Privacy Policy
The Responsible Business Initiative for Justice (RBIJ) is committed to protecting your privacy and being transparent about how we use your data.
This policy tells you about how RBIJ collects and uses personal information from you so that we respond appropriately. This information helps us provide you with information about work.
1. Who is RBIJ?
The Responsible Business Initiative for Justice (RBIJ) is a fiscally sponsored project of NEO Philanthropy, a U.S. 501(c)(3) public charity. Our office in the U.S. is 1050 30th Street, NW, Washington, DC 20007.
RBIJ’s UK affiliate, RBI CIC, is a nonprofit community interest company (company number: 12100724). Our registered offices in the UK are International House, 101 Kings Cross Rd, London, England WC1X 9LP.
RBIJ is an organization that works with the business community to advance criminal justice reform, expand workforce opportunity, and build more prosperous communities. RBIJ advises, educates, informs and engages business and trade leaders on the importance of safe and fair systems of criminal justice.
The people responsible at RBIJ for data protection and ensuring that this privacy policy is compliant with all relevant legislation and is complied with are RBIJ’s Chief Operating Officer – US and Chief Operating Officer – UK.
2. The information we collect and how we use it
If you visit our website:
Through our website we may collect some information about your visit to our site. Including: information about your browser, network, and device. The information collected may also include details about your visit to our website. Including: clicks, internal links, pages visited, scrolling, searches, and timestamps.
If you contact us by phone, email or in writing:
If you exchange emails, telephone conversations, or other electronic communications with our staff members, our systems will record details of those conversations, sometimes including their content.
When you contact us, we sometimes need to keep a record of the communication we have with you to operate, manage, and develop our organization.
Work-related activities:
In the course of our work, we collect information such as the names, contact details, and work-related information about individuals and organizations with which we work. We keep this information in order to invite you to collaborate on and participate in relevant work-related activities.
This information includes the details of those whose professional interests align closely with our own and individuals who participate directly in our activities, as well as those with whom we have current contractual obligations or with whom we may in the future enter into an agreement. We also keep the details of other professional contacts if you have consented to hearing from us for this purpose.
We collect this information through business cards, personal contact, or occasionally recommendations from partners.
We sometimes collect information from third party data providers or publicly available sources for anti-money-laundering, background checking, and similar purposes, and to protect our organization and comply with our legal and regulatory obligations.
3. Legal basis for using your information
In some cases, we will only use your personal data where we have your consent e.g., if you have signed up to receive email communications from us. You can opt out from receiving these communications at any time.
There are also other lawful reasons that allow us to process your personal data, e.g., “legitimate interests” when we use your personal data to enable us to conduct outreach activities and invite you to collaborate with us.
We may also process your personal data to enable us to comply with our legal obligations, e.g., to carry out anti-money laundering checks.
4. How long we will keep your information
We only keep your information for as long as is reasonable and necessary for the relevant activity, which may be to fulfil statutory obligations.
5. Your data and third parties
We work with a number of third-party vendors who provide us with a variety of administrative, statistical, and technical services.
We carefully select the third parties we work with, and we ensure that they share our values around data protection. All third parties that we work with are contractually obligated to act on our instructions and in accordance with current data protection legislation. We will never voluntarily share your information with a third party for their own use.
There are some circumstances where we may have to disclose your information if required by law. If provision of the requested information is necessary for compliance with a legal obligation, we will tell you when we ask you to provide information about yourself, unless we are legally compelled to conceal this.
We will never sell, rent, trade, or pass your personal data to any other third parties.
6. The security of your information
We take the security of your information very seriously. We employ physical, electronic, and administrative security measures to protect the information that we collect about you from access by unauthorized persons and against unlawful processing, accidental loss, destruction, and damage.
7. Your rights (for UK residents)
Data protection law, including the General Data Protection Regulation (GDPR), gives you rights in law regarding your personal data. These rights include:
The right to be informed about why and we process your data,
The right of access to the personal data we hold about you,
The right to correction of your personal data if incorrect, out of date or incomplete,
The right to ask us to remove your personal data from our database systems,
The right to stop direct marketing communications from us. and
The right to ask us to no longer process your data automatically to decide whether particular marketing activities are likely to be of interest.
You can contact us to request to exercise these rights at any time. For full information about your rights under the current General Data Protection Regulation or to make a direct, formal complaint, please see the Information Commissioner's Office website.
8. International Transfers within RBIJ
To facilitate our operations, we may transfer information between our US and UK entities that may include personal data. This Privacy Policy will also apply when we transfer personal data to other countries. We have taken appropriate safeguards to ensure that your personal data will remain protected wherever it is transferred. When we share personal data of individuals in the European Economic Area (EEA), Switzerland, or the United Kingdom (UK) we rely upon the Standard Contractual Clauses (approved by the European Commission and Swiss authorities) and the UK Addendum to the Standard Contractual Clauses (approved by the UK authorities where required).
9. Contact us
We want to do everything we can to make sure the information we hold on you is accurate and up to date. If you have a query regarding this policy, would like us to amend any information, or would like to request access to the information we hold on you, please email operations@rbij.org.
Except for information that needs to be kept for legal reasons, you have a right to opt-out of us processing your data or withdraw your consent at any time. Please contact us using the above details if this is the case
10. Changes to this policy
We keep this Privacy Policy under regular review and will place any updates on this page. This Privacy Policy was last updated on July 2nd, 2025.