Menu Close

Privacy Policy

Privacy Policy

Privacy Policy

This Privacy Notice (“Notice”) is issued by Brittle Bone Society, a charity registered under number 272100 in England and Wales and in Scotland under number SC010951 (“BBS” or “we”). BBS is the national charity that supports individuals and families affected by Osteogenesis Imperfecta (“OI”).

BBS is committed to using your personal data in accordance with our responsibilities under the General Data Protection Regulation (“GDPR”).

This Notice lets you know how we collect, use and protect your personal data.  Personal data has the meaning given to it in the GDPR and includes any information that relates to an identified or identifiable natural person.

We use the personal data that you provide us through this website and through your other interactions with us to gain a better understanding of how you use our services.  This assists us in making more efficient use of our resources to support individuals and families affected by OI.

We may post additional GDPR information (“Additional GDPR Information”) in connection with specific users of this site from time to time.  If you are one of those specific users, please read this Notice in conjunction with the Additional GDPR Information.  In the event of any conflict, the terms of the Additional GDPR Information prevail over the terms of this Notice.

 

Information we may collect and process about you

You may give us personal information when:

  • requesting information from us
  • making a donation
  • joining as a member
  • signing up for an event or training
  • filling in a form on our website
  • corresponding with us by phone, e-mail, post or online
  • interacting with us on our social media platforms
  • fundraising on our behalf
  • telling us your story
  • giving us feedback
  • making a complaint
  • applying for a job
  • registering as a volunteer

You may give us information indirectly when:

  • you register for an event run by other organisations who commit to share funds with us, such as a sponsored sporting event;
  • use a fundraising platform to make a donation to us;
  • book your attendance at an event via a third party;
  • you request third parties to provide us information in connection with an application to us. For example, we may ask you to obtain information from healthcare providers who know you to assist in the evaluation of your application.

In these instances, you will either have provided us with your consent to obtain this information or provided your consent to the third party to share your personal information with us.

The information we hold either because you gave it to us or you asked for it to be given to us  may include your name, address, e-mail address, phone number, date of birth and financial and credit card information.

We may also hold further information concerning accessibility and dietary requirements, particularly when you register for events.  You may also provide us with information regarding your experiences of living with OI.  We appreciate that some of this information constitutes sensitive information and in most cases we will need your explicit consent to process this sensitive data.  If we are relying on a different lawful basis, we will inform you of this.

 

What we do not do

BBS does not sell, trade or rent your personal data to others, for marketing purposes or otherwise. We do not conduct telemarketing, but you may receive calls from us for administrative purposes, for example to check the accuracy of our records and update your details, or in connection with your donation or membership.

 

Cookies

Our website uses cookies to distinguish you from other users of our website.  When you visit our website, the following information may be collected automatically:

  • Technical information, including the IP address used to connect your device to the internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and the type of device you are using;
  • Information about your visit, including the route into and through our site, length of visit and pages you viewed.

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.  If you have other Google accounts, Google may associate this information with those accounts.  Google will use this information for the purpose of helping to evaluate your use of the website, compiling reports on website activity for us and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.

You can refuse the use of cookies/disable cookies by not responding the the pop-up banner image which reads “Cookies are being used on this site. Please agree to accept these cookies to enjoy the full benefits of the site’s features” More info.

 

If you’re 16 or under

If you are aged 16 or under, you must get a parent’s/guardian’s permission before you provide any personal data to us.

 

Fundraising and direct marketing

At the point of giving us your details you will have the opportunity to opt in and consent to receiving further information and updates from us, including newsletters and promotional material for upcoming events and fundraising initiatives.

If you select to receive fundraising and marketing communications we will use your data to keep you informed about our work and how your support is making a difference, as well as giving you the opportunity to make donations towards our work or get involved through activities.  If you later decide that you would prefer not to receive such communications, wish to update your contact information, We ensure that all of our forms and fundraising materials include a section about your communication preferences and how to opt out.

 

How we protect your information

We use technical and corporate organisational safeguards to ensure that your personal data is secure. We limit access to information on a need-to-know basis and take appropriate measures to ensure that our people are aware that such information is only used in accordance with this Privacy Notice.

We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors.

If you use your credit or debit card to donate to us, buy something or make a booking online, we pass your card details securely to our payment processing partners. We do this in accordance with industry standards and do not store the details on our website.

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.

 

Vulnerable circumstances

We understand that additional care may be needed when we collect and process the personal data of vulnerable supporters and volunteers. Please contact us as soon as possible should you have any concerns about our use of personal data of vulnerable supporters and volunteers and/or any issues with how vulnerable supporters and volunteers may be using this website or receiving information from us.

 

GDPR Information

The following information is provided to you pursuant to the information requirements of the GDPR:

Data Controller:  BBS, whose details are set forth above.  Please also see “Contact us” details below.

Personal Data Collected:  Please see “Information we may collect and process about you” above.

Purpose and Legal Basis for Processing:  To support our legitimate interests of providing you with general information regarding our charitable activities relating to OI.

Recipients:  We may transfer this personal data to banks and payment providers, to our IT, facilities and event providers, to legal and professional advisors, to taxation and other governmental authorities (particularly in connection with Giftaid records), and to third parties should we be engaged in legal proceedings.  Subject to having obtained the necessary consents, we may also share your information with healthcare providers, researchers into OI and related diseases and with other institutions from whom we are seeking funds in support of our activities.

Data Subject Rights:  You may have certain rights under the GDPR, including the right to revoke any data processing consent you have given, to obtain information on the processing of your personal data, to object to the processing of your personal data, to make use of your right to data portability and to have your personal data rectified or deleted or its processing restricted.  If you revoke any consent you give, we may continue to process your data if we have an alternative basis of doing so, and we will inform should this become relevant to you.  You are also entitled to lodge a complaint with a supervisory authority, which is generally the supervisory authority where you work and/or are resident.  If you wish to exercise any of these rights, please see the “Contact us” details below.

 

Contact us

Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to our Data Protection Officer by email at admin@brittlebone.org or by post to Brittle Bone Society, 30 Guthrie Street, Dundee DD1 5BS.  Please use these same contact details to exercise any of your GDPR rights.