The Pituitary Foundation (“we”) promises to respect any personal data you share with us and keep it safe. We aim to be clear when we collect your data and not do anything you wouldn’t reasonably expect.
We only send marketing communications by email if you have explicitly stated that you are happy for us to do so. We may send marketing communications to you by post or telephone as long as you have not opted-out, and we feel there is a legitimate interest in you receiving the communications.
Our marketing communications include: information and latest news regarding pituitary conditions and the charity, our patient services, campaigns, events and our fundraising activities.
If you want to change your communication preferences at any time please contact us on firstname.lastname@example.org or 0117 370 1311.
This privacy notice tells you what to expect when The Pituitary Foundation collects personal information.
Where do we collect information about you?
When you give information to us directly
You may give us your information when doing some of the following activities:
- Purchasing a product e.g. ordering through the online shop.
- Accessing our Patient Support and Family Services e.g. Helpline telephone, text and e-mail services, telling us your story.
- Applying for a job or volunteering role.
- Through our fundraising activities e.g. signing up to an event, becoming a member, making a donation.
- When joining our campaigns, events, research or awareness activities.
- Contacting our Local Support Groups.
- Signing up to our e-newsletter through our website.
When you give information to us indirectly
When we collect information as you use our website & Forum
Like most websites, we use “cookies” to help us make our site – and the way you use it – better. Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text fields. There are more details in our Cookies Policy.
In addition, the type of device you’re using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, what your device settings are, and why a crash has happened. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.
Information available publicly
This may include information found in places such as Companies House and information that has been published in articles/ newspapers.
Depending on your settings or the privacy policies for social media and messaging services like Facebook, WhatsApp or Twitter, you might give us permission to access information from those accounts or services.
What personal data do we collect?
The type and quantity of information we collect and how we use it depends on why you are providing it. Depending on the specific activity, we may process three kinds of information:
- personal information such as: name, postal address, phone number, email address, date of birth, financial/payment information etc.
- sensitive personal information, such as your health condition. For example, when contacting our Patient and Family Services you may disclose your health condition or other sensitive personal data.
- non-personal information such as IP addresses (the location of the computer on the internet), pages accessed and files downloaded. This helps us to determine how many people use our website, how many people visit on a regular basis, and how popular our pages are. This information doesn't tell us anything about who you are or where you live. It simply allows us to monitor and improve our service.
Sensitive personal information
How do we use your information?
We will mainly use your data to:
- Provide you with the services, products or information you asked for.
- Administer your donation or support your fundraising, including processing gift aid.
- Keep a record of your relationship with us and how you prefer to be contacted.
- Understand how we can improve our services, products or information.
- Send marketing communications to you.
Accessing our support services - Patient and Family Services
Our Patient and Family Services may collect sensitive personal data e.g. about your health when you speak, write, email, text or send an instant message to them. They will use this information only to answer your questions and give advice or guidance.
Anonymised data may be collected from our Patient and Family Services to provide us with statistics and to help us evaluate our services.
We use your personal data to fulfil orders for our patient publications and communicate with you about publications orders.
With your consent:
- We may liaise with our Medical Committee regarding specific medical queries or cases. Your personal details such as name, email address, telephone number or address won’t be included, if any of these have been provided by you, within your query. If in the event however, of you being denied hydrocortisone in hospital we would need your consent to share your personal details so that we can have a medical committee member contact the hospital on your behalf if necessary.
- You may have volunteered to be on our Media list, or our list of Research Volunteers. We record and store this data and contact you when media or research project opportunities arise.
- Where an enquirer wishes to contact a fellow patient or carer, they will only be given personal information about the other person with that person’s consent.
If you’re a Member of The Pituitary Foundation you can use our online Forum. When you become a member we provide you with a user name and password to access the Forum. Posts to the Forum are public and are likely to contain sensitive information. We advise users to be careful not to post information which would allow them to be identified.
We may also collect, analyse and retain your information if you send feedback about our services, participate in surveys or make a complaint.
