Privacy policy

Your privacy is really important to us and we are committed to protecting your personal information. This privacy policy sets out how we collect and use the information you give us. If you have any questions please feel to free to get in touch.

1. Introduction

The Royal Marsden Cancer Charity raises money to support The Royal Marsden, a world-leading cancer centre. From funding state-of-the-art equipment and ground-breaking research, to creating the very best patient environments, we will never stop looking for ways to improve the lives of people affected by cancer.

To help us do this we may collect and process your personal data. This gives us a better understanding of our supporters and strengthens our decision-making processes, as well as being necessary for the administration of our supporters’ donations. 

Therefore we feel that we have a legitimate reason and legal basis for such processing. If we collect sensitive personal data from you, we will seek to only do so with your consent. The Royal Marsden Cancer Charity (“we”) respects any personal data you share with us and fully intends to keep it safe. We aim to be clear when we collect your data and not do anything with it you wouldn’t reasonably expect.

We adhere to the requirements of the Data Protection Act 1998 and we take our responsibilities under this act very seriously and we ensure the personal information we obtain is held, used, transferred and otherwise processed in accordance with that Act and all other applicable data protection laws and regulations including, but not limited to, the Privacy and Electronic Communication Regulations.

This statement sets out how, in our day to day activities, we process and store personal information relating to our supporters.  

If you have any questions about this policy or the ways in which we may process your personal data, please contact us:

Data Protection & Privacy
Supporter Care
The Royal Marsden Cancer Charity
Fulham Road
London
SW3 6JJ

Telephone: 020 7808 2233
Email: [email protected]

2. What personal information do we collect?

Personal information is information that can be used to identify you or tell us about you. The type of personal information that we will usually collect from you can include, but is not limited to, the following:

  • Your name
  • Your contact details
  • Your date of birth
  • Your bank or credit/debit card details
  • Your personal interests, demography, employment, and giving capacity

We will mainly use your data to:

  • Administer your donation or support your fundraising, including processing Gift Aid
  • Provide you with the products or information
  • Keep a record of your relationship with us
  • Ensure we know how you prefer to be contacted
  • Understand how we can improve our services, products or information

3. How do we collect personal information?

We may collect your personal information directly from you, including when you:

  • ask about our activities or register with us (for example, for emails)
  • make a donation to us
  • register for an event
  • engage with our social media
  • order products and services (such as merchandise from our shop)

We may also collect personal data indirectly from you. For example, we gather and observe data about supporters’ use of our websites, such as which pages are most visited and which events or activities are of most interest as well as feedback ratings and text.

This information can be used to help us improve our website and services and ensure we provide you with the best service. Wherever possible, the information we use for this purpose will be aggregated or anonymised i.e. it will not identify you as an individual visitor to our website. More information can be found in section 10 below entitled “Our website”.

Additionally, we may also collect personal information for the purposes of research briefing either directly or through a third party from publically available sources. Where we supplement the information we hold about you with publically available data, this may include information from the electoral register, press, charity register and third party information services. 

For more information, see section 4 below at the paragraph entitled ‘Research briefing’. We will not collect “sensitive personal information” about you unless there is a clear reason for doing so, such as participation in an event where we need this information to ensure we provide appropriate facilities for you.

Alternatively, to help further our cause and provide information and support to those affected by cancer, we may collect health information from you if you tell us about your experiences of the hospital (for example, if you act as a case study for us). Where we collect sensitive personal data for these purposes we will seek to obtain your consent and we will make it clear to you when collecting this information as to what we are collecting and why. You may withdraw such consent at any time.

4. Why do we collect and how do we use your information?

We may collect your personal information for a number of reasons, which fall under the following broad categories.

Donations

Here we use personal information to:

  • process any donation(s) we may receive from you
  • thank you for any donation(s) we receive

Providing you with our products and services

Here we use personal information to:

  • provide you with the services, products or information
  • provide you with information about our work or our activities, that you have asked to receive
  • send you the items you have ordered through our shop

Fundraising and marketing

Here we use personal information to:

  • ask you to help us raise money or donate money to our charity, but always in accordance with our supporter promise
  • build profiles of our supporters to help us send more targeted and relevant communications

Administration and records

Here we use personal information:

  • for internal record keeping, such as the management of feedback or a complaint
  • to process job applications or volunteer placements
  • where it is required or authorised by law
  • when assessing your personal information for the purposes of credit risk reduction or fraud prevention (regrettably some people target charities for illegal purposes such as money laundering and, quite rightly, we are required to monitor financial activity and report suspected fraud to the appropriate authorities)

Understanding and improving our products and services

Here we use personal information to:

  • invite you to participate in surveys or research
  • analyse and improve the services we offer
  • block disruptive use of our website, record website traffic, personalise the way our information is presented to you or to identify your approximate location.

