Our Blood Privacy Policy

1 INTRODUCTION

Human Love Worldwide Limited (“we”, “us” and “our”) is a company registered in England and Wales (with registration number 11172696). Our registered address is Eighth Floor, 6 New Street Square, New Fetter Lane, London, United Kingdom, EC4A 3AQ. Please note that this address is not for correspondence.

We are a “data controller” for the purposes of the General Data Protection Regulation 2016/679 (“GDPR”). We are committed to protecting your privacy and processing your personal data fairly and lawfully in compliance with the GDPR.

In the course of our operations we may need to gather and use “Personal Data” about you, by which we mean any information about you from which you can be identified, such as your name, contact details and banking details. The purpose of this privacy policy (“Privacy Policy”) is to inform you of how we will process your Personal Data and the measures and processes we have put in place to ensure its adequate protection.

In using our website you consent to the collection, use, disclosure and transfer of your Personal Data as set out in this Privacy Policy. In the operation of our website we use a number of cookies. In order to find out more about the cookies that we use and to control our use of such cookies please see our cookies policy, further down this page.

2 FAIR AND LAWFUL PROCESSING 1

We will only process your Personal Data where:

  1. you have given your consent to such processing (which you may withdraw at any time, as detailed at Clause 9 below);
  2. the processing is necessary to undertake our operations through this website;
  3. the processing is necessary in order to perform any contract we have with you or to take steps at your request before entering such a contract;
  4. the processing is necessary for compliance with our legal obligations; and/or
  5. the processing is necessary for our legitimate interests or those of any third party recipients that receive your personal data (as detailed in Clauses 5 and 7 below).

By “processing”, we mean the collection, recording, storage, use, disclosure and any other form of operations or dealings with your Personal Data.

3 WHAT PERSONAL DATA WE COLLECT ABOUT YOU

3.1 We typically process the following types of Personal Data about you:

  1. your name, and contact details, including postal address, telephone number, email address and, where applicable, your social media profile;
  2. your date of birth;
  3. financial information such as your bank or credit card details where you provide these to make a donation;
  4. information as to whether you are a taxpayer to enable us to claim Gift Aid;
  5. information about the device you are using to access this website, including for example your IP address and geographical location; and
  6. any other personal information you choose to provide to us.

3.2 In certain circumstances it will be necessary for you to provide us with your Personal Data, to enable us to manage our operations or to comply with our statutory obligations. In other circumstances, it will be at your discretion whether you provide us with Personal Data or not. However, failure to supply any of the Personal Data we request may mean that we are unable to maintain our operations or our relationship with you.

3.3 We make every effort to maintain the accuracy and completeness of your Personal Data which we store and to ensure all of your Personal Data is up to date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your Personal Data or if you become aware that we have inaccurate Personal Data relating to you (see Clause 9 below). We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete Personal Data that you provide to us.

3.4 We do not usually collect Personal Data known as 'special category' or 'sensitive personal data', such as information about your health, ethnic origin, religious beliefs, political opinions or any genetic or biometric data that is used to identify you ("Sensitive Personal Data"). We will not collect Sensitive Personal Data unless there is a clear reason for doing so. Where we do collect Sensitive Personal Data, we will always make it clear when we collect this information from you what Sensitive Personal Data we are collecting and why.

4 HOW WE COLLECT PERSONAL DATA

4.1 We usually collect your Personal Data from the information you submit during the course of your relationship with us. This will typically be through the emails and other correspondence you send us and the forms and documents used when you sign up to register with us or to register for our events, make a donation to us, or otherwise communicate with us.

4.2 In accordance with common website practice, we will also receive information about the type of device you're using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you're using, what your device settings are, and why any crash has happened.

4.3 We may also receive information about you from our third party partners with whom you choose to interact. This can include information such as your name, postal address, telephone number, email address, or your geographic location, financial information such as your bank or credit card details and whether you are a tax payer so that we can claim Gift Aid.

4.4 We may otherwise collect information about you that is publicly available, including from places such as Companies House, LinkedIn and information published in articles or newspapers.