You may also follow The Pituitary Foundation and/or some of our Local Support Groups on social media e.g. Facebook, Twitter. Posts to social media sites are public and are likely to contain sensitive information. We advise users to be careful regarding the information they post and to read the privacy policies of these websites.
The Pituitary Foundation’s Patient and Family Services will only share your details with third parties in exceptional circumstances, where legally required, for example; where there are safeguarding concerns, such as someone reports serious self-harm or a serious intention of harming someone else. We are legally obliged to report terrorist calls under the Terrorist Act.
Local Support Groups
If you contact one of our Local Support Groups, the Area Coordinator of the Group will respond to your enquiry.
With your consent the Area Coordinator of the Group will add you to their database to keep you up-to-date about the Group and other related activities. With your consent you will be added onto the Group’s email circulation list (which may include receiving an e-newsletter). The Group may occasionally contact you by phone or post if they feel there is a legitimate interest in doing so.
The Local Support Groups are part of The Pituitary Foundation charity, which means by providing your details to a Group your details may be shared with The Pituitary Foundation National Support Office. Sometimes, for example, the National Support Office will provide administrative support to Local Support Groups. Another instance is giving your story, or comments you make for the Group’s newsletter, as these newsletters can be shared amongst other Local Support Groups for interest.
Sharing your story
Some people choose to tell us about their experiences with a pituitary condition to help further our work. If we have the explicit and informed consent of the individuals, or their parent or guardian if they are under 18, this information may be made public. You may take on a role as an ambassador, attend patient focused events, share your story in our communications, or with the media. This may include sharing sensitive information related to your health and family life in addition to biographical and contact information. Should you, your family or Health Care Professionals, or places treating you, not want to be identified, we advise caution and to use first names only, or to change names.
Supporting us – Fundraising, Membership and Marketing
We only send marketing communications by email if you have explicitly stated that you are happy for us to do so. We may send marketing communications to you by post or telephone as long as you have not opted-out, and we feel there is a legitimate interest in you receiving the communications. Our marketing communications include: information and latest news regarding pituitary conditions and the charity, our patient services, campaigns, events and our fundraising activities.
If you want to change your communication preferences or don’t want to hear from us, that’s fine. Just let us know when you provide your data or contact us on email@example.com or 0117 370 1311.
We process orders for our products, deliver products and communicate with you about orders.
We administer donations, memberships and other payments received online through our website, Just Giving or other means e.g. cheques in the post. This includes thanking you for donations and processing Gift Aid.
We record all financial transactions on our databases and create an individual record for you. We do not retain nor store your card or payment details once the payment has been processed.
Building profiles of supporters and targeting communications
We use your data stored in our database to manage your communications preferences.
We may analyse your personal information in our database e.g. how many donations you’ve given, total value of gifts etc., to produce statistics, and to tailor our communications to you.
We may also access public information found in places such as Companies House and information that has been published online and in articles/newspapers.
Third parties & marketing
We do not sell nor share personal details to third parties for the purposes of marketing.
If we run an event in partnership with another named organisation your details may need to be shared. We’ll be clear with you when you register for the event what will happen to your data.
We may check your details against the Telephone Preference Service to see if you are registered with the service. We may also periodically use publicly available sources to keep your record up-to-date; for example, the Post Office’s National Change of Address database.
We may also use carefully chosen external companies to assist us with administration e.g. sending out mailings and printing letters.
If you are participating in one of our fundraising events, with your consent, you may be invited to join a WhatsApp Group with other participants.
Also, if you have signed up to play our Lottery, the company who runs the Lottery on behalf of our charity, Unity Lottery, will share your details with The Pituitary Foundation.
Website and online Forum
If you complete a Form on the website, e.g. Feedback Form, we process these forms and respond to your enquiry.
If you’ve ordered products through our online shop, we will process, fulfil and communicate with you about your order.
