wholly or partially owned by us, in the EU, in Israel, in the US and elsewhere, as well as our joint-venture partners who support our processing of Personal Data under this Privacy Policy. It also includes affiliates or other partners through which we provide our Services. For example:

  • Masa
  • Israel Experience
  • Israel Tech Challenge
  • Onward
  • Birthright
  • Daroma Tzafona Tikun Olam
  • Youth Futures (Potchim Atid)
  • Olamit
  • Various funds, related organizations, other entities with whom we collaborate to achieve our purposes etc.

For avoidance of doubt it is hereby clarified that this Policy is the policy of The Jewish Agency and not of its subsidiaries or other affiliated entities.

Third Parties
We transfer personal data to third parties in a variety of circumstances. We endeavor to ensure that these third parties use your data only to the extent necessary to perform their functions, and to have a contract in place with them to govern their processing on our behalf. These third parties may include business partners, suppliers, affiliates, agents and/or sub-contractors for the performance of any contract we enter into with you. They may assist us in providing the Services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, analyzing data, providing IT and other support services, supporting the use of artificial intelligence (AI) and related tools, or in other tasks, from time to time. These third parties may also include analytics and search engine providers that assist us in the improvement and optimisation of our website and our marketing.

We periodically add and remove third party providers. At present our third-party providers to whom we may transfer personal data include also the following:

  • Salesforce and other CRM software
  • Google Analytics and other website and platform analytics tools
  • Marketing software
  • Enterprise Resource management software
  • Call Center system
  • Visitors Registration system
  • Project Management system
  • Recruiting and applicant management software
  • Human resource management software
  • Travelling services and insurance companies
  • Israeli Governmental offices
  • Payroll management services
  • Survey companies
  • Microsoft 365
  • Azure Data warehouse
  • Social Media platforms (e.g Meta (Facebook), Instagram etc.)
  • Data security, data backup, and data access control systems

In addition, we may disclose your personal data to third parties: if we are under a duty to disclose or share your personal data in order to comply with any legal or audit or compliance obligation, in the course of any legal or regulatory proceeding or investigation, or in order to enforce or apply the terms of a contract we have with you or for you; or to protect the rights, property, or safety of The Jewish Agency, our staff and Customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.

For avoidance of doubt, The Jewish Agency may transfer and disclose non-personal data to third parties at its own discretion.

5. WHERE DO WE STORE YOUR DATA?

Summary: we store your Personal Data across multiple locations globally.
We may keep Personal Data in a database which will be owned and controlled by The Jewish Agency. The information we collect is hosted on internal data centers and Cloud, including also: Microsoft Azure, Salesforce, Egnyte, Oracle (Eloqua), Google Drive and Amazon Web Services.

6. INTERNATIONAL DATA TRANSFERS

Summary: we transfer Personal Data within and to the EEA, USA, Israel and the rest of the world, with appropriate safeguards in place.

Personal Data may be transferred to, and stored and used at, a destination outside your location, such as the European Economic Area (EEA) that may not be subject to equivalent data protection laws to those of your location. Where your information is transferred outside your location, we will take all steps reasonably necessary to ensure that your information is subject to appropriate safeguards, and that it is treated securely and in accordance with this Privacy Policy. The Jewish Agency transfers data from its various locations and jurisdictions to other jurisdictions as follows:

  • To Israel. The Jewish Agency headquarters are based in Israel. Israel is considered by the European Commission to offer an adequate level of protection for the personal data of EU Member State residents;
  • To the United States of America; where we transfer personal data of European persons to the USA, we will do so pursuant to one of the bases described in EU data protection laws, such as the EU-US Data Privacy Framework, standard contractual clauses etc.
  • Within the EU.
  • To other locations as necessary for the provision of our Services.

We may transfer your personal data outside your location, in order to:

  • Store or backup the information;
  • Enable us to provide you with the Services and fulfil our contract with you;
  • Fulfil any legal, audit or compliance obligations which require us to make that transfer;
  • Facilitate the operation of our organization, where it is in our legitimate interests and we have concluded these are not overridden by your rights;
  • To offer our Services across multiple jurisdictions; and
  • To operate our organization, subsidiaries and affiliates in an efficient and optimal manner.

7. DATA RETENTION

Summary: we retain Personal Data according to our data retention policy, as required to meet our obligations, protect our rights, and manage our organization.

The Jewish Agency will retain data it processes only for as long as required to provide the Services and as necessary to comply with its legal obligations, resolve disputes and enforce its agreements. Data will be kept in accordance with applicable best business practices and legal obligations.

Please note that some data will not be deleted and shall be kept in an anonymized manner. Some metadata and statistical information concerning the use of the Services are not subject to the deletion procedures in this policy and may be retained by The Jewish Agency. We will not be able to identify you from this data. Some data may also be retained on our third-party service providers’ servers until deleted in accordance with their Privacy Policy and their retention policy.

8. SERVICES AND WEBSITE DATA COLLECTION AND COOKIES

Summary: with your consent, we place cookies on your device. You control our use of cookies through a cookie management tool on our websites, or through your device and browser.

When you access or use our Services, we may use industry standard technologies such as Cookies, pixels and similar technologies, which store certain information on your computer or browsing device and which will allow us to identify the computer or device with the user, and to enable automatic activation of certain features, and make your Service experience much more convenient and effortless. We use different types of Cookies: some cookies are strictly necessary, they are required for the operation of our Site and under our terms with you; this includes for example, cookies that enable you to log into secure areas of our Service. We also use analytical and performance monitoring cookies, which allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it. Finally, we use functionality cookies which are used to recognize you when you return to our Site. This enables us, subject to personalize content to your preferences, including for example, your choice of language or region.

