There are no products in your shopping cart.
At Jo’s Cervical Cancer Trust we are committed to protecting any personal information that we collect about you and being transparent about what we do with it. This policy covers all the methods we use to collect information and covers what we collect, why we collect it and your rights regarding the information we hold for you.
We have written this policy in accordance with the Data Protection Act 1998, the General Data Protection Regulation and any subsequent policies. If you have any queries about it then please contact the Data team at Jo’s Cervical Cancer Trust, CAN Mezzanine, 7 - 14 Great Dover Street, London, SE1 4YR, email [email protected] or call us on 020 3096 8100. By using our website, forum, social media or providing your personal data to us you are consenting to our collection and use of the information as set out below.
We will only collect the information that we need, this may include information to help us operate and improve our services and information.
We collect personal information which may include your name, date of birth, e-mail address, postal address, telephone number, fax number and credit/debit card details. We may also collect information relating to your health and your interests or hobbies. Non-personal information includes your IP address which helps us to understand how our website is performing, which pages are popular and how we can improve what we offer.
We may ask for sensitive information, including data related to your ethnicity, health, sex, gender and how you identify. This is to ensure we can provide the support and information you request and to ensure our work is reaching the people it needs to reach.
Our website contains links to other websites that we think may be of interest to our website users. We cannot be held responsible for the privacy policies for these websites.
The type and quantity of information that we ask for and how we use it depends on why you are providing it. We will use your personal information to:
If you become a media volunteer and share your story with us, we will never share identifiable details without your permission, but sometimes may use some of your story to secure opportunities.
We will only collect and use your personal information where we have a legal basis to do so and will always respect your rights.
Where we use your information, it may be because you have consented to us doing so or because we consider we have a legitimate interest to do so. Where we do rely on a legitimate interest to use your information, we promise never to do it in an intrusive way or to cause distress, and to always respect your rights. Other reasons may include using information because we have a legal obligation to do so or because we have to fulfil contractual obligations.
We will not sell your details, however may occasionally share your information with carefully chosen third parties who our working on our behalf, including mailing houses who distribute our information materials.
If you set up a direct debit or use your credit or debit card to donate to us or to order from our shop, we pass your details securely to our processing partners to enable payments to be made. We do this in accordance with industry standards and do not store your card or bank details on our website. Our partners will only act under our instruction and are subject to pre-contract scrutiny and contractual obligations containing strict data protection clauses.
We may also need to share your information if required to do so by law.
In order for us to run our services, including our Forum, Helpline, 1:1, email, Ask The Expert and Call back service , we collect personal and sensitive data. This is also the case when you sign up to our support events, either online or face to face. This information is managed separately to other data provided to the charity, stored confidentially and only accessed by trained staff. We collect this information to enable us to monitor these services, improve them, contact you about forthcoming internal events that may be of interest to you and provide additional support to those who request it.
Our Ask the Expert service is strictly confidential and identifiable details of service users are not passed to our medical panel volunteers. The details of service users and their queries are kept separately on our secure database with only members of the services team and main database administrator having access. Details of our Callback service users and 1:1 service users are also kept on our database in order to provide increased support at the request of our service users. As with all of our services, these details are kept strictly confidential.
We collect information from you when you register our Forum, such as your name and email address. This is because an account is required to post, however you may visit the Forum and read posts without signing up. Your email address will be verified by an email containing a unique link. If that link is visited, we know that you control the email address.
Email notifications about new posts or replies can be managed or turned off within the preferences section of your Forum account.
When registered and posting, we record the IP address that the post originated from. This is partly to keep the Forum safe and reduce spam posts. We also may retain server logs which include the IP address of every request to our server.
We will make a good faith effort to:
Our Forum is moderated, however the information you provide is publically available so please avoid sharing identifiable information. You can read more about this in our Forum guidelines. We ask you to provide your email address when you register and may contact you about administrative issues and changes to the forum.
If you apply to work or volunteer at Jo’s Cervical Cancer Trust, we will only use the information you give us to process your application and to monitor recruitment statistics. If we want to disclose information to someone outside the charity – for example, if we need a reference, or need to get a 'disclosure' from the Criminal Records Bureau – we will make sure we tell you beforehand, unless we are required to disclose this information by law.
If you are unsuccessful in your job application, we will hold your personal information for six months after we've finished recruiting the post you applied for. After this date we will destroy or delete your information.
When you start working for us, we will put together a file about your employment. We keep the information in this file secure, and will only use it for matters that apply directly to your employment.
Once you stop working for us, we will keep this file according to our document retention policy.
We are committed to ensuring all personal data we collect is stored securely and have security measures in place to protect the data we collect and store. This includes using secure server software (SSL) to encrypt all financial details collected and ensuring only appropriately trained, authorised staff can access personal or sensitive data. We take every measure to ensure the information you give us is kept secure, accurate and up to date and that you are not contacted for any other reason than specified. We will only keep your information for as long as we need it and will always dispose of it securely when we do.
Some of our suppliers run their operations outside the European Economic Area (EEA). Although they may not be subject to the same data protection laws as companies based in the UK, we take steps to make sure they provide an adequate level of protection in accordance with UK data protection law. By submitting your personal information to us you agree to this transfer, storing or processing at a location outside the EEA.
While we will do our best to ensure your data is kept secure, we cannot accept any responsibility for any loss, disruption or damage to your data or your computer system while you are using our website.
Post-Brexit, the UK will be a third country for GDPR purposes. This means any organisation based in the EEA that is transferring data to the UK will need to ensure the data is adequately protected to GDPR standards. Organisations in the UK processing the personal data of EU citizens will need to comply with both the UK data protection law (which includes the version of the GDPR implemented on 25 May 2018; “UK GDPR”) and the EU GDPR.
Jo’s Cervical Cancer Trust has considered the territorial scope of the GDPR and considers that the EU GDPR will not apply to it post-Brexit. This is because the charity is not offering goods or services to, or monitoring the behaviour of, EU data subjects. We will not appoint an EU representative because only a small percentage of our income comes from supporters living in the EU and the charity does not actively cultivate European donors or supporters.
We rely on a number of third party agencies to process income on our behalf such as Just Giving and Facebook. These third parties may make restricted transfers of data to us if any of their operations are based in the EU, and in such instances it is the third party’s responsibility to ensure that the personal data is protected.
Upon receipt of the data, we will ensure that any EU data subjects’ personal data is protected under both the UK and EU GDPR and treat personal data with care and due diligence. Occasionally, we will need to upload data of UK data subjects to a third party’s site, and any transfer of data will be done securely.
You have rights over your data and how we use it, this includes:
If personal details change, please do let us know.
We may change this privacy notice from time to time. If we make any significant changes to this notice and the way we hold personal data, we will make this clear on the Jo’s Cervical Cancer Trust website or by contacting you directly.
If you have any questions about this policy or how we use your data, please contact the Corporate Services team on 020 3096 8100 or by email [email protected]. For further information please see the Information Commissioner’s Guidance at https://ico.org.uk/