Our Blood Pressure UK Privacy Policy
Blood Pressure UK is dedicated to protecting your personal data and being honest and transparent about what information we hold about you and how we process this data. We can assure you we strictly comply with all General Data Protection Regulation so your data is safe with us.
We will look after any personal information that you share with us, whether this is collected online or via phone, email, in letters, face to face or in any other correspondence. This is central to our values as an organisation. We pride ourselves on our ethical approach to fundraising. Blood Pressure UK has never and will never knock on your door, stop you in the street or ring you to ask for donations (or pay someone else to).
If you have given us your data, you can be confident that:
- We only use personal information in the ways we need to and that is expected of us
- We will only communicate with you about our work, including how we are spending your money and how you can continue to support us
- We will only contact you if you have given consent
- We will make it easy for you to tell us how you want us to communicate with you, including how to opt out from future communications. We promise your request will be dealt with straight away
- We will never release your information to organisations outside of Blood Pressure UK for their marketing purposes
- We take all reasonable care to safeguard your personal information through security policies, encrypted computer equipment, lockable filing cabinets and secure business processes
This privacy policy informs you about:
- What information Blood Pressure UK stores about you
- How we use that information
- How we store your information
- Details about sharing/being in receipt of your information
- Your choices regarding the information you provide to us
- How we use cookies
- How you can change your mailing preferences
Please feel free to contact us at any point if you would like more information about our privacy and cookies policy.
Please email: info@bloodpressureuk.org or call 020 7882 6255 and we will be happy to help.
About Us
Blood Pressure UK is the only charity solely dedicated to lowering the nation's blood pressure to prevent disability and death from stroke and heart disease.
Our vision is that everyone will know their blood pressure numbers, in the same way that they know their height or weight, and take steps to keep them healthy both now and in the future.
Blood Pressure UK is an operating name of the Blood Pressure Association
Registered as a Charity in England and Wales (1058944) and in Scotland (SC040230)
Registered as a Company limited by guarantee in England and Wales. Company No: 03251531
Registered Office: Wolfson Institute of Preventive Medicine, Charterhouse Square, London EC1M 6BQ
The information we collect
Information supplied by you
This comes in many forms such as when you engage with our social media, make a donation to us, contact our adviceline, register for an event or provide us with personal information. This can be given online, verbally, via a letter, email or other methods. When you register, we’ll ask for personal information, such as your name, postal address, email address, telephone numbers and occasionally Date of Birth (DOB) to store with your account. We store this information on our secure database so we can carry out your request and for internal purposes so we can track when we actioned your request – for instance if you do not receive what you have requested, we can check to see if this was actioned against your record.
Information we get from your use of our website
Like most websites, we use “cookies” to help us make our site – and the way you use it – better. Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text fields.
In addition, the type of device you’re using to access our website and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, what your device settings are, and why a crash has happened. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.
Blood Pressure UK use Google Analytics as a web analysis service, to see their privacy policy please visit https://www.google.com/intl/en/policies/privacy/
Information from third parties
Your information may be shared with us by independent event organisers, for example the London Marathon or fundraising sites like Just Giving or Virgin Money Giving. These independent third parties will only do so when you have indicated that you wish to support Blood Pressure UK and with your consent. You should check their Privacy Policy when you provide your information to understand fully how they will process your data. This data can include information such as your name, postal address, email address, phone number, your geographic location (for mobile devices), credit/debit card details and whether you are a tax payer so that we can claim Gift Aid.
Depending on your settings or the privacy policies for social media and messaging services like Facebook, WhatsApp or Twitter, you might give us permission to access information from those accounts or services.
We do not usually collect ‘sensitive personal data’ such as race, health information etc unless there is a clear reason for doing so, such as participation in a marathon or similar fundraising event or where we need this information to ensure that we provide appropriate facilities or support to enable you to participate in an event.
If you become an employee for Blood Pressure UK, we may ask you questions about your race, religious beliefs etc and this is to ensure we operate as an equal opportunities employer and also that we are aware of any medical conditions you may have that you will need assistance with such as wheelchair access etc.
We may also collect sensitive personal data if you make the information public or if you tell us about your experiences relating to heart disease (for example, if you choose to act as a case study); however we will always make it clear to you when we collect this information, what sensitive personal data we are collecting and why.
People who visit our website
Blood Pressure UK’s website uses cookies to improve how our website works and to find out how people use the site.
We have an option for visitors to set up an account with our Webshop much like you would if you regularly purchased from a shopping site. If you set up an account on our website (to make a payment) then the following will apply:
We will collect information such as your name, postal address, email address, telephone number and occasionally your DOB. Once you set up an account you will not be anonymous to us when you subsequently sign in. This is put in place to make the website much more user friendly for supporters.
We use cookies to allow us to store limited information on an individual’s computer to allow people to have automatic logons as an example. We use this information to provide you with a good experience when browsing our website and to improve the functionality of our site.
Your bank details
If you use your credit or debit card to donate to us, buy something or pay for membership online or over the phone, we will ensure that this is done securely.
We do not store your credit or debit card details at all, following the completion of your transaction. All card details and validation codes are securely destroyed once the payment or donation has been processed. Only staff authorised and trained to process payments will be able to see your card details.
