Privacy and Cookies Policy

Below are the Privacy Policy and online Cookie Policy of the Barts Guild. If you prefer, they can be viewed as PDF documents at the links directly below:

Barts Guild – Cookie Policy

Barts Guild – Privacy Policy

 


COOKIE POLICY

Last Reviewed 1/5/18

This Cookie Notice explains how the Guild uses cookies and other tracking technologies through our website www.bartsguild.org.uk.This Cookie Notice is to be read alongside the Guild’s Privacy Notice which explains how the Guild uses personal data. If you do not accept our use of cookies please disable them following our guidance below.

 

What are web cookies?

Web cookies are small files that are placed on your computer or mobile device by a website when you visit it. They contain details of your browsing history on that website and distinguish you from other users. Cookies send data back to the originating website on each subsequent visit or allow another website to recognise the cookie. Cookies are useful because they allow a website to recognise a user’s device and, for instance, remember your preferences and generally improve your online user experience. Like most websites, the Guild uses cookies.

Although this Notice refers to the general term “cookie”, which is the main method used by this website to store information, the browser’s local storage space is also used for the same purpose and cookies and we may use other tracking technologies through this website such as web beacons. As a result, the information included in this Cookie Notice is likewise applicable to all cookies and tracking technologies that we use.

You can find out more about cookies at www.allaboutcookies.org.

 

Why do we use cookies?

  1. To let you do things on our website – for example, cookies enable you to log in to secure areas of our website, use the online shopping cart or make use of e-billing services.
  2. To collect anonymous statistics – the information collected by cookies enables us to improve the website through usage figures and patterns. For example, it is really useful to see which pages of the website – and therefore which of our services – are the most popular and how users are interacting them.
  3. To improve your experience of our website – for example, to prevent you having to re-enter details when you have already done so, or by ensuring that users can find what they are looking for easily.
  4. Measuring how cost-effective our advertising is – as a non-profit organisation, we need to watch our advertising spend carefully. Cookies are used to help us see how many people who click our adverts go on to do something further (for example, making a donation or applying to volunteer) and to help make advertising content more relevant to your interests.

The table below provides more information about the cookies we use and why.

Name/Type of cookie Owner Purpose for the cookie Duration
Cookie Notice Accept Barts Guild Identifies whether the user has accepted the use of cookies on the website. Persistent (1 month)
User identification The Guild These are used to identify and authenticate the user during website use and between sessions on the website, for example to automatically fill in forms. They also contain technical data of the user’s session, such as connection timeouts. Session (i.e. the cookie expires at the end of the session when you close your browser)
Necessary Cookies (cfduid and ARRAfinnity) Social 9 These cookies are used to ensure trusted web traffic and to distribute traffic across different servers to ensure rapid response times and therefore improve the user experience of the website Persistent (1 year) and session, respectively
Google Analytics

(NID and Collect)

Google This is a web analytics service which uses cookies to show us how visitors found and explored our website, and how we can enhance their experience. It provides us with information about the behaviour of our visitors (for example, how long they stayed on the site, or which services are particularly popular) and also tells us how many visitors we have had. For more information on Google Analytics, click here. Persistent (6 months) and session, respectively
Impression Facebook Used by Facebook to register impressions across websites, i.e. when using the social media share buttons. Session
Statistics Barts Guild These cookies help monitor anonymous use of our website, i.e. which pages are visited. Persistent (up to 2 years) and session

 

You can find more information about the cookies we use on following pages:

 

Website cookie acceptance

By clicking the accept option when you first visited the website you consent to our use of cookies as updated from time to time. In particular, you consent to cookies being stored on your computer and/or mobile device (unless rejected or disabled by your browser).

 

Turning cookies off/blocking cookies

Internet browsers normally accept cookies by default. However, most browsers let your turn off either all or third-party cookies. What you are able to do depends on which browser you are using. If you do not accept our use of cookies as set out above, please do not accept our cookie notice and set your browser to reject cookies. However, please be aware that this may impair or limit your ability to use our website. The option to do this is usually found in the options, settings or preferences menu of your browser or mobile device.

You may opt-out of Google’s analytics cookies by visiting Google’s opt-out page – https://tools.google.com/dlpage/gaoptout.

Click on the links below to find out how to change your cookie settings in:

Internet explorer

Firefox

Chrome

Safari

Opera

iPhone and iPad

Samsung

 

Updating our Cookie Notice

We may update our use of cookies from time to time and consequently we may update this Notice. We therefore recommend that you check this Notice regularly.

