your personal data
Beatson Cancer Charity is committed to protecting the privacy of our supporters. The following Privacy Statement will explain to you how we collect, store and use personal information submitted to us in accordance with the provisions of General Data Protection Regulations (GDPR) and UK Data Protection Act (1998).
changes to this privacy notice
We regularly review the terms of this privacy notice, which we may amend from time to time. If we make any substantial changes we will notify you by posting a prominent notice on our website.
who we are
Beatson Cancer Charity is a registered Scottish charity number SC044442. We are also registered as a company in Scotland under registration number SC461242. Beatson Cancer Charity will be what’s known as the ‘Controller’ of the personal data you provide to us.
what we need
The personal information we collect, and how we use it, will depend on your engagement with us but we gather it in the following ways:
- Information you give us. For example, when you engage with our social media or message boards, make a donation to us, register for an event or otherwise provide us with more detailed information when you engage with our care services.
- Information we get from your use of our website and services. We collect information about the services you use and how you use them, like when you watch a video on YouTube, visit our website or view and interact with our ads and content.
- Information from third parties. We may also receive information about you from third parties. This can include information such as your name, postal address, email address, phone number, your geographic location (for mobile devices), credit/debit card details and whether you are a tax payer so that we can claim Gift Aid. We, like all companies, are able to confirm what browser you are using, IP address and computer operating systems that are being used and this information may be used to improve the services we offer. Wherever possible we use aggregated or anonymous information which does not identify individual visitors to our websites.
Data Protection law recognises that certain categories of personal information are more sensitive. This is known as sensitive personal data and covers health information, race, religious beliefs and political opinions. For our supporters we do not usually collect ‘sensitive personal data’ unless there is a clear reason for doing so, such as participation in a marathon or similar fundraising event or where we need this information to ensure that we provide appropriate facilities or support to enable you to participate in an event.
We may also collect sensitive personal data if you make the information public or if you tell us about your experiences relating to care (for example, if you act as a case study for us or volunteer); however we will always make it clear to you when we collect this information from you, what data we are collecting and why.
why we need it
We need to know your basic personal data to provide the following:
- to provide the services or information which you have requested
- tailor our website so the content you see is relevant to you
- to collect statistics, responses to any surveys and questionnaires, traffic patterns and related site information. We aggregate this data and it does not identify any website users. We use it for research, analysis, testing, monitoring, risk management and administrative purposes. Furthermore, we may disclose this aggregated data to third parties for marketing, advertising or other promotional purposes.
- to claim any gift aid from the government on your donations if you have completed a gift aid declaration for us.
- to record your consent to use your image, recording, voice or case study in a range of marketing materials.
We will not collect any personal data from you we do not need in order to provide and oversee this service to you.
More sensitive personal information is required when you encounter our care services team and they will provide more detailed information when you engage with them.
The basis on which we process personal data is a legal obligation, the individual’s consent or our legitimate interest.
In certain instances, we collect and use your personal information by relying on the legitimate interest legal basis. This is because when you, for example, request to receive services or products from Beatson Cancer Charity, we have a legitimate organisational interest to use your personal information to respond to you and there is no overriding prejudice to you by using your personal information for this purpose. This is also the case where we process your donations in support of Beatson Cancer Charity’s objectives, for our internal administrative purposes, and where we need to take steps to protect our network security or risk of fraud.
In most instances, however, we will rely on obtaining your consent to our use of your personal information. This is the case, for example, where we seek to obtain your consent to receive email marketing about Beatson Cancer Charity.
Legitimate interest allows us to send direct mail to you as long as you haven’t said ‘no’ and it does not cause harm or override your privacy rights. If you have supported our cause in recent years and have not opted not to hear from us we will occasionally update you on the latest news and information from the hospital.
Information that is already in the public domain may be used by the charity to try to ascertain from it if the data subject has relevant interest in the cause of the charity, but only in compliance with the GDPR/legislation. This would include, for example, information contained within externally circulated publications such as brochures and other sales and marketing aids or social media / internet information. Under the legal basis of legitimate interests the charity will use publicly available contact information to inform organisations and groups of any events and campaigns that would be of interest to them. This initial contact will include information of how to inform the charity not to make further contact.
how we keep it
All the personal data we process is processed by our staff located in the UK. The organisation will hold personal data on its own IT network in the UK and on its database, ThankQ, owned by Access UK Ltd where the data is located within the EU. The servers used to provide Subscriptions and Hosting are operated by Telehouse and Equinox. Privacy Shield also requires us to certify to GCHC that all of their auxiliary suppliers who receive onward data transfers of PII are compliant with the requirements of Privacy Shield. Certain ThankQ functions and features may require the transfer of data outside the European Union, but all locations are compliant with EU requirements as stated above.
how long we keep it
As a donor, we are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed.
We hope the relationship we have with our donors and supporters will be for life. Information used for marketing and fundraising purposes will therefore be kept until you notify us that you no longer wish to receive information.
