Site Logo

Last updated on 9 December 2020


The IGA may change this policy at any time in line with legislative changes or changes to the policy of the organisation. Please check our website from time to time to ensure you are aware of any changes.


The IGA adheres to the Principles of the General Data Protection Regulation (GDPR).


In this policy document:

  • "we" or "IGA" means International Gaucher Alliance;
  • "you" means any person(s) about whom we collect non-personal and/or personal information.


Our Privacy Principals

The IGA collects data for the following reasons:


  1. To allow us to engage with our members, stakeholders and the wider Gaucher community with information and updates regarding services from the IGA.
  2. For administrative purposes, allowing interaction with the IGA's team.
  3. To understand the impact of Gaucher disease on patients and the effect of our projects on patient groups.  This allows us to improve our services and subsequently the lives of Gaucher patients.
  4. To share information and updates regarding research, clinical trials, treatment and care options relevant to Gaucher disease
  5. To raise awareness of Gaucher disease, our events and activities.


We aim to contact you only with information that you have asked for, either by consenting to be part of our mailing lists, or by signing up for a specific project. In the latter case we will only contact you within the life of that project without your specific consent to do otherwise.  You can opt out of receiving information at any time.


We will only collect data from you that is needed to deliver our work and aim to keep that data for a limited period. We will never sell your data to a third-party organisation, and never share your information for marketing purposes. We will only pass it on to a third-party organisation where it is necessary to deliver our work (for example providing an event venue with a list of attendees). We will make it clear when we need to do this, for example, we sometimes use third party platforms such as MailChimp to help us deliver our services.


The IGA will take all reasonable care to protect your personal information through secure working practices and processes. In line with the GDRP we will provide you with a summary of information we hold about you upon request and will remove your information from our records upon request if we are not legally required to hold it.


The following information provides a detailed breakdown of all the data we collect, how we hold it and use it, and reason behind it. If you would like to learn more about our privacy policy or our work, please contact us using at any time.



What information do we collect?

We collect several different types of information. In general we collect and store information about our members and those who engage with one of the IGA's projects. We collect this data in order to keep our members updated and to deliver projects.  We work to secure explicit consent to contact you about any unrelated events, and to share your information with any additional party.

1. Your browsing

We collect basic information about the users of our website. Whenever you access our website or download information, the web server automatically records the following information: the date and time you accessed our website, how long you were on the site, your internet domain name and the internet browser you use.


Some information may be collected when you use our website, including information such as your IP address. We also automatically receive and record information on our server logs in order to use services like Google Analytics. This information is used to help us improve our website, to increase traffic to our site, and raise the profile of the charity.


To make use of Google Analytics, our website uses cookies. A cookie is a series of characters that is generated by our website and stored on your computer. The cookie does not collect or contain personal information about you but allows you to keep logged in and records your use of our website.  The cookie does not track your movements on other websites. To view their privacy policy click here.  You can adjust the settings on your computer to decline any cookies if you wish. This can be done by activating the 'reject cookies' setting on your computer.

2. Your contact with us

If you contact us by telephone, e-mail, or by letter, we retain a record of your contact to help us respond to enquiries. We only collect this information if you provide it to us and we do not hold your information for longer than is necessary.  The IGA's email accounts are provided by Microsoft , where all email messages and addresses are stored. You can view Microsoft's privacy policy here. All emails and associated details may be retained in Microsoft 365 for a period of up to 3 years before being deleted.

3. IGA mailing lists

The IGA uses two mailing lists: a general mailing lists which is open for anyone to join, and a membership mailing list - both require your consent for us to contact you and hold your data.  IGA's mailing lists are administered through MailChimp, who store the name and email address of all individuals on the mailing list and track information on engagement with the messages sent. MailChimp’s privacy policy can be viewed here. The IGA holds a digital copy of all records of consent on its server.


Only individuals who specifically opt in to receive a mailing list, either through our sign up forms or event and membership registration, will receive messages and have their details stored.  You may choose to stop receiving either mailing list at any time through a link provided at the end of all mailing list emails, as part of any event registration process, or by contacting us at


4. Your attendance at IGA events

We collect information about delegates at IGA events. This information is collected directly by us and may include your name, contact details (email, phone number and address), employer and job role.


The IGA holds a digital copy of these details on our own server allowing us to monitor the impact of our work.


The IGA directly access delegate details only to administer the event, and to deliver information about the event that you are attending unless you provide explicit permission for your data to be used in other ways. The IGA sends emails to update registered attendees about the event . Contact details are not transferred to MailChimp for the creation of a new mailing list. Your details will only be added to MailChimp if you explicitly opt in for our mailing lists when you register for an event.


We produce delegate lists for some of our events, which are available to any individual attending the event (and by extension the organisations they represent). We will secure your direct consent before adding your details to these delegate lists.


