Rotherham Hospital and Community Charity Privacy Policy

Rotherham Hospital and Community Charity Privacy Policy

This policy tells you what information we (Rotherham Hospital and Community Charity) collect, what we do with it, how we will keep it secure and who it might be shared with.

We offer a wide range of services, and this policy applies when you:

  • Use our website

  • Donate to us

  • Support us (for example when you fundraise for us or participate in one of our events)

Who are we?

Rotherham Hospital and Community Charity is a registered charity (1054407) based at Rotherham Hospital, and operates to support the care and needs of The Rotherham NHS Foundation Trust patients and their families. The Rotherham NHS Foundation Trust strives to provide the highest level of care using the funding it receives from the central government to the local community and surrounding area. These include emergency department services, outpatient clinics, inpatient services, maternity and children’s services. However, there are always ways in which we can fund extra special resources, equipment and projects for our patients and their families.

This privacy notice explains how Rotherham Hospital and Community Charity use personal information.

The Rotherham NHS Foundation Trust are registered as Data Controllers with the ICO, registration ZA067076, which means the Trust decides how, when and why your personal data will be used. Rotherham Hospital and Community Charity are the Data Processors.

How do we collect information from you?

We gather information about you when you use our website or interact with us, for example when you contact us about fundraising activities or events, or sign up to receive news and events updates. We also collect information from you when you make a donation, sign up to an event or organise your own fundraising event on behalf of the charity.

Sometimes, when you support or fundraise for us through another organisation (for example Just Giving), information may be shared with us. You should check their privacy policy when you provide your information to understand fully how it will be processed. When you use social media (for example Facebook, Twitter and Instagram), you may also be sharing information with us, so please check your profile settings and their privacy policy.

We need to collect certain information from you in order to process gift aid. If you do not provide your information to us, this may mean that we are unable to fully process your donation or thank you for your support.

What type of information do we collect?

The personal information we collect from you may include your name, address, telephone number and email address. All website analytical data we receive is anonymised.

If you make a donation online, your card information is not held by us – it is collected by a separate company who are our third-party payment processors such as Just Giving or Stripe. They are committed to the secure online capture and processing of card transactions. The card information will only be used to process the payment.

In some circumstances, we may need to collect sensitive personal information concerning your health and wellbeing. As an example, if you participate in one of our fundraising events (such as a sponsored run or skydive), we may ask if you have any health conditions that we need to be aware of. Where we collect this information, we will treat it with extra care and only for the purpose we tell you about. Likewise, your information will always be processed in accordance with this Privacy Policy, and all details that you provide us with will be kept secure and held for no longer than necessary.

How is your information used?

We may use your information to:

  • Handle a donation that you have made
  • Ensure monies donated are directed into the correct funds which correspond to the donors wishes
  • Provide you with information and support for charity organised events you participate in, for example, Charity Fun Days, Celebration Events
  • Provide you with information and support for our chosen third party events that you have chosen to participate in, for example skydives or organised runs and marathons.
  • Provide you with information and support for activities or fundraising events that you are organising
  • Carry out our obligations arising from any contracts entered into by you and us
  • Deal with entries into a competition
  • Keep you updated with information which may be of interest, including campaigns, appeals, events and newsletters
  • Let you know about any changes to our services
  • To invite you to participate in surveys or research (although this is voluntary) 
  • To analyse and improve the services offered

We regularly review how long we hold onto your personal information. We are required to hold some types of information to fulfil our legal obligations (for example for the collection of financial information and gift aid). However, we will only ever hold your personal information on our systems for as long as necessary (or as long as set out in any contract you hold with us).

We will only ever use your information for the purpose we told you when you originally provided it.

The legal basis that we rely on for processing your information will depend on the circumstances in which it is being collected and used. However, in most cases, it will fall into one of the following categories:

  • Where you have provided your consent for us to use your data in the way that we have explained. For example, we will always ask consent before sending you e-mails about our work (i.e. the newsletter)
  • Where we need to process your information to carry out our legal obligations, such as processing gift aid
  • Where the processing is necessary to carry out the performance of a contract, such as processing a donation
  • Where we have a legitimate reason to process your information in order to continue to support the care and needs of The Rotherham NHS Foundation Trust’s patients and their families. This includes providing you with information that we feel would be of interest to you, would be reasonably expected and not intrusive. For example, if you have recently participated in one of our official events, we may feel that you would be interested in a similar event in the future. We may, therefore, send this information to you by post, or contact you by telephone. You can ask us to stop providing you with this information at any time, and we have explained more about legitimate interests below.
  • Broadly speaking, legitimate interests means we may process your personal information where we have a genuine and legitimate reason, and are not harming any of your rights or interests.
  • When we process your information for our legitimate interests, we will always consider and balance any potential impact on your rights. As such, we will never use your information for activities where our interests are overridden by the impact on you.
  • It is always your choice whether you want to receive information from us, and you can opt-out at any time by contacting us using the details in the ‘Your Choices’ section of this policy.

Who has access to your information?

We will never sell or rent your information to third parties (for example another charity). We will never share your information with third parties for marketing purposes.

Third part data processors working on our behalf

We may pass your information to a third party who works on our behalf to provide you with services. For example, so that we can send you email newsletters, we have to pass your name and email address onto an email software company which specialises in sending email newsletters. When we use these organisations, we provide them with only the personal information that is necessary to deliver the service. Likewise, we have contracts in place that means they must keep your information secure and not use it for their own marketing purposes. We may, however, be required to release your information due to a court order, or for the purposes of the prevention of fraud or other crime.

