Privacy Policy

At ACCORD Hospice, we are committed to protecting your personal information and privacy. We comply with all legislation regarding the collection and use of personal data. This Privacy Notice describes how we collect and use your personal information.

We may update this Privacy Notice from time to time so please check back periodically. We will notify you of significant changes by putting a notice on our website.

If you have any queries about this Privacy Notice, please contact our nominated Data Protection Officer (DPO)

Phone: 0141 581 2000 Ext 203
Email: dpo@accord.org.uk
Post: ACCORD Hospice , 7 Morton Avenue, Paisley PA2 7BW

ACCORD Hospice

In this Privacy Notice, ‘ACCORD Hospice’ means ACCORD Hospice (registered as a charity in Scotland, No SC013682) and a company limited by guarantee (SC092520) with our offices at 7 Morton Avenue, Paisley PA2 7BW. We are registered with the Information Commissioner’s Office, registration reference Z6995209.

When We Collect Personal Information

We collect personal information about you when you interact with us (e.g. in person, by phone or online) in order to:

use any of our specialist clinical, educational or other support services
be acknowledged as the next of kin of one of our patients
apply to work or volunteer with us
enquire about our activities and services
make a donation or gift
participate in an ACCORD-organised event
donate to (or buy from) one of our shops
participate in our Lottery

We may also receive information about you from third parties that we work with or support, for example independent event organisers, fundraising sites like JustGiving and Virgin Money, Starvale Management and Technologies Limited (our lottery company), our payroll and pension providers and Disclosure Scotland.

The Personal Information We Collect

Patients and Family Members

The types of information we might collect from patients and family members would include names, postal addresses, email addresses, phone numbers, dates of birth and details of next of kin as well as information of a medical and personal-sensitive nature.

This information is collected for the purposes of providing clinical and specialist palliative care to those referred to us and could be used and shared between departments within ACCORD as well as with other health and social care service providers under strict guidelines. We may also receive information from the NHS which is only shared with us under strict guidelines.

We may collect personal-sensitive information including but not limited to race, faith, gender, religion, disability and family status for statistical and reporting purposes but these will be anonymised and no individual will be identifiable.

Employees and Volunteers

The types of information we might collect from employees and volunteers include names, postal addresses, email addresses, phone numbers, dates of birth, next of kin, employment history, disabilities relevant to their employment or volunteering role, and character or employment references.

Supporters

The types of information we might collect from supporters include names, postal addresses, email addresses, phone numbers, dates of birth, next of kin, communication preferences, credit or debit card details, and whether they are a tax payer so that we can claim Gift Aid. We also hold records of specific donations and fund-raising efforts alongside the communications that we have had.

We will not store credit or debit card details after they have been processed.

We do not collect personal-sensitive data such as race or disability relating to our supporters unless there is a legitimate reason for this (e.g. participation in an event for which we may need to provide support.)

Lawful Basis and Purpose

Patients and Family Members

The lawful basis for processing patient, family and next of kin data is the legitimate purpose of providing a health and social care service. Special category data held on patients is also processed for the purposes of providing a health and social care service.

If you, a relative or a friend, are cared for or supported by ACCORD, the personal-sensitive information you provide to us will be used only for the purposes of offering access to and providing you with our specialist services including bereavement support, for training our staff or for monitoring the quality of our services. ACCORD will not disclose your personal information to any third party without your consent, except in the following circumstances:

to health and social care professionals and organisations involved in the provision of your care, and always within the appropriate regulations governing sharing of your health and social care records.
exceptionally, to professional bodies or otherwise as required by law, regulation or codes of practice

We will not use your information for other purposes without your permission. If you tell us about your own experience with terminal illness or the experience of someone else we will explain how we will use that information. If you don’t want us to use such information for other purposes or change your mind at any time, it will not affect any services we provide.

Employees and Volunteers

The lawful basis for processing employee and volunteer data is the legitimate purpose of managing the relationship between ACCORD and the employee or volunteer.

We use the information collected on our employee and volunteer application forms to identify suitability for work for or volunteering with ACCORD. If your application is unsuccessful we will dispose of your data within six months. If your application is successful we will retain a copy of your application form and your data will be stored within our employment records to allow us to manage the employment or volunteering relationship we have with you.

If you cease to be employed by ACCORD we will retain your personal data for a period of six years.

If you cease to volunteer with ACCORD we will retain your personal data for a period of one year.

Supporters

The lawful basis for processing data held on recent (donations made within the past three years) supporters is the legitimate purpose of raising charitable funds to support the delivery of specialist palliative care in Renfrewshire and parts of East Renfrewshire. If you stop making donations in any form we will only process your data with your consent.

We use the personal information collected from you for a number of purposes, including:

to provide you with services, products or information you have requested;
to process and acknowledge donations or payments we have received from you;
to fulfil sales made online or through our shops;
to record and administer your participation in events for which you have registered;
to record your gifts of money or the sale of goods you donated to our shops and, if appropriate, to reclaim tax paid on these through the Gift Aid scheme;
to keep a record and breakdown of our fund-raising income which we may analyse to help us improve income in future years;
for a period of three years following your most recent donation to send you newsletters and fund-raising information unless you choose not to receive these. If a period of three years passes without a donation we will only continue to mail you with your consent (see section on ‘Your Updates and Preferences’ below).

