To enable us to undertake our charitable objectives we collect and use personal information about individuals. We recognise the trust placed in us by individuals whose information we use.
It is important to us that we are open and honest about the way we use information and we are committed to ensuring that we do so in a manner that is both lawful and respects your privacy.
This notice applies to the general public, our children and families, supporters, employees, volunteers, contractors and customers.
This privacy notice sets out the details about how we collect, use and look after information (known as processing) and what you can expect from us.
The information we collect and the reason for collecting it is different for different groups of individuals.
We feel it is important that you are aware of your rights as an individual.
If you have any concerns or questions about your rights as an individual please contact us. You are entitled to an independent review of our actions should you have a concern or feel we have not respected your rights.
If you feel this is the case you can register your concern with the UK Information Commissioner's Office. Details on how to do so can be found here on their website (https://ico.org.uk/concerns) or by calling 0303 123 1113.
Your personal contact details are used in order for us to manage our relationship with you. To make it easier for you to contact the correct person in CHAS, we have included contact information within the Children and Families, Supporters, Volunteers staff sections in this document. General enquiries can be directed to:
Depending on your relationship with us, the services you use and the way in which you support us, the information we hold about you may include the following:
We ensure that there are appropriate technical controls in place to protect your personal details; for example our online forms are always encrypted and our network is protected and monitored.
We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff and volunteers and contractors.
We use external companies to collect or process personal data on our behalf. We do comprehensive checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements.
We may need to disclose your details if required to the police, regulatory bodies or legal advisors.
We will only ever share your data in other circumstances if we have your explicit and informed consent.
We realise it is important for you to know and understand how long we will keep and use your data. We are required by certain laws and regulations to maintain records for certain periods. Once your information is no longer required it is disposed of securely. We have included retention schedules within the Children and Families, Supporters, Volunteers and staff sections of this document.
Links to additional information
If you work at, or make a visit to any of our sites, for example to work, to train, to visit any of our children or their families in the hospices, make a donation, volunteer etc, we will usually collect some information about you. You will always be asked to sign in at Reception on all sites - whether it is via an iPad or on paper:
We maintain a register of staff, visitors and contractors who enter our buildings. For this register we will keep the details you provide such as name, company details, and vehicle details and registration.
This information is required for health and safety and security purposes, and will be for held for one month and then deleted.
We will collect and retain your vehicle details if you register them when signing in. We use the data you provide to ensure effective car park management.
This information is held for one month and then deleted.
To support NHS Scotland's efforts in tackling COVID-19, in addition to the information we already collect form you when you visit us, we are now requesting you provide a contact telephone number or postal/email address.
In order to assist in the containment of the virus, we will only share your data when it is requested directly by NHS Scotland and statutory partners. This will only be in the unlikely event there is a cluster of coronavirus cases linked to the premises.
The purpose for which we are processing your personal data is to assist with NHS Scotland's efforts in tackling the coronavirus public health epidemic. This will involve the gathering and, when necessary, the sharing of information with NHS Scotland and statutory partners. Your data will not be used for any other purpose.
These are as detailed in the general policy.
For futher information or if you have any concerns regarding your information and its use, please contact one of the Charge Nurses on:
Rachel House: 01577 865777
Robin House: 01389 722055
CHAS complies with our own internal retention schedules and the retention schedules set out in the NHS Records Management Guidance.
If you support us, for example make a donation, volunteer, register to fundraise, sign up for an event or buy something from our shop, we will usually collect:
Where it is appropriate we may ask for:
We will mainly use your data to:
Whatever it is about CHAS you are interested in, we really want to be as tailored as we can in our communications to you. We also want to speak to you in the way you'd prefer - be it by email, on the phone or in writing. To help us do this, we will sometimes analyse things like what you are interested in and where you live to help us engage with you in a meaningful way. This is important because it cuts down on broad ranging communications and helps us ask for donations or give information based on what we know they would like to hear about.
With your consent, we will contact you to let you know about the progress we are making and to ask for financial and non-financial support. We make it easy for you to tell us how you want us to communicate, in a way that suits you. Our forms have clear marketing preference questions and we include information on how to request no contact (Opt-Out) from us. If you don't want to hear from us, that's absolutely fine, please just get in touch to let us know and we will make sure your wishes are followed. When you give us your information, or you get in touch with us we will assign a CHAS number and you can email it to firstname.lastname@example.org
We do not sell or share personal details to third parties for the purposes of marketing. But, if you attend an event run in partnership with another named organisation your details may need to be shared. We will be very clear what will happen to your data when you register.
