Here at PHA UK, we are committed to maintaining the trust and confidence of our website visitors and clients.
This privacy notice tells you when and why we collect your personal information, how we use it, when we might need to disclose it to others and how we keep it secure.
John Smith is our nominated representative and is in charge of all privacy-related matters for PHA UK. If you have any questions about this privacy notice, please contact us using the details set out below.
Full business name: Pulmonary Hypertension Association UK
Email address: firstname.lastname@example.org
Postal address: PHA UK Resource Centre, Unit 1, Newton Business Centre, Newton Chambers Road, Thorncliffe Park, Chapeltown, Sheffield, S35 2PH
Types of data we collect
Website cookies – see our separate cookies policy for more information
Google Analytics – to collect standard internet log information and details of visitor behaviour patterns. We do this to find out which pages are most viewed to continually improve our service. This information is only processed in a way that does not identify anyone.
Contact data – such as billing address, delivery address, email address and telephone numbers.
Financial data – such as your bank account and payment details.
Marketing & communications data – your preferences in receiving marketing communications from us and your communication preferences.
How we collect data
We collect data through direct interactions including when you:
- fill out a form on our website
- call or email to ask about our services
- order our services
- give us feedback
We also collect data automatically too through cookies and our website server logs to learn more about our website visitor’s browsing actions and usage patterns.
How we use data
We will use your personal data to:
- register you as a new client
- manage payment
- collect and recover monies owed to us
- to manage our relationship with you
- send you details of our goods and services.
Our legal grounds for processing your data are in relation to points 1 to 4 above are for performance of a contract with you and in relation to 5 above, necessary for our legitimate interests to develop our products/services and grow our business.
The only other time we are legally permitted to use your data is where we need to comply with a legal or regulatory obligation.
Securing and Storing Data
Some of our third party providers are businesses outside of the EEA in countries which do not always offer the same levels of protection for your personal data. We do our best to ensure a similar degree of security by ensuring that contracts, code of conduct or certification are in place which give your personal data the same protection it has within Europe.
If we are not able to do so, we will request your explicit consent to the transfer and you can withdraw this consent at any time.
We only keep your personal data for as long as is necessary to fulfil the purposes for which we collected it. We may retain your data to satisfy any legal, accounting, or reporting requirements.
Protecting your data is important to us and we have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.
Information regarding your rights
You are entitled to view, amend, or delete the personal information that we hold about you at any time. Email your request to: email@example.com.
In the unlikely event that you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
Access to your personal data
You are entitled to ask us to confirm if we are processing your personal data and you may request a copy of your data by contacting us.
Right to change or withdraw consent
You have the right to withdraw your consent of the use of your personal data by contacting us.
Right to rectification
You have the right to request the rectification of inaccurate personal data by contacting us.
Right to Erasure
In certain circumstances the right to erasure may apply – if you would like us to erase your data please contact us with details of why you would like us to do this.
Right to restrict processing
In certain circumstances you can ask us to restrict the use of your personal data. In such instances please contact us with details of why you would like your information restricted.
Right to Data Portability
There are certain circumstances in which you may ask us to provide you with the personal data we hold about you in a commonly used and machine readable form, or you may ask us to send personal data to another data controller. Please contact us if you have a request.
Right to object
In certain circumstances you may object to the processing of your personal data. Please contact us if you have a request.
Changes to this Privacy Notice
We may change this Privacy Notice from time to time and shall notify you of any changes. Last updated November 2018