This site is a UK based website and takes reasonable care to comply with requirements of the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679) with regards to the personal information you supply on this site.
For the purpose of the GDPR (the “Act“), the data controller is The League of Friends of The Lymington New Forest Hospital, Wellworthy Road, Lymington, Hampshire SO41 8QD. Our nominated representative for the purpose of the Act is the Chair of Trustees.
No data transmissions over the Internet can be guaranteed to be 100% secure we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk.
We will collect and process the following data about you:
- Information you give us. We collect the following personal data from you directly:
- If you wish to become a volunteer, you can enter on the website your name, email, address, phone number and then send that information by email to the LOF office or you can download the appropriate form and post it to us;
- If you wish to become a Friend, you are currently asked to contact the LOF office and give your phone number and email address;
- If you wish to make a donation to general LOF funds or to the CT scanner appeal fund, donations made via the website are made via two apps (i) PAYPAL for donations from your Bank Account and (ii) STRIPE for donations by credit card. The information we capture for each donation is email address and full name and address.
- Information we collect about you. With regard to each of your visits to our site we will automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time).
We do not need your consent to process personal data where we have a legitimate business interest in doing so and/or where we are processing your personal data in order to fulfil a contractual obligation with you.
You submit information using these methods voluntarily and agree to the use of the personal data you provide as described in this policy.
If you give us personal information about somebody else, such as someone in your care, we will assume you have their permission to do so, and their data will also be subject to this policy.
Data collection via cookies
We use information held about you in the following ways:
Information we collect about you. We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure.
DISCLOSURE OF YOUR INFORMATION
You agree that we have the right to share your personal information with any member of our LOF group, which means the LOF and LOF (Lymington) Limited.
We will disclose your personal information to third parties:
- If we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation (including but not limited to the administration of any gift aid element of any donation), or in order to enforce or apply our Terms and Conditions of use and other agreements; or to protect the rights, property, or safety of the LOF, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where we store your personal data
This data is not transferred to, and stored at, a destination outside the European Economic Area (“EEA”) in the day to day operation of LOF except that some of our electronic files are hosted on cloud storage systems including but not limited to One Drive, Dropbox, Microsoft and iCloud. Each of these companies are signed up to the EU/US Privacy Shield which ensures that an adequate level of protection is afforded to the transfer of your personal data to these companies.
All information you provide to us is stored on our secure servers or those of our hosting provider.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Once we are no longer legally required to retain your personal data we will retain and securely destroy your personal information.
YOUR RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request the erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no lawful reason for us continuing to process it. You also have the right to ask us to stop processing personal information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
- You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
No fee usually required
You will not usually have to pay any fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. In all other circumstances we reserve the right to charge a reasonable admin fee to comply with your access request.
YOUR RIGHT TO WITHDRAW CONSENT
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact Louise Harfield. Once we have received notification that you havewithdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.