 


PRIVACY POLICY

Last reviewed 1/5/2018

The Guild of the Royal Hospital of St Bartholomew (registered charity number 251628) (“the Guild”) is committed to protecting your privacy. At all times we aim to respect any personal information you share with us, or that we receive from other organisations, and keep it safe. This Privacy Notice (“Notice”) sets out our data processing practices and your rights and options regarding the ways in which your personal information is used.

This Notice contains important information about your personal rights to privacy. Please read it carefully to understand how and why we use your personal information.

The provision of your personal information to us is voluntary. However, without providing us with your personal information, your use of our services may be impaired. For example, you will not be able to volunteer with or join the Guild or make a donation.

 

  1. We collect information about you:
  • When you give it to us directly

For example, personal information that you give us by filling in forms on our website (including for grants, membership, corporate support, fundraising and/or volunteering), communicating with us by phone, email or letter, purchasing a product via our online shop or filling out a survey.

  • When you give it to us indirectly

For example, information we receive about you if you use any of the other websites we operate or services we provide. In this case, we will have informed you when we collected that information if we intend to share it internally and/or combine it with information collected on this website, and the purpose for doing so.

Your information may also be shared with us by third parties including, for example, our business partners; sub-contractors in technical, payment and delivery services; advertising networks; analytics providers and search information providers. To the extent we have not done so already, we will notify you when we receive information about you from them and tell you how and why we intend to use that information.

  • When it is available publicly

Your personal information may be available to us from external publicly available sources. For example, geo-demographic information and measures of affluence from public registers such as listed directorships, information from the electoral roll and press reports. In addition, depending on your privacy settings for social media services, we may access information from those accounts or services.

  • When you visit this website

When you visit this website, we automatically collect the following personal information:

  • Technical information, including the internet protocol (IP) address used to connect your computer to the internet, browser type and version, time zone setting, browser plug-in types and versions and operating systems and platforms.
  • Information about your visit to this website, including the uniform resource locator (URL) clickstream to, through and from the site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, referral sources, page interaction information (such as scrolling and clicks) and methods used to browse away from the page.

We also collect and use your personal information by using cookies on our website – please see our Cookie Notice www.bartsguild.org.uk/privacy-cookies-policy.

In general, we may combine your personal information from these different sources for the purposes set out in this Notice.

 

  1. What personal information do we process?

We may collect, store and use the following kinds of personal information:

  • Your name and contact details, including postal address, telephone number, email address and, where applicable, social media identity.
  • Financial information, such as bank details or credit/debit card details
  • Personal descriptions and photographs
  • Information about your computer / mobile device and your visits to and use of this website, including for example your IP address and geographical location.
  • Information about our services which you use/which we consider of interest to you.
  • any other information shared with us as per clause 1.

Do we process sensitive personal information?

The General Data Protection Regulation (“GDPR”) recognises certain categories of personal information as sensitive and therefore requiring more protection, for example information about your health, ethnicity and political opinions. We will only process your sensitive personal information if there is a valid reason for doing so and where the GDPR allows us to do so.

 

  1. How and why will we use your personal information?

Your personal information, however provided to us, will be used for the purposes specified in this Notice.

In particular, we may use your personal information to:

  • provide you with services, products or information which you request (for example, to enable you to volunteer with the Guild, become a member of the Guild or inform you about fundraising activities);
  • to allow you to purchase goods and process your donations;
  • to communicate with you, including circulation of relevant news;
  • to send other types of communications to you, for example to notify you about any changes to our services or to answer any enquiries;
  • to administer this website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve your interactions with this website, for example by ensuring that content is presented in the most relevant and effective manner for you and for your computer;
  • to report on the results and impact of our work and services, for example the number and value of donations received, the number of members and value of subscriptions, details of online sales and the number of grant and volunteer applications received;
  • as part of our efforts to keep this website and internal operations safe and secure;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
  • to conduct research into the impact and effectiveness of our work and services and for profiling our supporters and those who we are in contact with (see section 4 below);
  • to handle the administration of payments received from you, for example donations or purchases of items from our online shop;
  • to administer your volunteering application;
  • to deal with enquiries and/or complaints made by or about you;
  • to audit and/or administer our accounts;
  • to satisfy legal obligations which are binding on us, for example arising from contracts entered into between you and us or in relation to regulatory, government and/or law enforcement bodies with whom we may work;
  • prevention of fraud, misuse of services or money laundering; and/or
  • enforcement of legal claims.