When you make a donation, it will be processed by a third-party payment processor, who specialises in the online gathering and processing of card transactions. For example, if you are fundraising for the charity, this could be Just Giving or Stripe. If you have any questions regarding secure transactions, please contact us.

When you donate cash or a cheque, this will be processed by our official banking partners at HSBC and NatWest.

When you enquire about, or sign up to, one or more of these services, they will use your details to provide you with information, and carry out their responsibilities arising from any contracts or agreements you have entered into with them. In some cases, they will be both the data controller and data processor of your information, so we advise you to read their privacy policy carefully.

We have a duty to disclose your personal information in order to comply with legal regulations, or to enforce our terms of use, or to protect the rights or safety of our supporters and donors. But we will always take steps to ensure that your privacy continues to be protected.

Your choices

You have full control over whether or not you wish to receive information from us. On the form on which we collect your information, you can tick the relevant boxes to choose whether you want to receive marketing communications from us (such as newsletters or event updates). We will always tell you why and how the information will be used.

We will never contact you for marketing purposes by email, telephone or post if you have told us that you don’t want to be contacted. You may change your marketing choices at any time by:

  • Email: trft.rhcc@nhs.net
  • Telephone: 01709 426821
  • Writing to us: Rotherham Hospital and Community Charity, Rotherham Hospital, Moorgate Road, Rotherham, S60 2UD.

You also have the right to object to other processing that we may carry out. You can do this by writing, emailing or telephoning us. However, please bear in mind that this may affect our ability to carry out tasks for your benefit. For example, if you object to us processing your information with regard to a donation, we may not be able to thank you for your support.

Accessing and updating your information, or finding out more

Under the General Data Protection Regulations and Data Protection Legislation, you have the following rights:

Subject Access

The right to request a copy of your personal data which the Charity holds about you.

Right to be informed

We must be completely transparent with you by providing information ‘in a concise, transparent, intelligible and easily accessible form, using clear and plain language’. Our privacy notice is one of the ways we let you know how data is handled.

Right to rectification

You have the right without undue delay to request the rectification or updating of inaccurate personal data.

Right to restrict processing

You can ask for there to be a restriction of processing such as where the accuracy of the personal data is contested. This means that we may only store the personal data and not further process it except in limited circumstances.

Right to object

You can object to certain types of processing such as direct marketing.

Right to data portability

Where personal data is processed on the basis of consent and by automated means, you have the right to have your personal data transmitted directly from one data controller to another where this is technically possible.

Right to erasure or ‘right to be forgotten’

You can request the erasure of personal data including when:

  • the personal data is no longer necessary in relation to the purposes for which they were collected
  • you no longer provide your consent
  • you object to the processing.

Make a Freedom of Information request

The Freedom of information Act 2000 provides any person with the right to obtain information held The Rotherham NHS Foundation Trust subject to a number of exemptions.

Make a Freedom of Information request.

How we protect your information

When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is sent over a secure web connection.

Although any other information will be sent by a secure connection, information sent over the internet and/or email can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

Once we receive your information, we make our best effort to ensure its security on our systems.

Making a complaint

You have the right to make a complaint about how we (or any third parties) use your personal data. As a local charity, we encourage people to come forward with any suggestions and queries, and welcome people challenging us if they feel that the use of their information is unfair, misleading or inappropriate. You can contact us by using the details at the top of this policy.

You also have the right to make a complaint directly to the supervisory authority, which is the Information Commissioner's Office (ICO). They can be contacted by telephone on 0303 123 1113.

Alternatively, visit the Information Commissioner's Office website.

Links to other websites

Our website may contain links to other websites run by other organisations, including when signing up for some events. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites – even if you access them using links from our website. The same applies if you linked to our website from another website.

Cookies

A cookie is a small file stored on your computer created when you visit a website. We use cookies to analyse anonymised user behaviour so that we can continue to improve our website. You can turn off cookies using your browser Settings or Options pages. You can also visit the ‘Help’ function in your browser to show you how to turn them off. Please note that turning off cookies may affect expected functionality of the website.

Profiling

We may analyse your personal information to create a picture of your interests and preferences, alongside a history of your relationship with the charity. Profiling can help us target our resources more effectively by gaining an insight into the background of our supporters. We may then use this information to contact you with information that you may find relevant, as discussed in the section ‘How is your information used?’. We may make use of additional information about you when it is available from external sources to help us do this effectively, such as from Companies House, public registers, magazines and newspapers. We may also use your personal information to detect and reduce fraud and credit risk.

16 or under

We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission whenever you provide us with personal information.

Reviewing this policy

We will regularly review this policy to ensure it reflects how we use and handle your information. We may, from time to time, change this policy, so please check this page occasionally to ensure that you’re happy with any changes.

Rotherham Hospital and Community Charity Privacy Policy

Last reviewed: September 2022


Source URL: https://www.therotherhamft.nhs.uk/charity/privacy-policy

List of links present in page
  1. https://www.therotherhamft.nhs.uk/charity/privacy-policy
  2. mailto:trft.rhcc@nhs.net
  3. https://www.therotherhamft.nhs.uk/contact/freedom-information
  4. https://ico.org.uk/make-a-complaint/