The policy sets out the different areas where user privacy is concerned and outlines the obligations and requirements of the users, the website and website owners. Furthermore the way this website processes, stores and protects user data and information is also detailed within this policy.
2.0 The Website
The Ehlers-Danlos Support UK is committed to ensuring that all personal information collected and processed is appropriate for the stated purpose(s) and shall not constitute an invasion of your privacy. This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all UK national laws and requirements for user privacy.
3.0 How we use your personal data
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely in line with the Data Protection Act 2018. Every effort has been made to ensure a safe and secure form to email submission process but we advise users using such form to email processes that they do so at their own risk.
The Ehlers-Danlos Support UK will use the personal data collected from you for the following purposes:
To plan and deliver services and events, to update you on fundraising opportunities (when explicit consent has been given by you), to update you on research opportunities (when explicit consent has been given by you), to keep you updated on the activities of the charity (when explicit consent has been given by you), to send you a weekly email newsletter (when explicit consent has been given by you), to enable us to fulfil magazine subscriptions and online shop orders and to assist us with funding applications through the use of aggregated, anonymised data.
3.1 Storage and processing of your personal data
Personal data collected by The Ehlers-Danlos Support UK through its website is retained for the life of the user’s membership.
The Ehlers-Danlos Support UK transfers some data outside of the European Union (EU) through its use of Xero as its accounting software, which has servers located outside of the EU. This includes (at most) name, address and email address The transfer of personal data outside the EU is controlled by The Ehlers-Danlos Support UK’s policy on Personal Data Transfer Outside of the EU.
3.2 Your rights
Your rights in respect of your personal data stored and processed by The Ehlers-Danlos Support UK include but are not limited to:
- The right to access personal information we hold about you;
- The right to withdraw consent;
- The right to amend personal data we hold about you;
- The right to request that your personal data be permanently deleted;
- The right to strict processing; and
- The right to raise an official complaint with the relevant authority;
Please email firstname.lastname@example.org to request access to the information we hold about you or for any enquiry about your personal data.
3.3 Automated data processing
The Ehlers-Danlos Support UK does not undertake automated processing (e.g. profiling) on any personal data.
3.4 Third parties
We may share your personal data with third party service providers who are contracted by us and we shall ensure that they will hold your personal data securely and shall use it only in order to fulfill the service for which they are contracted. When there is no longer a service need, or the contract comes to an end, the third party will dispose of all personal data using procedures approved by us. We will never sell your personal data.
5.0 Taking payments
Our shop, membership, and donations payments are processed using either Paypal Website Payments Standard or Paypal Website Payments Pro. We do not store credit card details nor do we share financial details with any third parties.
6.0 Email newsletter
This website operates an email newsletter programme, used to inform subscribers about the activities of The Ehlers-Danlos Support UK. Users subscribe through our membership scheme, should they wish to do so, but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 2018.
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no means a comprehensive list]. This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to unsubscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated unsubscription system is unavailable clear instructions on how to unsubscribe will by detailed instead.
7.0 External links
Although this website only looks to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites.)
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
8.0 Social media platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will never ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
9.0 Shortened links in social media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses] (this is an example: http://bit.ly/zyVUBo).
Users are advised to use caution and good judgement before clicking any shortened urls published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
10.0 Resources and further information
- Data Protection Act 2018
- Privacy and Electronic Communications Regulations 2003
v.2.0 May 2018: The Ehlers-Danlos Support UK, Devonshire House, Manor Way, Borehamwood, WD6 1QQ