 

  1. Supporter research/profiling

We may also analyse your personal information and create a profile of your interests and preferences. This allows us to ensure communications are relevant and timely, and provide you with an improved user experience. It also helps us understand the background of our supporters so that we can make appropriate requests to those who may be willing and able to give more than they already do, enabling us to raise funds sooner and more cost-effectively.

 

  1. Communications for marketing/fundraising

We may use your contact details to provide you with information about our work, products and/or services which we consider may be of interest to you (for example, about goods or services you previously purchased or used, or updates about the Guild’s fundraising appeals and volunteering opportunities).

Where we do this via email, SMS or telephone (if you are registered with the telephone preference service), we will not do so without your prior consent.

 

  1. Donations and other payments

All financial transactions (donations, purchasing membership and/or purchasing a product from our souvenir store) are processed by a third party company, Stripe. We recommend that you read Stripe’s privacy policy prior to effecting any transactions with us.

The Guild does not receive any credit/debit card details entered during any such transactions. Receipts for these transactions are provided by Stripe and not the Guild; however once payment has been received, the Guild will acknowledge receipt to you.

 

  1. Children’s information

Data relating to children requires particular protection under the GDPR. We do not currently hold any data relating to children. In the event that this occurs, extra care will be taken to protect the data and consider whether it is needed to be processed.

 

  1. Will we share your personal information?

We do not share, sell or rent your information to third parties for marketing purposes.

Otherwise, in general we may disclose your personal information to selected third parties in order to achieve the purposes set out in this Notice.

Non-exhaustively, those third parties may include:

  • departments of St Bartholomew’s Hospital, Barts Health NHS Trust and Her Majesty’s Revenue and Customs;
  • business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
  • advertisers and advertising networks that use the personal information to select and serve relevant adverts to you and others. Where required, we will obtain your consent to share your personal information for this purpose. You have the right to opt out of your personal information being used for advertising purposes by, for example, changing your browser settings. Please see our Cookie Notice for more information.
  • analytics and search engine providers that assist us in the improvement and optimisation of our operations and website; and/or
  • The Charity Commission, with whom we share aggregated information about use of our services and website.

In particular, we reserve the right to disclose your personal information to third parties:

  • in the event that we sell or buy any business or assets, in which case we will disclose your personal information to the prospective seller or buyer of such business or assets;
  • if substantially all of our assets are acquired by a third party, personal information held by us may be one of the transferred assets; and/or
  • If we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to satisfy our obligations under, enforce or apply terms of relevant agreements, for example our terms of use (www.bartsguild.org.uk/terms-of-use) or terms of sale (bartsguild.org.uk/terms-of-sale), or to protect the rights, property, or safety of the Guild, visitors, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

 

  1. Security/storage of and access to your personal information

We endeavour to ensure that there are appropriate and proportionate technical and organisational measures to prevent the loss, destructions, misuse, alteration, unauthorised disclosure of or access to your personal information.

For example, your information is only accessible by appropriately trained staff, volunteers and contractors, and stored on our secure servers with features enacted to prevent unauthorised access.

In general, the personal information that we collect from you will be stored at a destination within the UK or European Economic Area (“EEA“).

However, we use agencies and/or supplies to process personal information on our behalf. Your personal information may therefore be transferred or stored outside, and/or otherwise processed by contractors operating, outside, the UK or EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the processing of your payment details and the provision of support services.

Please note that some countries outside of the UK or EEA have a lower standard of protection for personal information, including lower security requirements and fewer rights for individuals. Where your personal information is transferred, stored and/or otherwise processed outside the UK or EEA, we will take all steps reasonably necessary to ensure that the recipient implements appropriate safeguards (such as by entering into the standard contractual clauses) to protect your personal information and that your personal information is treated securely and in accordance with this Notice. If you have any questions about such safeguards, please contact us (see section 15 below).

However, please note that we cannot guarantee the security of personal information transmitted via the internet.

