Text Resize

-A +A

General Data Protection Regulation

General Data Protection Regulation

On the 25th of May 2018 the new EU General Data Protection Regulation (GDPR) replaced the existing Data Protection Directive.  The GDPR was designed to protect and empower all EU citizens data privacy.  This new regulation affects the way that all charities and retail businesses hold data on supporters and customers.

As a charity we are reliant on the support of people like you. Without your support the work that we carry out would not be possible.    

It is vitally important to us that you feel comfortable with the way in which we communicate with you. We store your name and address on our secure database so that we are able to send you our newsletter annually, keeping you updated with our projects and the developments that your generous donations have funded. As a small charity we do not share data that we hold on our supporters with any agencies.

Occasionally independent event organisers, for example the London Marathon or fundraising sites such as Just Giving, will share personal information on individuals with us.  These independent third parties only share information with us from individuals who have indicated that they wish to support UCL Hospitals Charitable Foundation and who have provided consent allowing their information to be shared.  Information about third party organisers privacy policies should be clear and accessible at the point where you provide your information.

As one of the requisites of the new GDPR, we audited existing data that we hold on individual supporters to ensure that it is relevant and necessary to our relationship with you.  We have an obligation to you to keep the data that we hold (name, address, and in some cases telephone number and email address) up to date and secure.  It is your right to request access to this information, and if you feel that the information that we hold is not relevant, you can ask us to change the personal details that we store.  We will action any requests for disclosure of information, or changes to it, within one month of your request.  It is extremely helpful to us if you let know if any of your contact details change.

The information that we hold on individuals is held in a secure database that has technical controls in place to protect data. Your information is only accessible by appropriately trained staff and contractors.

We hope that you will continue to support us and that you are happy for us to carry on contacting you in the way that we currently do. However, if for any reason you do not want us to continue storing your information, please contact Shirley Featherstone at shirley.featherstone@nhs.net. Once we receive your request we will mark your contact details on our database as 'no further contact' and you will not hear from us again unless you approach us in the future asking to be put back on the mailing list.

If we do not hear from you we will assume that you are happy for us to continue to store your personal information and to remain on our database. You will continue to receive our newsletters and invitations to events where appropriate.

If you have any further questions about GDPR please do not hesitate to contact us.