NIRDP Privacy Notice

Introduction

This notice is to help you understand how and why NIRDP collects personal information about you and what we do with that information. It also explains the decisions that you can make about your own information.

 

What is personal information?

Personal information that identifies you as an individual and relates to you. This includes contact details. If you want us to help you with issues arising from a rare condition, we will ask for your consent before holding that information.

 

How and why do we use personal information?

NIRDP work with and on behalf of people impacted by rare disease. We connect, advocate, educate and innovate. Most of the information we hold is directly provided by you. Any other information will have been given to us by a referring organisation.

We use personal information to a) share information about our work b) provide an appropriate service to people using our ‘Stronger Together’ project.

We may send you information to keep you up to date with what we are doing, or invite you to events.

We may take photographs at events to use on social media and the website.

We may use information about you if we need this for statistical or evaluation purposes.

We will only pass on your personal information with your agreement to another support organisation.

Occasionally, we may use consultants, experts or other advisors to assist the charity in fulfilling its obligations and to help run the organisation properly. We might need to share your information with them if this is relevant to their work.

 

Our legal grounds for using your information

Legitimate interests: This means that processing is legitimate interest except where the processing is unfair to you. NIRDP relies on legitimate interests for most of the ways in which it uses your information. Specifically, we have a legitimate interest in providing support services to you, promoting your welfare, promoting the objects and interests of the charity, facilitating the efficient operation of the charity, ensuring that all relevant legal obligations of the charity are complied with.

Health information: we will ask your consent to hold information about your health. You can withdraw this consent at any time by contacting us.

 

How long will we keep your information?

In order to evaluate the work we do, we will hold your information for 3 years after the end of any project.

If you have asked us to include you on a mailing list, we will retain that information until you tell us you want to stop hearing from us.

 

Data security

Like other organisations we need to keep your information safe, up to date, only use it for what we said we would, destroy it when we no longer need it and most importantly, treat the information we get fairly. We have put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a need to know. They will only process personal information on our instructions and they are subject to a duty of confidentiality. We have put in place arrangements to deal witj any suspected data security breach and will notify you and the Information Commissioner’s Office of a suspected breach where we are legally obliged to do so.

 

Your rights

You have the right to request access to information about you that we hold.

Please contact us if you would us to update the information we hold about you, or if you want to withdraw from mailing lists.

If you consider that we have not acted properly when using your personal information, or if you require more information about your data protection rights you can contact the Information Commissioner’s Office, ni@ico.org.uk

If you have any questions about this privacy notice, please contact or Chair, Fiona McLaughlin,  info@nirdp.org.uk

24 May 2018