GDPR, PRIVACY AND COOKIE STATEMENT
This statement provides information relating to the steps that the Cancer Care and Haematology Fund is taking to ensure compliance with data and privacy regulations
BACKGROUND
The European Union General Data Protection Regulation (GDPR) came into force in May 2018 and replaced the Data Protection Directive 95/46/EC. It is designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organisations approach data privacy.
Although the UK is no longer a member of the European Union, GDPR is retained in domestic law as the UK GDPR, but the UK has the independence to keep the framework under review. The UK GDPR sits alongside an amended version of the Data Protection Act 2018.
The Principles
The GDPR principles set out the main responsibilities for organisations which require that personal data is:
-
-
processed lawfully, fairly and in a transparent manner in relation to individuals;
-
collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
-
adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
-
accurate and, where necessary, kept up to date;
-
kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
-
processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
-
GDPR impact on the Cancer Care and Haematology Fund (CCHF)
GDPR gives an even greater emphasis on ‘privacy by design’, where data privacy is the primary focus. CCHF Trustees have reviewed data protection practices and have been updated and consolidated systems, procedures, processes, policies etc. to ensure that we meet GDPR requirements.
For example, this means that where we collect personal data, which could potentially be used for sharing future information about CCHF activities, we will be changing our system to ask individuals to ‘opt in’.
GDPR impact on organisations working with CCHF
Where organisations benefit from the support of the CCHF (e.g. the Buckinghamshire Healthcare NHS Trust), or provide donations or other support to the Fund, we will only retain a minimum of data to ensure effective communications are maintained while each project is delivered.
GDPR impact on donors
CCHF will continue to record contact details of donors and related financial information for reporting purposes and a ‘thank you’ response. However, where a donation is made on behalf of an individual, e.g. through an external donation website, the CCHF are unable to notify that individual (or their family) without the explicit agreement of the donor and provision of relevant contact details.
Donors will be able to manage their contact preferences for any future communications from the CCHF as we will ask individuals to ‘opt in’.
It must be noted that CCHF is not part of the Buckinghamshire Healthcare NHS Trust and cannot access patient data held by that organisation.
Data security
We are committed to ensuring that your information is secure. We have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information we collect in order to prevent unauthorised access or disclosure. Personal data, e.g. donor name and contact details, will only be retained where it may be necessary to contact an individual again or for legal and reporting purposes.
Cookies
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How we use cookies
If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to us at the Cancer Care and Haematology Unit at Stoke Mandeville Hospital, or emailing us at contact@cchf.org.uk
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee will be payable. If you would like a copy of the information held on you please email us at contact@cchf.org.uk
HOW TO COMPLAIN
If you have any concerns about our use of your personal information, you can make a complaint to us at contact@cchf.org.uk
You can also complain to the Information Commissioner's Office (ICO) if you are unhappy with how we have used your data.
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Date of statement: Dec 2022, Review date: Jan 2024
Cancer Care and Haematology Fund | Registered Charity No. 1001358
Based at Cancer Care and Haematology Unit, Stoke Mandeville Hospital, Aylesbury, Buckinghamshire, HP21 8AL