We process and store details relating to potential, current and previous staff and volunteers, in line with our retention policies. We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.
We ask you for your personal details including name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for.
You will also be asked to provide equal opportunities information. This is not mandatory information – if you don’t provide it, it will not affect your application. Any information you do provide, will be used only to produce and monitor equal opportunities statistics.
General enquiries – We respond to your e-mails, letters and telephone calls. Your personal details will only be used to provide you with information or services you request.
We may communicate with you through Facebook, LinkedIn, Instagram, Twitter by responding to your messages, likes and follows.
Who has access to your information?
We may allow our staff, volunteers or carefully-selected external companies (suppliers) acting on our behalf to access and use your information for the purposes for which you have provided it to us (such as delivering mailings).
We will only provide those companies with the information they need to deliver the relevant service, and we make sure that your data is treated with the same level of care as if we were handling it directly. For example, we use an external mailing company to fulfil our Pituitary Life magazine mailings and Mailchimp to send some of our email communications.
We do comprehensive checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they have collect or have access to.
We will never sell, swap or rent your information to third party organisations, and we do not share your personal information with third parties for their benefit.
There are certain circumstances where we may be required to disclose your personal information by law, or court order, or in appropriate circumstances, with law enforcement agencies when we believe it is necessary to protect our rights, property or safety and that of our staff, volunteers and supporters.
Information collected by third parties
How we keep your information safe
We place a great importance on the security of all personally identifiable information associated with our supporters, service users, volunteers and staff. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal data under our control. We comply with the Payment Card Industry Security Standard and also hold the Government-backed Cyber Essentials Scheme.
We use secure server software (SSL) to encrypt financial and personal information you input before it is sent to us. While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur while it is under our control, we use our best efforts to try to prevent this.
Information is stored by us on computers located in the UK. Our emails are Cloud based and this data saved on servers located in the UK. We may transfer the information to other reputable third party organisations as explained above. We may also store information in paper files.
We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and third party organisations who have been contracted by us to process data. Our approach to personal information involves restricting access to sensitive personal information e.g. health information, to only those departments that need this data in order to carry out their functions.
Unfortunately, the transmission of data across the internet is not completely secure and whilst we do our best to try to protect the security of your information we cannot ensure or guarantee that loss, misuse or alteration of data will not occur whilst data is being transferred.
Where you, or we, have provided a password enabling you to access parts of our website or Forum, it is your responsibility to keep this password confidential. Please don't share your password with anyone.
We will keep your information only for as long as we need it to provide you with the goods, services or information you have required, to administer your relationship with us, including your communication preferences. Different types of information have different retention periods e.g. financial information must be kept for six years. When we no longer need information we will always dispose of it securely, using specialist companies if necessary to do this work for us.
Keeping your information up-to-date
We really appreciate it if you let us know if your contact details change. We may also periodically use publicly available sources to keep your records up to date; for example, the Post Office’s National Change of Address database.
Your data rights
You can change your communication preferences and also withdraw your consent at any time. You also have the right for inaccurate personal data to be rectified, or completed if it is incomplete, and you can ask us to limit or stop processing your data and erase your data.
Contact us on 0117 370 1311 or firstname.lastname@example.org
You have the right to access your personal data and supplementary information. If you want to access your information, send a description of the information you want to see and proof of your identity by post to The Pituitary Foundation, 86 Colston Street, BRISTOL, BS1 5BB. We do not accept these requests by email so we can ensure that we only provide personal data to the right person.
If you have any questions or complaints please send these to email@example.com and for further information about your data rights please see the Information Commissioner’s guidance here (link is external).
Should your complaint regarding handling of your personal data by The Pituitary Foundation not be resolved to your satisfaction, you can make a formal complaint to the Information Commissioner’s Office
Changes to our privacy notice
How to contact us
- by email – firstname.lastname@example.org
- by phone – 0117 370 1311
- by post – The Pituitary Foundation, 86 Colston Street, BRISTOL, BS1 5BB.