Our Privacy Policy

This Privacy Policy sets out how we process and manage personal data. We process all personal data in accordance with the UK GDPR, the Data Protection Act 2018, and other applicable privacy laws.

We value client’s privacy and will keep data safe. We will never give personal information to other organisations to use for their own purposes, without seeking your approval.

This policy covers:

  1. Collection of Personally Identifiable Information(PII), and how we keep data safe.
  2. Our website.
  3. Our marketing and fundraising communications with our supporters.
  4. The way we use personal data to better serve clients.
  5. Photographs and videos.
  6. Further information, including how people may access their personal data.
  1. COLLECTION OF PERSONALLY IDENTIFIABLE INFORMATION

There are circumstances when the Mary How Trust (MHT) records PII so that we can respond to a request made by a client. For example, if a client:

  • Fills in an order form to request information, products, or services, or to make donations.
  • Get in touch with us and give us their contact details so that we can respond to them.
  • Complete surveys that we use for research purposes.

This information, such as name, address, email address and the type of request, is collected and stored in accordance with the General Data Protection Regulation (GDPR). We value privacy and never give information to other organisations to use for their own purposes.

We may use a third-party organisation in order to respond to a request (for example, a mailing company to send out a newsletter that a client has subscribed to). Any such organisation will be required to sign a data-sharing agreement which is consistent with the controls of this policy.

How We Keep Your Data Safe

We use our best efforts to keep data secure. We have put in place appropriate technical controls to protect personal information, and we adhere to a Data Protection Policy and a Record Retention Protocol that we review regularly and update as appropriate. A copy is available on request.

  1. THE MARY HOW TRUST WEBSITE

This section of the Privacy Policy covers how the Mary How Trust will use any information that is collected when someone visits our website.

What information is collected when someone visit’s our website?

Our website does not store or capture any PII without knowledge and permission.

When someone visits the Mary How Trust website, a cookie (small text file) is downloaded onto their computer. Cookies do not store PII nor do they harm the user’s computer.

We use session cookies to collect anonymous, aggregated website statistics, such as which pages are most and least popular. This information is used for internal purposes only and is not shared with third parties. It helps us to understand how visitors use our website, and how we can improve it.

The system will log the name of the internet service provider along with other information provided by the browser. This may include the operating system, the website that referred you to us, the browser and type of machine you are using, the pages you visit and the date and time of those visits.

When first visiting our website, a persistent cookie is downloaded, which remains in the users browser’s cookie store between sessions.

A person may opt to view our website without cookies by adjusting browser’s settings.

When a clients applies for a screening or makes a donation at our website, card details will be processed by ‘Stripe’  which is an accredited payment service provider that will handle credit card transactions in a highly secure environment. We have a data-sharing agreement with ‘Stripe.’ At no time will card details be stored by the Mary How Trust.

When we are contacted via our website, for example by requesting a health screening, signing up for newsletters, or sending us a message via our ‘Get In Touch’ page, the message will be sent to us via a Secure Sockets Layer (SSL). This protects personal information as it travels from the website to our appointments or fundraising team in the office.

Links To Third Party Content

Our website contains links to other sites. The Mary How Trust is not responsible for the privacy practices or content of those websites. Any such links should not be taken as an endorsement of any kind.

Security

We use our best efforts to keep the data that we hold secure. This includes securing personal data using encryption methods; limiting access to personal data to authorized personnel only; and where applicable, anonymizing data to reduce the risk of identification. All data is transmitted to our website at the user’s risk.

Copyright

The Mary How Trust for Cancer Prevention holds the copyright for the content on our website. This material may be downloaded and read however it cannot be altered, reposted or sold without the prior permission of the Mary How Trust.

Disclaimer

We will ensure the content of the website is accurate and up to date, but do not accept liability for errors or omissions. We reserve the right to change or update the information on this website without notice.

  1. OUR MARKETING & FUNDRAISING COMMUNICATIONS

It matters to us that clients are happy with the way we contact them. We would like to keep clients informed about our work and the ways they can support us and help to save lives. We will only communicate in this way if we have consent to do so.

Clients can tell us that if they wish to receive certain newsletters or other communications from us by clicking to subscribe via our website, or by telling us via email, phone, or in person. Users may unsubscribe, in the same way. There is also an unsubscribe link on all our e-newsletters.

We will record contact details in our fundraising database along with a note of which communications clients have asked us to send.

If clients have opted to receive our newsletters and other communications via email, your email address will be processed by email software. We have a no-tolerance spam policy and employ safeguards to protect the confidentiality and security of your personal information.

Saying ‘Thank You’ For Making A Donation Or Fundraising For Us

It is very important to us that we acknowledge our donors and fundraisers and explain how much we appreciate their remarkable support. So, we will always thank them when they make a donation or raise funds.

If it is a regular gift by standing order or credit card, we will write to thank them when this is set up. If a regular gift is ended, we will write to acknowledge this and thank them for their support to date.

If someone fundraises for the Mary How Trust, we will also ask their permission before we acknowledge their fundraising activity in our newsletter and/or social media. We are proud of our supporters and delighted to show the impact of their support.

