Proximalhamstringtendinopathy.org On-Line Community Group DPO

1) Definitions

  1. Personal data is information about a person which is identifiable as being about them. It can be stored electronically or on paper, and includes images and audio recordings as well as written information.
  2. Data protection is about how we, as an organisation, ensure we protect the rights and privacy of individuals, and comply with the law, when collecting, storing, using, amending, sharing, destroying or deleting personal data.

2) Responsibility

  1. Overall and final responsibility for data protection lies with the management, who are responsible for overseeing activities and ensuring this policy is upheld.
  2. The Management is responsible for observing this policy, and related procedures, in all areas of their work for the org website, associated Facebook page and Twitter account.

3) Overall policy statement

  1. org On-Line Community Group needs to keep personal data about its members in order to carry out the running of the On-Line Community.
  2. We will collect, store, use, amend, share, destroy or delete personal data only in ways which protect people’s privacy and comply with the General Data Protection Regulation (GDPR) and other relevant legislation.
  3. We will only collect, store and use the minimum amount of data that we need for clear purposes, and will not collect, store or use data we do not need.
  4. We will only collect, store and use data for:
    • purposes for which the individual has given explicit consent, or
    • purposes that are in our On-Line Communities’ legitimate interests, or
    • purposes that are in the member’s legitimate interests, or
    • contracts with the individual whose data it is, or
    • to comply with legal obligations, or
    • to protect someone’s life, or
    • to perform public tasks.
  5. We will provide individuals with details of the data we have about them when requested by the relevant individual.
  6. We will delete data if requested by the relevant individual, unless we need to keep it for legal reasons.
  7. We will endeavour to keep personal data up-to-date and accurate.
  8. We will store personal data securely.
  9. We will keep clear records of the purposes of collecting and holding specific data, to ensure it is only used for these purposes.
  10. We will not share personal data with third parties without the explicit consent of the relevant individual, unless legally required to do so.
  11. We will endeavour not to have data breaches. In the event of a data breach, we will endeavour to rectify the breach by getting any lost or shared data back. We will evaluate our processes and understand how to avoid it happening again. Serious data breaches which may risk someone’s personal rights or freedoms will be reported to the Information Commissioner’s Office within 72 hours, and to the individual concerned.
  12. To uphold this policy, we will maintain a set of data protection procedures for the Management to follow.
  13. To ask for your personal data and/or your posted messages to be removed, please use the Proximal Hamstring Tendinopathy Help and Support Facebook page Messenger service to DM Vicki Smith at Proximal Hamstring Tendinopathy Help and Support.  https://www.facebook.com/ProximalHamstringTendinopathy/

 

4) Review

This policy will be reviewed every two years

Date………12th July 2019………………………………..

Signature (Chair)………Vicki Smith…………………………………………………….

Signature (Secretary)…Vicki Smith………………………………………………………

Sample data protection procedures

1) Introduction

  1. org On-Line Community Group has a data protection policy which is reviewed regularly. In order to help us uphold the policy, we have created the following procedures which outline ways in which we collect, store, use, amend, share, destroy and delete personal data.
  2. These procedures cover the main, regular ways we collect and use personal data. We may from time to time collect and use data in ways not covered here. In these cases we will ensure our Data Protection Policy is upheld.

 

2) General procedures

  1. Data will be stored securely. When it is stored electronically, it will be kept in password protected files. When it is stored online in a third party website (e.g. Google Drive) we will ensure the third party comply with the GDPR.
  2. When we no longer need data, or when someone has asked for their data to be deleted, it will be deleted securely. We will ensure that data is permanently deleted from computers.
  3. We will keep records of consent given for us to collect, use and store data. These records will be stored securely.
  4. To ask for your personal data and/or your posted messages to be removed, please use the Proximal Hamstring Tendinopathy Help and Support Facebook page Messenger service to DM Vicki Smith at Proximal Hamstring Tendinopathy Help and Support. https://www.facebook.com/ProximalHamstringTendinopathy/

3) Mailing list

  1. We will maintain a mailing list. This will include the names and contact details of people who wish to receive, publicity from Proximalhamstringtendinopathy.org On-Line Community Group.
  2. When people sign up to the list we will explain how their details will be used, how they will be stored and that they may ask to be removed from the list at any time. We will ask them to give separate consent to receive publicity and will only send them messages which they have expressly consented to receive.
  3. We will not use the mailing list in any way that the individuals on it have not explicitly consented to.
  4. We will provide information about how to be removed from the list with every mailing.
  5. We will use mailing list providers who store data within the EU.