 

  1. Your rights

You have the following rights in relation to our processing of your personal information:

  • Right to be informed – you have the right to be told how your personal information will be used. This Notice and other policies and statements used on this website and in our communications are intended to provide you with a clear and transparent description of how your personal information may be used.
  • Right of access – you can write to us to ask for confirmation of what information we hold on you and to request a copy of that information. Provided we are satisfied that you are entitled to see the information requested and we have successfully confirmed your identity, we will provide you with your personal information subject to any exceptions that apply.
  • Right of erasure you can ask us to delete your personal information from our records. In many cases we propose to anonymise that information, rather than delete it.
  • Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask us to update those records. You can also ask us to check the personal information that we hold about you if you are unsure whether it is up to date.
  • Right to restrict processing – you have the right to ask us to restrict the processing of your personal information if there is disagreement about its accuracy or legitimate usage.
  • Right to object – you have the right to object to processing where we are (i) processing your personal information on the basis of the legitimate interests ground, (ii) using your personal information for direct marketing or (iii) using your personal information statistical purposes.
  • Right to data portability – where we are processing your personal information (i) because you gave us your consent, (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contract, and the processing is carried out by automated means, you may ask us to provide it to you – or another service provider – in a machine-readable format.
  • Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information for marketing/fundraising by electronic means (for example to be unsubscribed from our email newsletter list).

To exercise any of these rights, please send a description of the personal information in question using the contact details in section 15 below. Where we consider that the information with which you have provided to us does not enable us to identify the personal information in question, we reserve the right to ask for (i) personal identification and/or (ii) further information.

Please note that you may only use/benefit from some of these rights in limited circumstances. For more information, we suggest that you consult guidance from the Information Commissioner’s Office (ICO) – https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ – or please contact us using the details in section 15 below.

You have the right to make a complaint to the ICO about us or the way we have processed your personal information. For further information on how to exercise this right, please see the guidance at https://ico.org.uk/for-the-public/personal-information. The contact details of the ICO can be found here: https://ico.org.uk/global/contact-us/.

 

  1. Lawful processing

The GDPR requires us to rely on one or more lawful grounds to process your personal information. We consider the grounds listed below are relevant:

  • Where you have provided your consent to us using your personal information in a certain way;

For example, we will ask for your consent to use your personal information to send you electronic direct marketing/fundraising and for profiling and targeted advertising; and we may ask for your explicit consent to share sensitive personal information with us.

  • Where necessary so that we can comply with a legal obligation to which we are subject;

For example where we are obliged to share your personal information with regulatory bodies who govern our work and services.

  • Where necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering a contract;

For example if you purchase something from our online shop.

  • Where there is a legitimate interest in us doing so.

The GDPR allows us to collect and process personal information if it is reasonably necessary to achieve our legitimate interests (as long as that processing is fair, balanced and does not unduly impact your rights).

In general, “legitimate interests” means the interests of running the Guild as a charitable entity and pursuing our aims and ideals; for example processing donations, administering events and taking applications for volunteers. However, “legitimate interests” can also include your interests, such as when you have requested information or certain goods/services from us, and those of third parties (for example, beneficiaries of our work and services).

When we process your personal information to achieve such legitimate interests, we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. We will not use your personal information for activities where our interests are overridden by the impact on you, for example where use would be excessively intrusive (unless, for instance, we are otherwise required or permitted to by law).

In the unlikely event that we collect and use sensitive personal information about you (such as your health information) we will obtain your explicit consent beforehand.

 

  1. How long do we keep your personal information

In general, unless still required in connection with the purpose(s) for which it was collected and/or is processed, we remove your personal information from our records six years after the date it was collected. However, if before that date (i) your personal information is no longer required in connection with such purpose(s), (ii) we are no longer lawfully entitled to process it or (iii) you validly exercise your right of erasure, we will remove it from our records at the relevant time.

If you request to receive no further contact from us, we will keep some basic information about you on our suppression list in order to avoid sending you unwanted materials in the future.

 

  1. Changes to this Notice

We keep this Notice under regular review and may update it from time to time, so we recommend that you check it regularly. Where necessary we may also notify you of changes by email. The Notice was last updated on 1/5/2018.

 

  1. Third party websites

We link our website directly to other sites. This Notice does not cover external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external websites you visit via links on our website.

 

  1. How to contact us

We are a charity registered in England and Wales with the Charity Commission. Our principal office is at 1 St Martin’s Le Grand, London, EC1A 4AS. However, if you wish to contact us please use the address below.

Please let us know if you have any questions or concerns about this Notice or about the way in which your personal information is being processed by contacting us via the following channels:

email: contact@bartsguild.org.uk

By telephone: +44 (0)20 3765 8700

By post: St Bartholomew’s Hospital, West Smithfield, London EC1A 7BE.

In each instance, please ask for or address your communication to the Chairman.

Please note that our office is not staffed every day, and therefore you may experience a slight delay before you receive a reply to an email, letter or telephone call/voicemail message. We aim to respond to all communications within three working days, although this may vary during vacations and public holidays. However, where your query is urgent we will use our best endeavours to respond appropriately.