  1. THE WAY WE USE PERSONAL DATA IN ORDER TO SERVE BETTER.

When personal information is shared with us, we aim to be clear how we will use the data.

We will only collect the information we need for providing the services asked for. For example, if applying for a health screening, we will ask for a date of birth – but we will never ask for a date of birth when someone signs up for our newsletter.

Fundraising

We may process information for carefully considered and specific purposes to enhance the services we provide.

For example, if we have consent to send details of fundraising campaigns, we may use this data to determine whether we think they would like to hear about a specific fundraising appeal.

Other ways in which we use personal information include:

  • Determining whether we think clients would like to hear about a particular event or activity.
  • Processing donations, Gift Aid, and fundraising.
  • Invites to take part in a supporter survey, so that we can learn about relationships with the Mary How Trust and learn how clients think we could improve our services, products, and communications.
  • Keeping a record of how clients prefer us to contact them and what communications they wish to receive from us.

This helps us to use our resources carefully, and to communicate with clients in a way that is relevant to them.

At any time, clients have the right to withdraw their consent to our holding and processing personal data.

Health Screening

This section of the Privacy Policy covers the way we hold and process personal information for the purposes of a health screening.

In order for us to process appointments and test results we will record details on our clinical database, and on clinical spreadsheets such as our waiting list that are covered by our Data Protection Policy. We will ask clients to confirm consent to hold personal information in this way when appointments are booked. Without consent, we will be unable to proceed with appointments, as this information is essential for us to provide our health screening service.

In line with our Data Retention Policy, we will keep records on our clinical database for 8 years from the last appointment.

We will send a copy of clients results to their GP, only when we have consent to do so.

When donations are made, we will add details to our fundraising database for the purposes of processing your gift. (See ‘Fundraising’ paragraph above.)

Testimonials

We are grateful to everyone who tells us they wish to share their health screening experience or their supporter story. This helps to spread the word about the importance of spotting illness early – and it shows the lasting impact made by our donors, fundraisers, and volunteers.

When clients offer to share their story, we will ask them to fill in a consent form, and we will ask if they are happy for us to use their real name and photo, or if they would prefer to remain anonymous.

  1. PHOTOGRAPHS AND VIDEOS

Taking, keeping, and publishing photographs and videos involves processing personal data. We store photos and videos on our computer system in accordance with the General Data Protection Regulation (GDPR), and we use our best efforts to keep data secure – see paragraph 1 above: Collection of Personally Identifiable Information.

We may use a third-party organisation (for example, we upload videos to our channel on YouTube), but we ensure the third party has a well-defined privacy policy.

Where we use photographs/videos

We share photos and videos in a wide variety of print and digital platforms and communications, including:

  • Supporter communications (eg) newsletters, fundraising appeals, thank you letters.
  • Promotional material (eg) our website, event brochures, posters, leaflets, fundraising pack.
  • Newspapers and magazines, television reports, and other news media.
  • Social media.
  • At events, exhibitions, and displays not within the Mary How Trust’s premises.

How we manage your consent to use photographs/videos

We obtain written consent before we make use of a photo/video that focuses on a specific individual, wherever possible at the time the photo/video is taken.

In all cases, clients have the right to change their mind at any time and ask us not to use the photo/video in future.

At our fundraising events and other activities, we may take photos/videos that capture the general setting and audience, where people are incidentally included, and specific individuals are not the focus. These images are unlikely to contain personal data; nevertheless, we make an announcement at the beginning of the event and ask anyone who prefers not to be photographed/filmed to make themselves known to us, so that we can avoid catching them in shot.

What happens when consent is withdrawn?

If we are asked to not use a photo/video in future:

  • We will acknowledge the request in writing by letter or email.
  • We will remove the photo/video from our website, and (where applicable) from other platforms such as YouTube, within one month.
  • We will cease to use the testimonial in our letters and social media immediately.
  • We will remove the photo from a printed document such as a leaflet when the document is next reprinted.
  • We will archive the photo/video securely, for historical purposes only, unless specifically requested in writing to destroy the material held.

Please note, however:

  • Material previously published that includes the photo/video may remain in circulation, but the photo/video will not be included in any further posts or reprints.
  • Social media sharing would be beyond our control.
  • Photos and videos may be taken at public events by third parties beyond our control.
  1. FURTHER INFORMATION

We will process personal data lawfully, fairly, and in a transparent manner.

Clients have a right to ask us to stop holding or processing personal data at any time, and we will do so unless we are obliged to hold data for contractual or regulatory purposes.

For example, if we Gift Aid a donation, we must hold the data in accordance with HMRC requirements. Or if we have personal information for the purposes of a health screening, we are obliged to keep that health data for 8 years.

Subject Access Request

Clients have a right to ask us for a copy of any personal information we hold about (a ‘Subject Access Request’).  If we do hold information about a client, we will:

  • Give a description of it.
  • Explain why we are holding it.
  • Explain whom it could be disclosed to.
  • Provide a copy of the information in an intelligible form.

Subject Access Requests can be submitted verbally, or in writing. MHT will usually respond within one calendar month. See our SAR policy for further details.

If a person feels these standards have not been met, they can contact us directly following the MHT complaint policy or make a complaint to the Information Commissioner (www.ico.org.uk/concerns).