This privacy statement provides information about the personal information that the International Gaucher Alliance collects, and the ways in which the IGA uses that personal information. This privacy statement aims to cover all of our activities.
Last updated on 9 December 2020
The IGA may change this policy at any time in line with legislative changes or changes to the policy of the organisation. Please check our website from time to time to ensure you are aware of any changes.
The IGA adheres to the Principles of the General Data Protection Regulation (GDPR).
In this policy document:
The IGA collects data for the following reasons:
We aim to contact you only with information that you have asked for, either by consenting to be part of our mailing lists, or by signing up for a specific project. In the latter case we will only contact you within the life of that project without your specific consent to do otherwise. You can opt out of receiving information at any time.
We will only collect data from you that is needed to deliver our work and aim to keep that data for a limited period. We will never sell your data to a third-party organisation, and never share your information for marketing purposes. We will only pass it on to a third-party organisation where it is necessary to deliver our work (for example providing an event venue with a list of attendees). We will make it clear when we need to do this, for example, we sometimes use third party platforms such as MailChimp to help us deliver our services.
The IGA will take all reasonable care to protect your personal information through secure working practices and processes. In line with the GDRP we will provide you with a summary of information we hold about you upon request and will remove your information from our records upon request if we are not legally required to hold it.
We collect several different types of information. In general we collect and store information about our members and those who engage with one of the IGA's projects. We collect this data in order to keep our members updated and to deliver projects. We work to secure explicit consent to contact you about any unrelated events, and to share your information with any additional party.
1. Your browsing
We collect basic information about the users of our website. Whenever you access our website or download information, the web server automatically records the following information: the date and time you accessed our website, how long you were on the site, your internet domain name and the internet browser you use.
Some information may be collected when you use our website, including information such as your IP address. We also automatically receive and record information on our server logs in order to use services like Google Analytics. This information is used to help us improve our website, to increase traffic to our site, and raise the profile of the charity.
2. Your contact with us
3. IGA mailing lists
Only individuals who specifically opt in to receive a mailing list, either through our sign up forms or event and membership registration, will receive messages and have their details stored. You may choose to stop receiving either mailing list at any time through a link provided at the end of all mailing list emails, as part of any event registration process, or by contacting us at firstname.lastname@example.org.
4. Your attendance at IGA events
We collect information about delegates at IGA events. This information is collected directly by us and may include your name, contact details (email, phone number and address), employer and job role.
The IGA holds a digital copy of these details on our own server allowing us to monitor the impact of our work.
The IGA directly access delegate details only to administer the event, and to deliver information about the event that you are attending unless you provide explicit permission for your data to be used in other ways. The IGA sends emails to update registered attendees about the event . Contact details are not transferred to MailChimp for the creation of a new mailing list. Your details will only be added to MailChimp if you explicitly opt in for our mailing lists when you register for an event.
We produce delegate lists for some of our events, which are available to any individual attending the event (and by extension the organisations they represent). We will secure your direct consent before adding your details to these delegate lists.
After the event we will keep your data for a year to allow us to effectively measure the impact of our work and to accurately report to our sponsors (although no personal data is shared with them).
After this only data that is useful for assessing event attendance will be retained – this does not include contact details.
10. Expense claims
In the event that the IGA reimburses expenses for an individual attending or assisting with an event or project, we will collect personal data in order to process such payments. We will securely store this information in order to meet the needs of our accounting processes.
11. Social media
The IGA is active on Facebook, LinkedIn, Twitter and Instagram. The IGA does not collect data from these social media sources, though we will endeavour to answer messages directed to us through these sources. All messages sent to the IGA in this regard are governed by the privacy policies of the chosen platform.
12. Our staff and volunteers
We hold personal information about our staff, trustees, advisory board members and volunteers. We also hold information on recent job and volunteer applicants.
We keep your information for a period of five years. Your data will be retained securely.
You may ask us to destroy any personal information that we hold on you so that you receive no further information or contact from us. In this circumstance, if you are a member or are currently registered for an event or assigned to a project we will contact you to confirm your wish to continue involvement, and if so remove your data subsequent to completion of the project/event.
You may ask to have a copy of the information we hold about you and/or your organisation and to amend, update, add to or delete it at any time. Should you wish to restrict the use of your personal information, please contact us by email at email@example.com or in writing at the address supplied on the IGA's website or download our Subject Access Request form.
Our members of staff have access to your personal information. If you provide information through involvement with a specific event or project, that information will also be shared with any organisations that are listed as a project collaborator or co-organiser. (Our sponsors are NOT considered collaborators and would not receive data through these means.) Finally, some information may be shared with event venues to ensure that your needs are met on the day.
As detailed above, we may use third parties to provide services on our behalf, including MailChimp and Zoom. Those parties only collect and hold the information they need to deliver the service, though data is held in accordance with their own privacy policies.
If you have taken part in a research project, we will not tell anyone you have taken part and we will not share your information with any third party without your consent. Any collaborators with access to your information will be explicitly named when you give your consent.
We may disclose personal information if required to do so by law. Except as indicated above we will not use or transfer this data to any third parties without your explicit consent permission.
We publish information leaflets, reports and newsletters for our members and stakeholders and those that interact with the IGA. From time to time these will contain personal information about our patient groups, patients, or collaborators. We never publish any information or an explicitly identified image without clear consent from those concerned. We might use quotes, e.g. from events but will always ask your permission if anything in the quotation is identifiable.
You have the right to access information stored about you by the IGA. You can write to us at the address below or email us at firstname.lastname@example.org.
We will then provide you with the following information:
You can change your preferences at any time:
We have implemented technology and policies to protect your privacy from unauthorised access and improper use and will review these measures on a regular basis. While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur, we shall endeavour to prevent this.
If you have any questions or concerns about how we protect your personal information, please contact us.
POST: International Gaucher Alliance, 8 Silver Street, Dursley, Gloucestershire GL11 4ND, UK
TELEPHONE: +44 (0)1453 549231
The IGA is a Joint Data Controller pursuant to the GDPR and all empoyees of the IGA with are responsible for ensuring that good personal data handling practices are developed, reviewed and encouraged within the IGA as per their individual job descriptions.
Angel Jones is the named Data Controller for the IGA and reports to the IGA's CEO and Trustees and is responsible for ensuring that the IGA is GDPR compliant. The Data Controller shall at all times be the first point of contact where guidance is required in relation to any aspect of data protection compliance, as well as other procedures such as Subject Access Requests, compaints or objections to information being processed.