5 HOW WE USE PERSONAL DATA

We will process your Personal Data in connection with the management of our relationship with you for the following purposes:

  1. for monitoring and assessing compliance with our policies and standards;
  2. for promotional and marketing materials and activities, including photos and videos;
  3. to carry out anti-money laundering, financial and credit checks and for fraud and crime prevention and detection purposes;
  4. to provide you with the services, products or information you have requested;
  5. to administer your donations, including to process Gift Aid;
  6. for administrative purposes in relation to the security and access of our systems, premises, platforms and secured websites and applications;
  7. to contact you about our work, activities, volunteering or events (where we have received your consent to do so);
  8. to comply with our legal and regulatory obligations and requests anywhere in the world, including reporting to and/or being audited by national and international regulatory bodies;
  9. to comply with court orders and exercise and/or defend our legal rights;
  10. for any other legitimate business purpose; and
  11. as otherwise permitted or required by any applicable law or regulation.

6 INTERNATIONAL TRANSFERS OF PERSONAL DATA

The Personal Data we collect from you may be transferred to (and may be accessed in or stored in) a country or territory outside the European Economic Area (“EEA”), including to countries whose laws may not offer the same level of protection of Personal Data as are enjoyed within the EEA. We will ensure that any such international transfers are made subject to appropriate or suitable safeguards as required by the GDPR. Information as to the relevant safeguards can be obtained by contacting [email protected].

7 WHEN WE MAY DISCLOSE YOUR PERSONAL DATA

We do not and will not sell, rent out or trade your Personal Data. We will only disclose your Personal Data in the ways set out in this notice and, in particular, to the following recipients:

  1. to any group company of Human Love Worldwide Limited including Human Love (a UK charity and parent company of Human Love Worldwide Limited);
  2. to third parties who process your Personal Data on our behalf (such as our systems providers including cloud providers);
  3. to third parties who process your Personal Data on their own behalf but through providing us with a service (such as our suppliers);
  4. to companies providing services for money laundering checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such information is shared;
  5. to any third party to whom we assign or novate any of our rights or obligations; and/or
  6. to any government, regulatory agency, enforcement or exchange body or court where we are required to do so by applicable law or regulation or at their request.

8 HOW WE PROTECT YOUR PERSONAL DATA

We are committed to safeguarding and protecting Personal Data and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any Personal Data provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed.

9 YOUR RIGHTS IN RELATION TO THE PERSONAL DATA WE COLLECT

9.1 If you wish to:

  1. correct, update, modify, delete or obtain a copy of the Personal Data that we hold on you; or
  2. restrict or object to us using any of the Personal Data which we hold on you, including by withdrawing any consent you have previously given to the processing of such data;

you can request this by emailing us at the address set out in Clause 12 below. We endeavour to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.

9.2 In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data.

9.3 We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your Personal Data, and for any additional copies of the Personal Data you request from us.

10 HOW LONG WE WILL HOLD YOUR PERSONAL DATA FOR

We will only retain your Personal Data for as long as necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements.

11 HOW WE UPDATE OR CHANGE THIS PRIVACY POLICY

11.1 We may change or update parts of this Privacy Policy in order to maintain our compliance with applicable law and regulation or following an update to our internal practices. We will do this by updating this Privacy Policy on OurBlood.org. You will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this Privacy Policy so you are fully aware of any changes or updates.

11.2 This Privacy Policy was last updated on 23 October 2018.

12 HOW YOU CAN CONTACT US

If you have any queries about the contents of this Privacy Policy, or wish to inform us of a change or correction to your Personal Data, would like a copy of the data we collect on you or would like to raise a complaint or comment, please contact us using the details set out below:

Email: [email protected]

13 HOW TO LODGE A COMPLAINT TO THE REGULATOR

You are entitled to lodge a complaint with our data protection regulator if you consider that we have breached your data protection rights. In the UK, our data protection regulator is the Information Commissioner’s Office, which can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.5