4) Supporting individuals

  1. Individuals contact the Proximalhamstringtendinopathy.org On-Line Community Group for help and support with their proximal hamstring tendinopathy or for prevention of the same by posting messages on-line within the Proximalhamstgringtendinopathy.org community.
  2. We do not share any personal details with any third party.
  3. We will not keep information relating to an individual’s personal situation for any longer than is necessary for the purpose of providing them with the support they have requested.
  4. Personal data relating to Member’s proximal hamstring tendinopathy will be stored securely by Management and not shared unless necessary for the purpose of providing the support requested and consent is given by the Member in writing.
  5. Details relating to individual’s circumstances will be treated as strictly confidential.

 

8) Review

These procedures will be reviewed every two years

Date……12th July 2019…………………………………..

Signature (Chair)………Vicki Smith…………………………………………………….

Signature (Secretary)…Vicki Smith………………………………………………………

Cookie Policy

Do we use cookies?

Yes we do. A cookie is a piece of text that is stored on your computer by your web browser. We use cookies to monitor how people use our site. This helps us to understand how our customers and potential customers use our websites so we can develop and improve their design, layout and more relevant content.

We use a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit http://www.aboutcookies.org for detailed guidance.

The list below describes the cookies we use on this site and what we use them for. Currently we operate an ‘implied consent’ policy which means that by using our website you agree we can place these types of cookies on your device. If you are not happy, then you should either not use this site, or you should delete the cookies having visited the site, or you should browse the site using your browser’s anonymous usage setting (called “Incognito” in Chrome, “In Private” for Internet Explorer, “Private Browsing” in Firefox and Safari etc.)

First Party Cookies

These are cookies that are set by this website directly.

  • Login:A login cookie is used to preserve your personal login preferences as set on the login screen.
  • Google Analytics:We use Google Analytics to collect information about visitor behaviour on our website. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. This Analytics data is collected via a JavaScript tag in the pages of our site and is not tied to personally identifiable information. We therefore do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are.

You can find out more about Google’s position on privacy as regards its analytics service here.

  • Banner advertising:These cookies allow us to know whether or not you’ve seen an advert and how long it is since you’ve seen it.
  • PPC:These cookies use Flashtalking and Google Analytics to track our PPC campaigns by dropping cookies onto users’ browsers.

More info on Flashtalking and Google Analytics can be found here:

http://www.google.com/policies/technologies/ads/

https://developers.google.com/analytics/devguides/collection/gajs/cookie-usage

http://www.flashtalking.com/privacy/policy.pdf

Third Party Cookies

These are cookies set on your machine by external websites whose services are used on this site. Cookies of this type are the sharing buttons across the site allow visitors to share content onto social networks.

Cookies are currently set by:

  • AddThis
  • Facebook
  • YouTube

In order to implement these buttons, and connect them to the relevant social networks and external sites, there are scripts from domains outside of our website. You should be aware that these sites are likely to be collecting information about what you are doing all around the internet, including on this website.

You should check the respective policies of each of these sites to see how exactly they use your information and to find out how to opt out, or delete, such information.

Emails

 Some emails we send we track, at an individual level, whether the user has opened and clicked on the email. We do not use this information at a personal level, rather we use it to understand open and click rates on our emails to try and improve them. If you want to be sure that none of your email activity is tracked then you should opt out of our emails which you can do via the unsubscribe link at the bottom of every email we send.

Blocking & deleting cookies

Most browsers allow you to refuse to accept cookies. For example:

  • Internet Explorer – to  refuse all cookies click “Tools”, “Internet Options”, “Privacy”, and select “Block all cookies” using the sliding selector
  • Firefox – to block all cookies click “Tools”, “Options”, and un-check “Accept cookies from sites” in the “Privacy” box or select “Clear private data” if you want to delete all cookies.
  • Chrome – click on the Chrome menu in the toolbar, click on “settings”, click on “advanced settings”, choose “Privacy” section, then click on ” Content settings” button and choose either block or delete as appropriate.

Blocking or deleting  all cookies will, however, have a negative impact upon the usability of many websites.