If we receive an email containing any credit or debit card details, it will be immediately deleted, no payment will be taken and you will be notified about this. All purchases or donations should be completed through the donation page, our web shop (http://bpassoc-shop.org.uk/), via info@bloodpressureuk.org or call 020 7882 6255
We use Sage Worldpay to manage our payment transactions, you can read their privacy policy here http://www.worldpay.com/uk/privacy-policy
Legitimate interest
In certain instances, we collect and use your personal information by relying on the legitimate interest legal basis. This is because when you, for example, request to receive services or products from Blood Pressure UK, we have a legitimate organisational interest to use your personal information to respond to you and there is no overriding prejudice to you by using your personal information for this purpose. This is also the case where we process your donations in support of Blood Pressure UK’s objectives, for our internal administrative purposes, and where we need to take steps to protect our network security or risk of fraud.
In most instances, however, we will rely on obtaining your consent to our use of your personal information. This is the case, for example, where we seek to obtain your consent to receive email marketing about Blood Pressure UK.
Marketing
We always try and send you relevant information about Blood Pressure UK - what we do, how we spend your money and how you can support us. We never bombard our supporters – we send out very little direct mail – often only twice a year with our Positive Pressure members magazine, and our emails are kept to a minimum, generally 4 e-Positive Pressures and 2 further communications, so as not to bother you.
You are always in control:
We pride ourselves that you always have and always will be in control as to whether you want to receive information about our work, how we raise funds and the ways you can support us. If you do not want us to use your personal information in these ways please indicate your preferences at the time we collect your data, whether that be verbally, by post or via email, text or on our website.
You can opt-out of our marketing communications at any time by clicking the ‘unsubscribe’ link at the end of our marketing emails sending us an "opt-out" text message, following the instructions we provide you in our initial text.
You can change any of your communication preferences at any time, including telling us that you no longer want to hear from us, via info@bloodpressureuk.org or call 020 7882 6255
We will not use your personal information for marketing purposes if you have indicated that you do not wish to be contacted by us for such purposes. However, we will retain your details on a suppression list to help ensure that we do not continue to contact you.
Third parties
Blood Pressure UK may securely disclose/receive your personal information in the following circumstances:
We may share your postal address to a mailing house if they are posting out our magazine or event packs on our behalf. This will only be the case for our Positive Pressure Magazine and Know Your Numbers event and only because we do not have the resources to manage the mailing in-house
We may share your contact information to a data cleansing company to ensure that we are not sending any communications out to deceased or gone away individuals
We may share/receive display name/profile information following interactions with our social media platforms. These are subject to user’s privacy settings for each of their social media networks
We may receive your data from third parties who provide a service to us, some of which are data processors. This includes trusted companies and other entities that act as fundraisers for Blood Pressure UK. All this personal data will have only been shared with us if you gave them permission at the time of data collection and we need this data to action your request. These include CAF (charities aid foundation), Charitable Giving, Charities Trust, Justgiving, Virgin Money Giving, Funeral Directors, Remember a Charity
These third parties comply with data protection laws. We enter into contracts with all of our data processors and regularly monitor their activities to ensure they comply
We may share your data where we are under a duty to disclose your personal information in order to comply with any legal obligation (for example to government bodies and law enforcement agencies), or in order to enforce or apply our rights (including in relation to our website or other applicable terms and conditions) or to protect Blood Pressure UK, for example in cases of suspected fraud, breach of contract or defamation
We use due-diligence when working with any third party to ensure, like us, they adhere and comply with the General Data Protection Regulation.
Rest assured, we will never share, sell or swap your details with any third parties for the purposes of their own marketing.
Where we store your personal data
All information you provide to us is stored on our secure servers and on our secure database Subscriber (Dataware). All of our laptops are encrypted to ensure that if any were stolen or lost, any information would be safe. No personal details are saved on local drives. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Once we have received your information, we will use strict procedures and security features to prevent unauthorised access such as cyber-attacks.
How long do we keep your data?
Personal data processed for any purpose shall not be kept for longer than is necessary for that purpose.
We will:
- Review the length of time we keep your personal data;
- Securely delete information that is no longer needed for this purpose; and
- update, archive or securely delete information if it goes out of date.
- We keep paper financial records for as long as required to operate the service in accordance with legal requirements and tax and accounting rules. Once your data is no longer required, we will destroy it securely.
- In terms of financial records on our CRM, this cannot be deleted as we keep records for our financial auditing purposes and to ensure we are transparent with recording the money we receive. Please note that your credit/debit card details are not saved on our CRM, only your name, contact details and what you have donated.
Contact Us About Your Data
If you would like to have your data removed from our system, or you have another enquiry about the data we hold, please contact us at info@bloodpressureuk.org.
Changes to this privacy policy
The Data Protection Officer reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. If a User objects to any of the changes to the Policy, the User must cease using this Application and can request that the Data Protection Officer remove the Personal Data. Unless stated otherwise, the then-current privacy policy applies to all Personal Data the Data Protection Officer has about Users.
Data Protection Officer: Katharine Jenner
Effective date: Aug 2020
Review date: April 2021
Approved: Professor Graham MacGregor CBE
Data Protection Officer: Katharine Jenner
Version Control: V1