As a fundraising organisation, we carry out targeted fundraising activity to ensure that we are contacting you with the most appropriate communication, which is relevant and timely and will ultimately provide an improved experience for you.
In doing so, we carry out limited in-house profiling and research to help us better understand and communicate with our donors and potential donors. To support this activity, we may use automated or manual processes such as wealth screening to analyse and segment our data using our trusted third party partners. Such information is compiled using publicly available data, e.g. directories, companies house, charity registers, and social media platforms such as LinkedIn. You will always have the right to opt out of this processing.
We may also carry out research using publically available information to identify individuals who may have an affinity to our cause but with whom we are not already in touch.
We also use publicly available sources to carry out due diligence on donors in line with the charity's Gift Acceptance Policy and to meet money laundering regulations.
We collect information in the following ways:
You may give us your information in order to sign up for one of our events, tell us your story, make a donation, purchase our product or communicate with us. Sometimes when you support us, your information is collected by an organisation working for us (e.g. professional fundraising agencies), but we are responsible for your data at all times.
Depending on your settings or the privacy policies for social media and messaging services like Facebook, WhatsApp or Twitter, you might give us permission to access information from those accounts or services.
You may also provide permission for 3rd party organisations to share your data with other third parties, including charities. You may do this when you buy a product or service, register with a website that runs competitions or register with a comparison site.
The information we get from those services depends on your settings or the responses you give, so you should regularly check them.
Like most websites, we use "cookies" to help us make our site - and the way you use it - better. Cookies mean that a website will remember you. They're small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier - for example by automatically filling your name and address in text fields.
In addition, the type of device you're using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you're using, what your device settings are, and why a crash has happened. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.
The website uses a cookie for Google Analytics. It does not capture or store personal information, but merely logs the user's IP address which is automatically recognised by the web server. This is used to record the number of visitors to our site and volumes of usage.
For more information about Google Analytics visit the Google Analytics website.
You can opt out of Hotjar collecting your information at any time by following these instructions.
If you do not wish to accept cookies on to your machine you can disable them by adjusting the settings on your browser. However this will affect the functionality of the CHAS website.
We also work with 3rd parties who support our work and raise money.
For this reason there are 3rd party cookies on our website. If you accept these we will show you adverts on other websites that are relevant for you.
Where possible we use publicly available sources to keep your records up to date. We really appreciate it if you let us know if your contact details change.
You have a right to ask us to stop processing your personal data, and if it's not necessary for the purpose you provided it to us for (e.g. processing your donation or registering you for an event) we will do so.
You have a right to ask for a copy of the information we hold about you. If you spot any mistakes, please let us know and we will correct them.
If you have any questions, comments or suggestions, please let us know by contacting the Support Services Team, 2nd Floor, Buchanan Tower, Cumbernauld Road, Stepps, Glasgow, G33 6HZ or email email@example.com.
If you want to access your information, send a description of the information you want to see and proof of your identity by post to CHAS, 2nd Floor, Buchanan Tower, Cumbernauld Road, Stepps, Glasgow, G33 6HZ. We do not accept these requests by email.
If you have any questions please send these to firstname.lastname@example.org.
If you volunteer with us, we will hold the information you submit on your application form on our secure database. This information is treated confidentially and kept securely, with access limited to authorised personnel only.
We will only use your data for the purposes of volunteer management in CHAS and you will only be contacted about your volunteering activity. You will not be contacted about fundraising unless you are also registered with CHAS as a supporter.
When you leave your volunteering, or if you apply and do not go on to become a volunteer, we will delete your record on our database in line with our record retention guidelines.
If you have any questions please send these to:email@example.com.
From the moment you register your interest to work with us, CHAS will ensure that we gather and secure only relevant information from you as part of our recruitment process. Please visit our recruitment section on the website for further information.
CHAS ensures all personal information of our Employees and Bank Workers is kept securely and is up to date, Please refer to current HR Policies available on the Intranet for further information on the data we hold for our employees.
Updated May 2021