Our data retention policy states that we keep Care Services data for 6 years after discharge from our services.
For full details of our data retention policy please contact our Data Protection Officer.
We want to ensure you receive the level of information about the Beatson Cancer Charity that is right for you.
- Email/text marketing: If you actively provide your consent to us along with your email address and/or mobile phone number, we may contact you for marketing purposes by email or text message. By subscribing to Beatson Cancer Charity emails or opting in to email communication from Beatson Cancer Charity, you grant us the right to use the email for both email marketing purposes and advertisement targeting
- Post/telephone marketing: If you have provided us with your postal address or telephone number we may send you direct mail or telephone you about our work unless you have told us that you would prefer not to receive such information. We also actively check telephone numbers against the Telephone Preference Service and will only make telephone calls to you where your telephone number is listed on the TPS if you have specifically told us that you do not object to such calls and have consented to receive them.
- Your choice: It is always your choice as to whether you want to receive information about our work, how we raise funds and the ways you can get involved. If you do not want us to use your personal information in these ways please indicate your preferences on the form on which we collect your data.
You may opt-out of our marketing communications at any time by clicking the ‘unsubscribe’ link in at the end of our marketing emails sending us an “opt-out” text message, following the instructions we provide you in our initial text.
You can also change any of your contact preferences at any time (including telling us that you don’t want us to contact you for marketing purposes by telephone, or by post) by contacting our fundraising team on 0141 212 0505 or emailing email@example.com.
We will not use your personal information for marketing purposes if you have indicated that you do not wish to be contacted by us for such purposes. However, we will retain your details on a suppression list to help ensure that we do not continue to contact you.
We carry out targeted fundraising activity to ensure that we are contacting you with the most appropriate communication, which is relevant and timely and will ultimately provide an improved experience for you. In doing so, we may use profiling techniques and insight companies to provide us with general information about you. Such information is compiled using publicly available data about you or information that you have already provided to us.
This activity assists us in understanding the background of the people who support us and helps us to make appropriate requests to supporters who may have the means and the want to give more. You can opt out of your data being used for profiling by contacting our supporter care team on 0141 212 0505, Monday to Friday, 9am to 5pm, or emailing firstname.lastname@example.org or write to the Supporter Care Team at Beatson Cancer Charity, Beatson West of Scotland Cancer Centre, 1053 Great Western Road, Glasgow G12 0YN.
debit and credit card information
If you use your credit or debit card to donate to us, buy something or pay for a registration online or over the phone, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard. You can find our more information about PCI DSS here – https://www.pcisecuritystandards.org/security_standards/index.php
We do not store your credit or debit card details at all, following the completion of your transaction. All card details and validation codes are securely destroyed once the payment or donation has been processed. Only staff authorised and trained to process payments will be able to see your card details.
If we receive an email containing any credit or debit card details, it will be immediately deleted, no payment will be taken and you will be notified about this. All purchases or donations should be completed through the donation page or online shop on our website (www.beatsoncancercharity.org) or via our fundraising team by calling 0141 212 0505, Monday to Friday, 9am to 5pm.
We are committed to protecting the privacy of the young people that engage with us through our support services, our website, at events, fundraising initiatives and at schools.
When we collect information about a child or young person aged under 18 we will make it very clear as to the reasons for collecting this information and how it will be used.
Our fundraising events also request specific information about the age of participants. If you are under 18 and would like to get involved, please ensure that you have consent from a parent or guardian before giving us your personal information.
your ability to edit and delete your account information and preferences
The accuracy of your personal information is important to us. You can edit your Beatson Cancer Charity account information, including your address and contact details at any time. If you would like to change your preferences or update the details we hold about you, please contact our fundraising team by calling 0141 212 0505, Monday to Friday, 9am to 5pm or email email@example.com
what are your rights?
If at any point you wish to see the data we hold about you or believe the information we process on you is incorrect you can request to see this information and have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact us using the details below and we will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
A cookie is a small file which can be placed on your computer’s hard drive, the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies. This may prevent you from taking full advantage of the website. You can easily restrict or block the cookies used by this website through your browser settings, the Help function within your browser will provide detailed instruction of how to change these settings. You can find more information about cookies at www.aboutcookies.org, this site provides instructions on how to block cookies on all the major browsers and also explains how you can delete cookies that have already been stored on your computer.
You should be aware that most cookies are harmless and restricting them may impact on the functionality of the websites you visit.
links to other websites
This privacy and cookies policy only applies to Beatson Cancer Charity. If you link to another website from here, you should remember to read and understand that website’s privacy and cookies policy as well. We are not responsible for any use of your information that is made by other websites.
For more information contact :
Data Protection Officer at Beatson Cancer Charity, Beatson West of Scotland Cancer Centre, 1053 Great Western Road, Glasgow G12 0YN.
Email : firstname.lastname@example.org
0141 212 0505