Privacy Policy

Updated 26/02/2019

The purpose of this Privacy Policy is to describe the types of information that we collect from you when you contact us, sign up to our mailing lists or use our services, or become a member of our society and to explain how we use that information.

Who we are
We are The Nepal Thalassaemia Society, registered charity number 1167957 . Our website address is www.nepalts.org.uk

What information do we collect about you?

We may collect personal information that you share with us about you or your family when you contact or interact with us.

The personal information we collect may include:

  • Information that is relevant to the product or service you are signing up for when registering with us.
  • Medical information including blood type and type of Thalassaemia.
  • Questions, queries or feedback you send us via email, post or the website.
  • Phone calls to us.
  • Any personal information that you disclose in the course of participating in our research or surveys
  • Personal data you share with us when you place orders for merchandise or make a donation via email, over the phone on our website.
  • Information you have posted via social media – this includes counting your name for our engagement statistics.
  • Information given in person during an event or meeting with a member of staff or volunteer. This only applies to personal information given at the registration of an event, or in the event of a safeguarding disclosure which requires our action in line with UK law.
  • Your IP address, details of how you use the website, browser user agent string and which version of web browser you used when you visit our website.
  • Information on how you use our website, using cookies and page tagging techniques to help us improve the website. We cannot personally identify you using this data.

Our website

When leaving a comment on our website an anonymised string created from your email address (also called a hash) may be provided to the Gravatar Service to see if you are using it. The Gravatar Service privacy policy can be found at https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from these images.

 How we might use your data

We will only use your data in a manner that is appropriate considering the basis on which that data was collected.

  • Administer your membership, product or the service you have signed up for.
  • Support medical research.
  • Provide information to you.
  • Inform you of news and events in the field of Thalassaemia
  • Offer you the opportunity to take part in research or to inform you of related research taking place.
  • Inform you of member patient organisations work or related businesses.
  • Ask for your opinion or feedback.
  • Promote fundraising activities.
  • Promote campaigns we are running.
  • Invite you to local events.
  • Send you newsletters and other news.
  • Offer you the opportunity to take part in research or policy work.
  • Advertise a media opportunity we have.

 Cookies on our website

A cookie is a line of text and numbers that is created by our website and stored on your computer when you visit our site. When you return to our site, the cookie associates your computer with the information that you gave us when you first visited or registered. It helps us evaluate how often visitors return to the site. Of course, you can still make full use of the site if you specifically choose to delete or not to accept the cookie on your browser.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These cookies will last for one year.

If you have an account and log in to the site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and indicates the post ID of the article you just edited. It expires after 1 day.

Articles on our website may include embedded content (videos, images, articles etc). Embedded content from other websites behave in the same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Social media and other websites

Although our social media channels are monitored by staff, we have no control over information you or others may submit, post or share on social media or other websites – even where we link to them from our own website or they link to our website. When you use these sites you do so in accordance with the separate terms and conditions and policies of these sites. 

Keeping your data secure

We take our responsibilities very seriously and we have procedures and security features in place to try and keep your data secure once we receive it.

Access to your information is restricted to staff, formal volunteers, contractors and partners who need it to perform their work and who may only access this data in accordance with our Data Protection Policy.

Transmitting information over the internet is generally not completely secure, and we can’t guarantee the security of your data in transit. Any data you transmit to us over the internet is at your own risk. 

How long do we hold your data?

While we are providing products or services to you or you are a member of our society, we will store your data in order to provide that service for as long as you want it. If you ask to ‘be forgotten’ and would like all information removed on you, we will do this and provide written confirmation that we have removed all of the information we hold on you (this applies to our own website but we will be unable to remove your information or posts from any social media sites). The only exception to this is where such a request would contravene an existing reason/law that is of higher importance than your own to be forgotten.  

If you leave a comment on our website, that comment, and its metadata are stored indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users who register on our website, we will store the personal information they provide in their user profile. Users will be able to see, edit or delete this information at any time by accessing their profile. Website administrators are also able to view and edit this information.

Sharing your information

We will only pass your data to third parties if:

  • You have provided your explicit consent for us to pass data to a named third party.
  • We are using a third party to process data on our behalf and have a data processing agreement in place with that third party which meets the standards of our privacy policy and fulfils our legal obligations.

We may also have to pass on your personal information if we have a legal obligation to do so.

Visitor comments on our website may be checked through an automated spam detection service.

Data breaches

In accordance with the new GDPR legislation, all data breaches of personal data will be reported to the Information Commissioner’s Office within 7 days.

Your rights

You can contact us to request a copy of any information we hold about you, ask us to correct or remove any inaccurate information or ask us to delete some or all of the information we have collected about you and your family at any time.

You have the right to be forgotten – which means we will remove all information held on you.  The only exception to that is if we have a legal obligation to keep your data in order to fulfil a contract with you.  This cannot apply to data which is outside of our control, for example social media posts.

It is our commitment that we will only collect relevant information on you. If you have been asked to fill in your details and want to know why we have asked for a specific piece of information, contact us and we will explain why.

For details of how you can request all the information we hold on you or how to have information amended or removed, email: [email protected]