REVIVE MS International Limited (REVIVE MS) (“We”) are committed to protecting and respecting your privacy. We will not collect any information about individuals, except where it is specifically and knowingly provided by them.
This policy (together with our Terms and Conditions document [https://www.revivemssupport.org.uk/terms-conditions/] and any other documents referred to on them) sets out the basis on which any personal data that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the General Data Protection Regulation (GDPR) 2016/679, the data controller is REVIVE MS International Limited, a charity (SC022886) and company incorporated in Scotland (company number SC152198) and who can be contacted at the Head Office address Moorpark Court, 29 Dava Street, Govan, Glasgow, G51 2JA.
Who are we?
We are REVIVE MS, a team of almost 30 professional staff offering a wide range of therapies for those with Multiple Sclerosis (MS). The Centre aims to be a “one-stop shop” for everyone affected by MS – that includes those who live with the condition, for family members and carers or fellow health professionals. We strive to complement local statutory health and social services and work in partnership with them under the auspices of the “Integrated Services Project”.
How do we collect information from you?
We obtain information about you when you use our website, for example, when you contact us about the services that we provide, submit an application form to volunteer for us, if you decide to donate to revive or if you register to receive one of our regular newsletters.
What type of information is collected from you?
The personal information we collect might include your name, address, email address and in the case of applications, other personal data such as date of birth, present and previous occupations, present and previous volunteer experience, emergency contact details, drivers licence, referee details, PVG Scheme record disclosure and so on. All the personal information collected, in respect to either volunteer or staff applications, are relevant and necessary for REVIVE MS to perform our obligations thereon.
How is your information used?
We will use the information you give to us to:
- Carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- Provide you with information about services we offer that are similar to those that you have already purchased or enquired about:
- Verify your identity and details of your payment method or credit card amount;
- Market to you, if you have explicitly agreed to it;
- Ensure that content from our site is presented in the most effective manner for you and for your device.
REVIVE MS maintains strict policies to avoid unsolicited correspondence. We may share non-personal aggregate statistics (group) data about our site visitors’ traffic patterns with partners or other parties. However, we do not sell or share any information about individual users.
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us. You may request a copy of our retention policy using the postal address above or firstname.lastname@example.org
When you fill out a web-form to sign up to a newsletter, download a resource, such as a brochure, or enquire about a product or service, we may ask you to provide certain personal information, including your:
- Email address
- Telephone number
By completing the form and ticking the relevant boxes you are providing your consent for Revive MS to process your personal data, and this is the legal basis we are relying on to do so.
We will use the information that you give us to send you relevant emails containing Revive MS news & marketing communications. Your information will be stored on our servers which are located in the UK.
We regularly review your interactions with the emails we send you and remove any subscribers who have shown an extended period of inactivity. You can withdraw your consent and unsubscribe at any time by clicking the link at the bottom our email communications or by emailing this address.
If you continue to interact with our emails or website, we will retain your data indefinitely, so we can continue to send you emails.
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies of may result in a loss of functionality when using our website.
Computer profile information
With regard to each of your visits to Our Site we will automatically collect the following information:
- technical information, including the display properties of your computer and the internet protocol (IP) address used to connect your computer to the internet
- information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from Our Site (including date and time), pages you viewed and searched for, page response times, download errors, length of visit of certain pages, page interaction information (such as scrolling, clicks and mouse-overs), methods used to browse away from the page, the content of any forms that you complete on our website and any phone number used to call our customer services number.
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf: We may pass your information to our third-party service providers, agents, sub-contractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process payments and send you mailings). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please be assured that we will not release your information to third parties beyond the REVIVE MS Network for them to use for their own direct marketing purposes unless you have requested us to do so.
When you are using our secure online payment pages, your payment is processed by Blackbaud, a payment processor, who specialises in the secure online capture and processing of credit/debit card transactions for those in the third sector. If you have any questions regarding secure transactions, please contact us.
In addition to the company’s safeguards, your personal data is protected in the UK by the General Data Protection Regulation (GDPR). You can find more information about your rights here. This provides amongst other things that the data we hold about you should be processed lawfully and fairly. It should be accurate, relevant and not excessive. We will endeavour to keep the information you provide up to date, where required, and not retained for longer than is necessary. It will be kept securely to prevent unauthorised access by other people. If you have concerns about the processing of your personal data by REVIVE MS, you may contact us at email@example.com. If you find any inaccuracies with the personal data we retain, we will delete or correct them promptly.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking the relevant boxes on the forms we use to collect your data. You can also exercise that right at any time by contacting us at firstname.lastname@example.org
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Right to Access Your Information
The General Data Protection Regulation (GDPR) provides you with the right to access any information held about you. You can assert this right at any time. We will provide a copy of your information, free of charge. However, we do reserve the right to charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive. We also reserve the right to charge a reasonable fee to comply with further copies of the same information. Any fee will be based on the administrative cost of providing the information. We will endeavour to supply this information without delay and at the latest within one month of receipt. If the request is complex or numerous we can extend this period by a further two months. You will be informed, if this is the case, within one month of the request with an explanation as to why it is necessary.
16 or Under
We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission before you provide us with any personal information.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. If your data is transferred outside of the EU it will be done so to allow us to perform any contractual obligations that are required to provide the services you have requested from us.
If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected while in transit with the following software 256 Bit encryption on SSL. When you are on a secure page, a lock icon will appear on the address bar of web browsers such as Google Chrome.
All financial transactions are processed through a gateway provider and are not stored or processed on our servers.
Security breach notification
Revive MS shall give notice when a user’s information was, or it is reasonably believed to have been, inappropriately accessed as a result of a security breach. Said notice shall be made immediately upon confirmed discovery of the breach (including fulfilling our obligation under the GDPR to notify the ICO within 72 hours) and the time necessary such as to allow Revive MS to determine the scope of the breach, to identify organisations and individuals affected by the breach, and to restore reasonable integrity of the data system that was breached.
For whatever reason, should you wish to lodge a complaint with the Information Commissioner’s office, as is your right, you can do by contacting the ICO directly via one of the options on their website https://ico.org.uk/global/contact-us/