The purpose of this policy is to describe on our website what personal information we collect and how we use it.
We are Patient Safety Learning, a charitable company registered with The Charity Commission for England and Wales (number 1180689) and Companies House (number 11067952).
Registered address: Patient Safety Learning, China Works, SB203, 100 Black Prince Road, Vauxhall, London, SE1 7SJ.
We collect personal information about you:
When you give it to us directly;
When we obtain it indirectly (your personal information may be shared with us by third parties);
When you visit our website.
The following table explains the types of data we collect and the legal basis, under current data protection legislation, on which this data is processed.
Data (key elements)
Name, email, message
Legitimate interests - it is necessary for us to read and store your message so that we can respond in the way that you would expect
Name, email, organisation
Consent - you have given your active consent
Name, email, address,
Legitimate interests - this information is necessary for us to fulfil your intention of donating money and your expectation of receiving a confirmation message
Website activity collected
Legitimate interests - it is necessary for us to store a small amount of information, usually through cookies, to deliver functionality that you would expect, such as remembering the contents of your order before you have fully completed the process
We will only use your data in a manner that is appropriate considering the basis on which that data was collected, as set out in the table above.
For example, we may use your personal information to:
· Reply to enquiries you send to us;
· Handle donations or other transactions that you initiate;
· Where you have specifically agreed to this, send you marketing communications by email relating to our work which we think may be of interest to you.
We will only pass your data to third parties in the following circumstances:
In addition, we will only pass data to third parties outside of the European Economic Area (EEA) where appropriate safeguards are in place as defined by Article 46 of the General Data Protection Regulation.
We are based within the EEA so our processing of your personal information will not involve a transfer of data outside of the EEA. All information you provide to us is stored on our secure servers or those of our third-party data storage providers.
We take the principles of data minimisation and removal seriously and have internal policies in place to ensure that we only ever ask for the minimum amount of data for the associated purpose and delete that data promptly once it is no longer required.
Where data is collected based on consent, we will seek renewal of consent at least every three years.
These are as follows:
Request access to your data (commonly known as a 'subject access request'). This enables you to receive a copy of the data we hold about you and to check that we are lawfully processing it.
Request correction of the data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your data. This enables you to ask us to delete or remove data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your data where you have exercised your right to object to processing (see below).
Object to processing of your data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your data for direct marketing purposes, research or statistical purposes.
Request the restriction of processing of your data. This enables you to ask us to suspend the processing of data about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your data to another party.
Privacy law is often complicated, and whether these rights are available to you sometimes depends on the types of data we are handling, as well as why we are handling it. If you would like to exercise any of these rights, please contact us using the details at the bottom of this policy. You always have the right to lodge a complaint with us or the Information Commissioner's Office, the supervisory authority for data protection issues in England and Wales. A full summary of your legal rights over your data can be found on the Information Commissioner’s Office website.
Our site may, from time to time, contain links to and from the websites of our partner networks and affiliates.
Our site connects you to different websites. If you follow a link to any of these websites or use our services, please note that you have left our site and these websites have their own privacy policies. We do not accept any responsibility or liability for these policies or websites. Please check their policies before you submit any personal information to these websites.