After the event we will keep your data for a year to allow us to effectively measure the impact of our work and to accurately report to our sponsors (although no personal data is shared with them).


After this only data that is useful for assessing event attendance will be retained – this does not include contact details.


6. Webinars

We collect basic information about people who sign up to the IGA's webinars through Zoom including name, affiliation, and email address. Zoom's privacy policy can be viewed here. This information is collected only for the purposes of contacting attendees about the webinar and to collect feedback, unless explicit permission is given for other uses. The IGA holds a digital copy of this information on our own server, allowing us to monitor the impact of our work. Attendees details are retained for a year after the project end.


10. Expense claims

In the event that the IGA reimburses expenses for an individual attending or assisting with an event or project, we will collect personal data in order to process such payments. We will securely store this information in order to meet the needs of our accounting processes.


11. Social media

The IGA is active on Facebook, LinkedIn, Twitter and Instagram. The IGA does not collect data from these social media sources, though we will endeavour to answer messages directed to us through these sources. All messages sent to the IGA in this regard are governed by the privacy policies of the chosen platform.


12. Our staff and volunteers

We hold personal information about our staff, trustees, advisory board members and volunteers. We also hold information on recent job and volunteer applicants.


How long do we keep your information?

We keep your information for a period of five years. Your data will be retained securely. 


Your rights

You may ask us to destroy any personal information that we hold on you so that you receive no further information or contact from us. In this circumstance, if you are a member or are currently registered for an event or assigned to a project we will contact you to confirm your wish to continue involvement, and if so remove your data subsequent to completion of the project/event.


You may ask to have a copy of the information we hold about you and/or your organisation and to amend, update, add to or delete it at any time. Should you wish to restrict the use of your personal information, please contact us by email at or in writing at the address supplied on the IGA's website or download our Subject Access Request form.


Who has access to your information?

Our members of staff have access to your personal information. If you provide information through involvement with a specific event or project, that information will also be shared with any organisations that are listed as a project collaborator or co-organiser. (Our sponsors are NOT considered collaborators and would not receive data through these means.)  Finally, some information may be shared with event venues to ensure that your needs are met on the day.


As detailed above, we may use third parties to provide services on our behalf, including MailChimp and Zoom.  Those parties only collect and hold the information they need to deliver the service, though data is held in accordance with their own privacy policies.


If you have taken part in a research project, we will not tell anyone you have taken part and we will not share your information with any third party without your consent. Any collaborators with access to your information will be explicitly named when you give your consent.


We may disclose personal information if required to do so by law.  Except as indicated above we will not use or transfer this data to any third parties without your explicit consent permission.



We publish information leaflets, reports and newsletters for our members and stakeholders and those that interact with the IGA. From time to time these will contain personal information about our patient groups, patients, or collaborators. We never publish any information or an explicitly identified image without clear consent from those concerned. We might use quotes, e.g. from events but will always ask your permission if anything in the quotation is identifiable.


Access to the information we hold about you?

You have the right to access information stored about you by the IGA. You can write to us at the address below or email us at


We will then provide you with the following information:

  • What personal data is stored
  • The purposes for which your data is being processed
  • Who has access to your data


Can you change your preferences?

You can change your preferences at any time:

  • To unsubscribe completely, download the Data Subject Withdrawal of Consent form and email it to us
  • To change your preferences, complete our Data Subject Consent form and email it to us


What security measures do we have?

We have implemented technology and policies to protect your privacy from unauthorised access and improper use and will review these measures on a regular basis. While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur, we shall endeavour to prevent this.


Links to other websites

Our website ( may contain links to selected websites which we feel may be of interest. Please note that once you use one of these links to leave our website, we do not have any control over that other website. Please exercise caution and refer to their privacy policy and/or terms & conditions of use as we cannot be held responsible for the protection or privacy of any information you provide to a third party.


Any questions about privacy?

If you have any questions or concerns about how we protect your personal information, please contact us.


POST: International Gaucher Alliance, 8 Silver Street, Dursley, Gloucestershire GL11 4ND, UK

TELEPHONE: +44 (0)1453 549231 


General GDPR information


The IGA is a Joint Data Controller pursuant to the GDPR and all empoyees of the IGA with are responsible for ensuring that good personal data handling practices are developed, reviewed and encouraged within the IGA as per their individual job descriptions.


Angel Jones is the named Data Controller for the IGA and reports to the IGA's CEO and Trustees and is responsible for ensuring that the IGA is GDPR compliant.  The Data Controller shall at all times be the first point of contact where guidance is required in relation to any aspect of data protection compliance, as well as other procedures such as Subject Access Requests, compaints or objections to information being processed.


Download Fair Processing Notice

Download Right to Withdraw Consent procedure

Download Subject Access Request procedure