1. USE OF COOKIES
Like many other websites, ours uses cookies – small pieces of information that enable us to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. Cookies help us to improve our website and deliver a better service.

We use Google Analytics to analyse how our website is used. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. View Google’s privacy notice.

We use StatCounter to analyse the use of this website. StatCounter generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our website is used to create reports about the use of the website. StatCounter will store this information. View StatCounter’s privacy notice.

2. PERSONAL DATA BREACHES
DC will protect against and investigate, as far as that is possible, and report to authorities where necessary, any detected or reported data breaches. These include any breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. DC will report certain types of data breaches to the ICO in accordance with GDPR and, in some cases, to the individuals concerned. All processors of DC personal data will be educated on personal data breach avoidance, and on what to do in the event that a breach occurs. Examples of personal data breaches may include:

  • Emails and attachments being sent to the wrong person
  • Loss or misuse of a memory stick usage
  • Malware attack
  • Equipment or data theft

3. COMPLAINTS
Where a Data Subject feels that their personal data has been processed in a way that does not meet the GDPR, they have a specific right to lodge a complaint with the relevant supervisory authority.   The supervisory authority will then tell them of the progress and outcome of their complaint.  The supervisory authority in the UK is the Information Commissioner’s Office.

4. PRIVACY POLICY CURRENCY AND PRIVACY LAW TRAINING
DC will review, and update as necessary, the Privacy Policy annually, and in response to known changes in law, regulation or best practice. Significant changes will be updated outside of this cycle and communicated to DC stakeholders.  This Privacy Policy is in line with GDPR guidelines.

All Trustees, staff, volunteers and others who process data for DC will complete basic GDPR awareness or a training course, approved by the Trustees, within three months of appointment.

5. AUDIT AND RECORD DESTRUCTION
Destruction will take place of all records which exceed the stated periods on a rolling basis. This will be conducted by secure shredding, using local arrangement, or other equivalent secure destruction and will be verified to the Trustees and the Privacy Leader by those completing the destruction.

The Trustees will additionally ensure an annual GDPR compliant privacy audit, in May each year, is conducted with related housekeeping and destruction of personal data records held beyond then periods stipulated in this Policy. This audit will be verified by all processors of DC personal data and noted in the Minutes of the next Trustee meeting.

6. WHAT ARE YOUR RIGHTS?
Right of access:  You have a right to ask us to confirm whether we are processing information about you, and to request access to this information.

Right to rectification:  You may ask us to get data changed if it is incorrect.
Right of portability:  You can ask for a copy of the data held on you.
Right to be forgotten:  If there is no legitimate reason for us to hold your data, you can ask for it to be securely deleted.
Right to be informed:  You can ask us why and how your data is being used, where it is stored and who it is shared with.
Right to restrict processing:  You can pick and choose how your data is used, accept for legal reasons.

7. HOW TO CONTACT DC
DC points of contact for privacy matters are as follows:

  • By email: office@dovecottage.org
  • Or write to The Registered Manager, Dove Cottage Day Hospice, Canal Lane, Stathern, Melton Mowbray, LE14 4EX
  • Telephone 01949 860303 and ask to speak to the Registered Manager.

Please note that links within our website to other websites are not covered by this privacy policy.

POLICY DOCUMENT CREATED

  • 1 May 2018 by Chris Gatfield

I like coming to Dove Cottage. It cheers me up when I feel down, and it is nice to talk to people, I see very few people when I am at home. My doctor put my name forward.