LADY GROVER’S FUND PRIVACY STATEMENT
Our Privacy Statement
This Privacy Statement tells you what to expect when you, as Members and Beneficiaries of Lady Grover’s Fund, give your personal and healthcare information to us. Personal information includes any information that identifies you personally, such as your name, address, email address, telephone number and date of birth. Healthcare information includes any information about your health, treatment, care plan and recovery. Lady Grover’s Fund recognises that your privacy is very important. We want you to be confident with the way we handle your information and with our commitment to protect and respect your privacy. We outline below how The Fund collects, uses and protects this information; for how long we retain it; and how we dispose of it when we no longer need it. Also, we inform you of your rights concerning the provision, use and retention of your data.
What information we collect and what we use it for
For Members, we collect and store personal information; name, initials, rank and service, date of birth, address, email address, phone number and bank account details. We use your personal information to inform you of changes in rules or subscriptions, administer your Membership, keep your details current, send you an annual newsletter and inform you of AGMs. Where you give us permission to do so, we may use your comments about our performance on our website to inform other Members and visitors to the website about how we have helped you. This will always be anonymised. Where necessary, we record specific healthcare information about you if your condition would lead us to deal with your spouse or holder of a power of attorney, rather than with yourself. We will ask you for your consent to collect, hold and process any of your healthcare information provided to us.
For Beneficiaries, we collect personal information; name, relationship to member and date of birth. Since our purpose is to help with the costs of your healthcare, we also collect and retain relevant healthcare information provided by you or by your parent or guardian if you are under the age of 18, to process your claims. To assess a claim we need to know the nature of your illness or injury, the treatment received, the prognosis and the type and probable duration of care required. When you claim we will ask you for that information, which may be provided by third parties; for example the Member, doctors, hospitals, nursing homes and carers who have been part of your treatment, care plan and recovery. We will ask you, or until you reach 18 years of age, your parent or guardian, for consent to collect, hold and process that information.
How we collect information and keep it current
We receive and store the information which is given to us by Members and Beneficiaries in writing, via email, or on the telephone when you apply for Membership and when you make an enquiry or a claim. When you contact us we check your details with you for accuracy, and update them where necessary.
How we safeguard your information
Your information is kept in a secure and confidential environment and is accessible only to permitted processors whose access is password-protected. Personal information can be seen by those who administer your Membership. Sensitive, healthcare information is accessible only by those who process claims and thus need to have this information. Healthcare information is separated on our database from personal information by passwords which are unique to each claims processor, selected by them and changed regularly. We will not use your data for any purposes other than those for which we use it at present, outlined above. We will never pass any of your information to other organisations except where required to do so by law or where we have engaged data processors to support us.
How long we will keep your information
We will keep your personal information on our database while you are a Member of the Fund and for 7 years after your Membership ends, as required by HMRC for all financial data. We need to keep some of your healthcare details (illness or injury, care package and duration claimed) throughout your Membership to ensure that we comply with our rules on chronic and repeat illness. Since any payment we make to you is dependant on the duration and nature of your care, we will keep these details on the database for 7 years after your Membership ends to satisfy both HMRC and PRA regulations. The detailed medical and care reports which you provide in paper form to support your claim, we will keep for 2 years, in order to take account of the next AGM and audit. Thereafter we will destroy them securely.
You have the right to:
- Receive a copy of the personal data we hold on you by emailing us at firstname.lastname@example.org or writing to the Secretary, Lady Grover’s Fund, Mountbarrow House, 6-20 Elizabeth St, London SW1W 9RB.
- Object to processing that is likely to cause or is causing damage or distress.
- Have corrected any errors or omissions in the personal data held.
- Ask that your personal data be erased subject to any statutory or legal requirements placed on the data controller. If you ask us to erase your information while you are still a member, we may be unable to fulfil our contract with you.
- Where you have given consent, you may withdraw it at any time. If you withdraw consent for the use of your information, we may be unable to fulfil our contract with you.
- Ask that the processing of your data be restricted, if you disagree about the accuracy of the data the controller holds or you object to the controller’s intention to erase your data.
- Claim compensation for damages caused by a breach of data protection legislation.
- Make a complaint to the Information Commissioner’s Office at: https://ico.org.uk/concerns/ or 0303 123 1113.
By providing us with your personal and healthcare data you consent to the collection and use of any information provided in accordance with the above purposes and this privacy statement.
Our commitment to data security
To prevent unauthorised access, maintain data accuracy and ensure the correct use of information, we have put in place appropriate physical, electronic and managerial procedures to safeguard, secure and update the information we collect.