Different cookies are kept for different periods. Session cookies are used to keep track of your activities online in a given browsing session; these cookies generally expire when the browser is closed but may be retained for a period on your device. Permanent cookies remain in operation even when you have closed the browser; they are used to remember your login details and password. Third-party cookies are installed by third parties with the aim of collecting certain information to research behavior, demographics. Third party cookies on our site include, for example, Google Analytics. Likewise, pixels from Facebook and others enable integration of third-party service providers (e.g. Facebook, Instagram) on our site. Third party cookies will be retained according to the terms of those third parties, and you can control those cookies in your browser settings.

We use Cookies and other technologies on the basis that they are necessary for the performance of a contract with you, or because using them is in our legitimate interests and these are not overridden by your rights.

Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies your online experience on our website will be limited.

How to disable cookies: The effect of disabling cookies depends on which cookies you disable but, in general, the websites and some services delivered through it may not operate properly, may not recognize your device, may not remember your preferences and so on, if cookies are disabled or removed. However, allowing or disabling cookies is your choice and in your control. If you want to disable cookies on our site, you need to change your browser settings to reject cookies. How you can do this will depend on the browser you use. Further details on how to disable cookies can be found in your browser’s online help center (Google Chrome, Firefox, Safari).

Our websites may, from time to time, contain links to external sites. We are not responsible for the operation, privacy policies or the content of such sites.

9. SECURITY AND STORAGE OF INFORMATION

Summary: we take data security very seriously, invest in security systems, and train our staff. In the event of a breach, we will notify the right people as required by law.

We take great care in implementing, enforcing and maintaining the security of the personal data we process. The Jewish Agency endeavors to implement, enforce and maintain security measures, technologies and policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of Personal Data. We likewise take steps to monitor compliance of such policies on an ongoing basis. Where we deem it necessary in light of the nature of the data in question and the risks to data subjects, we may encrypt data. Likewise, we take industry standard steps to ensure our website is safe.
Note however, that no data security measures are perfect or impenetrable, and we cannot guarantee that unauthorized access, leaks, viruses and other data security breaches will never occur.

Within The Jewish Agency, we endeavor to limit access to Personal Data to those of our personnel who: (i) require access in order for The Jewish Agency to fulfil its obligations under this Privacy Policy and its agreements and (ii) have been appropriately and periodically trained on the requirements applicable to the processing, care and handling of the Personal Data (iii) are under confidentiality obligations as required under applicable law. We take steps to ensure that its staff who have access to Personal Data are honest, reliable, competent and trained.

The Jewish Agency shall act in accordance with its policies to promptly notify the relevant authorities and data subjects in the event that any Personal Data processed by The Jewish Agency is lost, stolen, or where there has been any unauthorized access to it, all in accordance with applicable law and on the instructions of qualified authority. We shall promptly take reasonable remedial measures.

10. DATA SUBJECT RIGHTS

Summary: depending on the law that applies to your Personal Data, you may have various data subject rights, such as rights to access, erase, and correct Personal Data, and information rights. We will respect any lawful request to exercise those rights.

Data Subjects have rights under Israel’s Protection of Privacy Law, GDPR, US State privacy laws and other applicable laws, including, in different circumstances, rights to access data, rectify data, object to processing, and erase data. If processing occurs based on consent, data subjects may have a right to withdraw their consent. It is clarified for the removal of doubt, that data subject rights cannot be exercised in a manner inconsistent with the rights of The Jewish Agency’s employees, with our proprietary rights, our legal obligations and third-party rights. As such, job references, reviews, internal notes and assessments, documents and notes including proprietary information or forms of intellectual property, cannot be accessed or erased or rectified. In addition, these rights may not be exercisable where they relate to data that is not in a structured form, for example emails, or where other exemptions apply.

If, for any reason, a data subject wishes to exercise these rights and modify, delete or retrieve their Personal Data, they may be able to do so by contacting us at jafidpo@jafi.org. Note that we may have to undertake a process to identify a data subject exercising their rights. We may keep details of such rights exercised for its own compliance and audit requirements. Please note that Personal Data may be either deleted or retained in an aggregated manner without being linked to any identifiers or Personal Data, depending on technical commercial capability. Such information may continue to be used by us.

11. GENERAL

The Jewish Agency aims to process only adequate, accurate and relevant data limited to the needs and purposes for which it is gathered. It also aims to store data for the time period necessary to fulfil the purpose for which the data is gathered. We only collect data in connection with a specific legitimate purpose and only processes data in accordance with this Privacy Policy.

In the event of any concerns about data protection practices at The Jewish Agency, you may contact our Data Protection Officer at jafidpo@jafi.org. EU persons have the right to lodge a complaint with a supervisory authority.

12. MINORS

With regard to Personal Data about a minor under 16 years old, The Jewish Agency will endeavor to process personal data only with the consent of the holder of parental responsibility over the minor. The Jewish Agency will make reasonable efforts to verify that consent is given or authorized by the holder of parental responsibility of the child but cannot generally take responsibility for misrepresentation by persons as to their age.

13. CHANGES TO THIS PRIVACY POLICY

The terms of this Privacy Policy will govern the use of the services, website and any information collected in connection with them. The Jewish Agency may amend or update this Privacy Policy from time to time. The most current version of this Privacy Policy will be available at: https://www.jewishagency.org/privacy-policy/. Changes to this Privacy Policy are effective as of the stated ”Last Revised” date and your continued use of Services will constitute your recognition and acceptance of the Privacy Policy’s governing your personal data at The Jewish Agency.

If you have any reasonable questions or comments concerning this Privacy Policy, you are welcome to send us an email or otherwise contact our Data Protection Officer (DPO) at jafidpo@jafi.org and if we can help, we will make an effort to reply within a reasonable timeframe.

Last Revised: October 16, 2025