The June Hancock Mesothelioma Research Fund needs to collect personal information about people with whom it deals in order to carry out its business and provide its services. This includes volunteers, donors, supporters, grant applicants, suppliers and other business contacts.
The information may include name, address, email address, data of birth, private and confidential information and sensitive information. In addition, we may occasionally be required to collect and use certain types of such personal information to comply with the requirements of the law.
No matter how it is collected, recorded and used (e.g. on a computer or on paper) this personal information must be dealt with properly to ensure compliance with the Data Protection Act 1998 (hereafter referred to as the Act).
The June Hancock Mesothelioma Research Fund complies with the eight principles of the Act which are summarised below:
- Personal data shall be processed fairly and lawfully and, in particular, shall not be processed unless:
- At least one of the conditions in Schedule 2 (of the Act) is met, and
- In the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.
- Personal data shall be obtained only for specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
- Personal data shall be accurate and, where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
- Personal data shall be processed in accordance with the rights of data subjects under this Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.
Roles and Responsibilities
- June Hancock Mesothelioma Research Fund will:
- Ensure that there is always one person with overall responsibility for data protection. Currently this person is the Trustee designated to oversee Information Governance and they are the Data Controller.
- Ensure that they have the details of all Data Processors who collect and process information that is defined as personal data on behalf of June Hancock Mesothelioma Research Fund.
- Provide training for trustees and charity volunteers who handle personal information.
- Provide clear lines of report and supervision for compliance with data protection.
- Carry out regular checks to monitor and assess new processing of personal data and to ensure the Information Commissioner’s Office is updated to take account of any changes in processing of personal data
All trustees will, through appropriate training and responsible management:
- Observe all forms of guidance, codes of practice and procedures about the collection and use of personal information.
- Understand fully the purposes for which the June Hancock Mesothelioma Research Fund uses personal information.
- Collect and process appropriate information, and only in accordance with the purposes for which it is to be used by June Hancock Mesothelioma Research Fund to meet its service needs or legal requirements.
- Ensure the information is correctly input into the June Hancock Mesothelioma Research Fund systems.
- Ensure the information is destroyed (in accordance with the provisions of the Act) when it is no longer required.
- Send no personal information outside of the United Kingdom unless the purpose is explained to the individuals concerned and their explicit permission is obtained.
- Understand that breaches of this Policy may result in disciplinary action, including dismissal from the Board of Trustees.
Distribution and Implementation
This document will be made available via email and on the June Hancock Mesothelioma Research Fund’s website. A global notice will be sent to all relevant people involved with June Hancock Mesothelioma Research Fund notifying them of the release of this document. A copy of this document will be available to anyone upon request
Compliance with the policies and procedures laid down in this document will be monitored.
The Trustee designated to oversee Information Governance (the Data Protection Officer) is responsible for the monitoring, revision and updating of this document.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
When we provide services, we want to make them easy, useful and reliable. This sometimes involves using cookies. Cookies are small text files that are placed on your computer by websites that you visit. Cookies are used to improve services for you through, by either enabling services we provide or making a website more personal to you, as well as to provide information to the owners of the site. Cookies cannot be used to identify you personally. For more information, please visit AllAboutCookies.org.
Controlling your personal information
If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible at email@example.com. We will promptly correct any information found to be incorrect.
If you have previously agreed to us using your personal information for correspondence purposes, you may change your mind at any time by writing to us or by emailing firstname.lastname@example.org.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Data Protection Officer
You can contact our data protection officer by emailing email@example.com.
Further information about GDPR
For further information about General Data Protection Regulations (GDPR) please visit https://ico.org.uk/