Payments

If you use your credit or debit card to donate to us, buy something or pay online or over the phone, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard

We do not store your credit or debit card details at all, following the completion of your transaction. All card details and validation codes are securely destroyed once the payment or donation has been processed. Most transactions are undertaken without a person ever seeing your credit card details and only those staff authorised to process payments will be able to see your card details.

If we receive an email containing any credit or debit card details, it will be immediately deleted, no payment will be taken and you will be notified about this.

Research briefing

In order that we are able to tailor the experience our supporters receive, making communications as relevant and timely as possible, we may use research briefing and database screening techniques as part of our fundraising. Such techniques allow us to identify supporters who might be interested in and have the capacity to fund particular projects which are reliant on the support of the charity. By understanding more about our supporters in this way, we are also able to make our fundraising more cost-effective, ensuring that we continue to support the lives of those affected by cancer.

Research briefing and/or screening techniques may involve analysing personal or anonymised data including contact details, demography, employment, giving capacity and other information provided by you, or available either directly or through a third party from publically available sources. Where we supplement the information we hold about you with publically available data, this may include information from the electoral register, press, charity register and third party information services.

We are also required by law to protect against the possibility of charitable donations being used as part of criminal activity such as fraud or money laundering, which would need to be reported to the authorities. Such instances are extremely rare but where a risk is highlighted, due diligence and other research briefing or screening techniques allow the Charity to be confident in accepting legitimate offers of support.

Marketing

We may contact you for marketing purposes by mail, email, telephone, mobile telephone or text. We may also send you service communications via email, text or social posting, for example where you place an order for goods or services on our website, or if you have made a donation by text.

It is your choice on the type of communications and information you receive about our charity and the ways in which you can get involved. You can change your mind at any time by contacting us at:

Private Information Change Request
The Royal Marsden Cancer Charity
Fulham Road
London
SW3 6JJ

Or via telephone on 020 7808 2233 or email: [email protected]

We will not use your information for marketing purposes if you have asked us not to. However, we will retain your details on a suppression list to help ensure we do not continue to contact you.

5. Information sharing and disclosure

We will not, without your consent, supply any of your personal data to any third party – except where:

  • The transfer is to a secure data processor, which carries out data processing operations on our behalf; or
  • We are required to do so by law enforcement or regulatory bodies where this is required or allowed under the relevant legislation

We may use a third-party company to manage mailing for fundraising appeals, campaigns, conduct research surveys or storage of your personal information on our behalf. We actively screen these companies to maximise the protection of your privacy and security. They are only permitted to use the data in accordance with the Data Protection Act 1998, under our strict instructions.

The third parties we use are trusted partner organisations that work with us in connection with our charitable purposes; and other entities that act as fundraisers for us, sell our products or provide us with information and marketing (subject to your communication preferences and our internal policies and procedures). All our trusted partners are required to comply with data protection laws and our high standards and are only allowed to process your information in strict compliance with our instructions. We will always make sure appropriate contracts and controls are in place and we regularly monitor all our partners to ensure their compliance.

We may disclose your personal information to third parties if we are required to do so through a legal obligation (for example to the police or a government body); to enable us to enforce or apply our terms and conditions or rights under an agreement; or to protect us, for example, in the case of suspected fraud or defamation. We do not share your information for any other purposes.

Some of the third parties to whom we disclose personal information may be located outside of the European Economic Area or EU.  Where it is necessary for these third parties to process personal information, we will also take steps to ensure that such processing is only carried out according to our strict instructions.  In this respect we may rely on standard data protection clauses adopted by the European Commission or the ICO. If you would like more information about these clauses, please contact us using the contact information stated in section 1 above.

6. The accuracy of your information

We aim to ensure that all information we hold about you is accurate and, where necessary, kept up to date. If any of the information we hold about you is inaccurate and either you advise us or we become otherwise aware, we will ensure it is amended and updated as soon as possible.

7. Under 16s

If you are aged 16 or under, and would like to participate in an event, make a donation or get involved with us, please make sure that you have your parent/guardian’s permission before giving us your personal information. When we collect information about a child or young person, we will make it clear as to the reasons for collecting this information and how it will be used.