We may also use your details:

to invite voluntary participation in research or surveys;
to analyse and improve our work, services, activities, products or information

(including our website) or for our internal records;

for fraud prevention, credit risk reduction or otherwise as required by law or regulation;
to improve our communication with you and to contact you in the most appropriate and relevant way.

When you use our secure online donation or payment pages you will be directed to a specialist supplier company who will receive your credit card number and contact information to process the transaction. We do not retain your credit or debit card details.

We use external companies to help us with larger mailings and to process Direct Debits, these companies are UK based and are data protection compliant. If you complete a Gift Aid declaration we will share your name and address and the value of your donations with HMRC for the purposes of reclaiming tax paid.

We will never sell or share your data with any other third party unless required by law.

Your Updates and Preferences

It is important that we keep your personal information up to date. You can contact us on 0141 581 2000 or at dpo@accord.org.uk at any time if your circumstances change.

For our legitimate fund-raising purposes we will mail you newsletters and fundraising information for a period of three years following your latest donation. If a period of three years passes without a donation we will contact you to provide an option to consent to continue to hear from us. Any consent provided will be valid for a period of five years without a donation.

You can stop receiving mail at any time by contacting the Fund-Raising Team on 0141 581 2000 or at fundraising@accord.org.uk.

You can stop receiving emails by clicking on the “unsubscribe” link in our marketing emails.

You can update your contact preferences by contacting the Fundraising Team on 0141 581 2000 or at fundraising@accord.org.uk.

We will not use your details for fundraising or related purposes if you tell us not to, however, we will retain your details on our database to help ensure that we do not contact you again.

Sharing with Third Parties

We will never sell your data to any third party. We will not share your details with other charities for marketing purposes.

We will only share information with other organisations where we have your permission to do so in accordance with this Privacy Notice, where it is necessary for a legitimate reason connected with the services we offer or where it is required by law or regulation.

Sometimes, we may need to share your information with a small number of trusted partners (service providers, agents and affiliated companies) for the purposes outlined above (e.g. a supplier that produces promotional material or delivers goods for us or a supplier that processes payments securely). Where we use third parties, we require them to adhere to appropriate controls to protect personal information.

We use Microsoft Office 365, Blackbaud Raiser’s Edge, SCI Gateway and Sage which are multi-tenant cloud services, to store data. This means that internal documents and information which are generated at ACCORD are stored in cloud services which are hosted within the EEA apart from Blackbaud which is hosted in Boston, USA. We have an appropriate privacy shield from that processor.

We may, on an exceptional basis, use other tools or services which process data outside the EEA. In these cases we require suppliers to ensure adequate protection for personal data e.g. Microsoft may provide us with emergency support for Office 365 from outside the EEA in rare circumstances.

Data Security

ACCORD is committed to keeping your personal information safe and secure and we have security policies and technical measures in place to help protect your information.

Unfortunately, no data transmission over the internet can be guaranteed 100% secure. As a result, while we strive to protect your personal information, ACCORD cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk.

As a user you can help protect the integrity of any data you transmit to ACCORD by taking common precautions such as regularly allowing patching for your operating system, ensuring you are running up to date and supported anti-virus software, and only transmitting data where “https” appears at the beginning of the page URL (this refers to the security technology Secure Sockets Layer (SSL) and indicates that the data is being transmitted securely).

Your Rights

You have the following rights with regard to the data we store about you:

The right to be informed
The right of access
The right to rectification
The right to erase
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling (we do not use automated decision making or profiling).

If you wish to exercise any of these rights please contact our Data Protection Officer on 0141 581 2000 Ext 203 or dpo@accord.org.uk for more information. You can contact us in any way you deem appropriate but our preferred approach is via email (dpo@accord.org.uk) as this allows us to ensure that all such requests (we call them “Data Subject Action Requests”) can be dealt with promptly, efficiently and within the statutory timescales which we are given. We require proof of your identity in order for us to deal with your request, so please make sure this is provided to us. We will respond to any requests as quickly as we can, but definitely within 28 days. However, we reserve the right to refuse (or charge for) requests which we deem to be unfounded or excessive. If we do so, we will notify you of our reasons for doing so (again within 28 days). You have a right to complain to the supervisory authority and to seek a judicial remedy if you are unhappy with our response to your request so if after speaking to us you are unhappy with our use of your personal data, you have the right to complain to the Information Commissioner’s Office.

Cookies

We use these to improve the user’s experience of our website, temporarily store data and understand the parts of the website that users are visiting. Cookies help us gather statistics on the use of our website anonymously. You can set your browser to not accept cookies, but this may affect the functionality of the website. More about cookies can be found by visiting the Google Analytics website.

Online Links and Third Parties

This notice only applies to ACCORD, so when you link through to our partner companies (e.g. to donate, register for an event) please read their own privacy notices.

Contact Us

If you have any questions or concerns relating to our collection, storage, processing or use of personal information, please contact our Data Protection Officer at 0141 581 2000 Ext 203 or at dpo@accord.org.uk

Updated – August 2021

Download Privacy Policy