8. Vulnerable circumstances policy

We recognise the importance of protecting our vulnerable supporters and follow the guidance issued by the Institute of Fundraising on treating donors fairly. We believe this helps to support our staff and fundraisers who come into contact with supporters in providing high quality customer care, ensuring anyone donating to the Charity is in a position to make a free and informed decision.

9. Storing your information

We will keep all your information in a confidential record that is specific to you. We use a customer relationship management system (CRM) to support our activity. This means that we can keep the information you provide us, so we are able to see the history and relevant details of your relationship with us. This ensures that we provide appropriate and accurate communications. We take information security very seriously. No one is allowed access to our system or files unless they need this in order to provide a service to you or one of the other purpose discussed in this notice.

Although most of the information we store and process stays within the UK, some information may be transferred to countries outside the European Economic Area. This may occur if, for example, one of our trusted partners’ servers is located in a country outside the EU. These countries may not have similar data protection laws to the UK, however, we will take steps to ensure your privacy continues to be provided as outlined in this privacy policy. In this respect we may rely on standard data protection clauses adopted by the European Commission or the ICO. If you would like more information about these contracts, please contact us using the contact information stated above.

We will keep your information for as long as required to enable us to operate our services but we will not keep your information for any longer than is necessary. We will take into consideration our legal obligations and tax and accounting rules when determining how long we should retain your information. When we no longer need to retain your information we will ensure it is securely disposed of, at the appropriate time.

10. Our website

To make full use of our website you need to accept cookies. Without cookies you can still visit our website but some features won't work. More information on cookies can be found below.

Our website is hosted on a secure server. Any information you send to us over the internet is encrypted using secure socket layer technology (SSL). Although we cannot 100 per cent guarantee the security of any information you transmit to us, we enforce strict procedures and security features to protect your information and prevent unauthorised access.

Our website contains links to other websites belonging to third parties and we participate in social networking sites including but not limited to Twitter, YouTube and Facebook. We may also include content from sites such as these on our website however, would advise that we do not have any control over the privacy practices of these other sites. You should make sure when you leave our site that you have read and understood that site’s privacy policy in addition to our own.

11. Cookies

We use “cookies” to help track the success of our online advertising and monitor the usage of our website. The information we collect is anonymous and does not personally identify you. It does not contain your name, address, telephone number, or email address.

What is a cookie?

A cookie is a small file of letters and numbers that we may put on your computer or mobile device when you access our website. These cookies allow us to distinguish you from other users of the website helping us to provide you with a good experience when you browse our website and also allow us to improve our site. For example, they will tell us whether you have visited our site before or whether you are a new visitor.

You do not have to accept cookies, but without accepting them you may experience reduced website functionality. If you should wish to reject the cookies then please read the information that came with your browser software to see how you can turn off the automatic download feature. By otherwise accessing our website, you are agreeing to the terms of our cookie usage.

To find out more about cookies and how you can disable them you can visit the All about Cookies website.

What cookies do we place?

In addition to the cookies set by our website, a visit to this site will also set cookies from other services that we have decided to use in order to help improve our site. These services are described below.

Google Analytics

We use this service to track and monitor website usage. We have chosen to enable features of this service known as 'advertiser features'. These features benefit us by allowing us to see more information about how this website is used, which helps us improve our website experience for visitors and also measure the effectiveness of any advertising. By enabling these features we also enable Google Analytics to collect data about site traffic via Google advertising cookies and anonymous identifiers.

If you would rather that your visits to this website are not recorded then please consider looking at Google Analytics' currently available opt-outs.

Hotjar

We use this service to help us better understand how you are using our website and how we can make it better through a range of tools such as heatmaps, feedback polls and surveys.

You can read Hotjar's cookie information for further information or choose to disable the Hotjar service at: https://www.hotjar.com/privacy

12. Your rights

You have the right to:

  • request a copy of the information we hold about you
  • update or amend the information we hold about you if it is wrong
  • change or withdraw your communication preferences at any time
  • ask us to remove your personal information from our records
  • object to the processing of your information for marketing purposes
  • raise a concern or complaint about the way in which your information is being used.

If you wish to find out more about these rights, or obtain a copy of the information we hold about you, please contact us:

Private Information Request
The Royal Marsden Cancer Charity
Fulham Road
London
SW3 6JJ

Or via telephone on 020 7808 2233 or email: [email protected] 

We hope that you will not have cause to complain about any aspect of our services.  If a problem does arise you are, of course, entitled to complain – if you have any concerns or complaints that cannot be raised with us through the above details, you can also contact the Information Commissioner.