Privacy Policy

Privacy Notice

Bright Northumbria Healthcare Charity is a registered charity and donations make it possible for us to support a number of projects which can make a huge difference to our patients.

How we use your information

This privacy notice tells you what to expect when Bright Northumbria Healthcare Charity collects personal information. It applies to information we collect about:

  • Visitors to our websites
  • Individuals who submit general enquires to us or provide donations.
  • Individuals who apply to Volunteer with the Bright Northumbria Healthcare Charity (including International Volunteering Opportunities)  

While visiting our website there may be instances where we may collect personally identifiable information through our website.  On the Bright Northumbria Healthcare Charity Website this is done so when you submit a general enquiry to use. We collect name and contact details in order to provide you with a response.

There may be occasion when we need to share your information with other organisations in order to carry out our public functions, in such circumstances we make every effort to establish a written form of agreement/ contract in such cases to ensure that all information is kept secure and is not disclosed to any unauthorised individuals.

Security

This site has security measures in place to protect the loss and alteration of information under our control.

People who contact us via social media

If you send us a private or direct message via social media the message will be accessible by the communications team at Northumbria Healthcare NHS Foundation Trust. It will not be shared with any other organisation unless there is a legal requirement to do so. Feedback received via social media may be used internally in reports, all personal identifiable information is however removed.

People who call contact us via phone

When you call any telephone number belonging to Bright Northumbria Healthcare Charity, we collect calling line identification (CLI) information.  We use this information for audit and security purposes.

Some of our services may require you to provide us with personal information over the phone. All information provided to us via this method is treated processed in line with Data protection legislation (GDPR) and trust policies.

When you call some of our services, we may record these calls. You will be notified however that you are being recorded before this takes place. All recorded calls are securely stored in line with Data Protection requirements and are retained for six months.

People who email us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

People who make a complaint to us

When we receive a complaint from an individual, we create a file containing the details of the complaint. This usually contains the identity of the complainant and any other individuals involved in the complaint.

We will only use the personal information we collect to process the complaint and to check on the level of service we provide, information may also be used to improve the services we provide. We compile and publish statistics & report showing information like the number of complaints we receive. This does not contain any identifiable information.

We may have to disclose the complainant’s identity to whoever the complaint is about (e.g. informing the relevant service). This may be necessary in order to investigate complaints, for example if a service need to investigate medical treatment, this will be needed in order to check patient records. If a complainant doesn’t want information identifying them to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.

We will keep personal information contained in complaint files in line in line with our complaint policy. It will be retained in a secure environment and access to it will be restricted accordingly to those who need access to it for the purposes of complaint investigation.

Visitors to our physical sites

Visitors: During visits to our sites, visitors may be asked to sign in on a register.  The information provided in relation to this may include your name & purpose of your visit.  This is so that Northumbria Healthcare is aware of who is visiting the site at all times for audit purposes. This information would also be vital in the event that any premises need to be evacuated e.g. in the event of a fire.  The information in these registers is only retained for as long as necessary before being securely destroyed.

CCTV: The Trust has CCTV deployed around our sites, in addition some security personnel may also have body-worn cameras, which record both sound and images. Both of these are in order to manage and investigate the following circumstances:

  • alleged security incidents, theft, assault or any other crime on Trust premises
  • staff, visitor and patient safety
  • investigation of traffic incidents or congestion on the Trust site
  • supporting the management of a fire or major incident alert
  • the security of Trust premises
  • investigation of persons acting suspiciously on Trust premises
  • CCTV images are retained for 90 days.

Images and sound recording from body-worn cameras are retained for 90 days.

Images are only viewed by charity personnel, but images may be shared with the police where necessary to aid the investigation or prosecution of criminal activities within charity grounds and premises.

Donations

If you make any donations to us via website, please consult with the individual website privacy notice for how your information is used.

If you make a donation by telephone, limited information will be taken and processed by the finance team at Northumbria Healthcare in order to process the transaction.

Volunteering

If you apply to volunteer with Bright Northumbria Healthcare Charity, as part of the process we require the collection of personal data. The information we ask for is used to assess your suitability for volunteering. You don’t have to provide what we ask for but it might affect your application if you don’t.

How do we collect your personal data?

For volunteer applications, you will be required to submit an application form and return to the Bright Northumbria Healthcare Charity via email to volunteers@northumbria-healthcare.nhs.uk

For International volunteering applications, you will be required to fill in an online application form.

What we do with the information you provide to us?

All the information you provide during the process will be used for the purposes of progressing your application, or to fulfil legal or regulatory requirements as necessary.  It is also used as part of your ongoing personnel file if you are successful.

What information do we ask for and why?

We do not collect more information than we need to fulfill our stated purposes and will not retain it for longer than is necessary.

As part of the application process we will ask for:

  • Your name and date of birth
  • Full address including post code
  • Contact information – email address and phone number
  • Visa Details (if applicable)
  • Employment History (including any details of performance management/disciplinary history)
  • Criminal Convictions (if applicable)
  • Special Category Data (including gender, ethnicity, disability information) this information will only be used for monitoring purposes in an anonymised format and will help the organisation analyse the profile and make up of applicants and appointees to jobs in support of their equal opportunities policies.
  • Special Category Data (health information) for International Volunteering applicants – this will be used to assess for appropriate adjustments in relation to any health conditions if you are successful in securing a place.

How long is the information retained for?

If you are successful, the information you provide during the application process will be retained by us as part of your personnel file for the duration of your volunteering plus 6 years following the end of your volunteering. This includes your criminal records declaration, fitness to work and references. For any individuals who decide not to proceed with any application your information will be retained for 4 years.

If you are unsuccessful at any stage of the process, the information you have provided until that point will be retained for 18 months.

International volunteering applications/record

For International volunteering applications, if you are successful the information you provide during the application process will be retained by us for 2 years.

All information in relation to applications is stored on secure Trust systems/Networks and only accessible on a strict need-to-know basis.

Suppliers

As a supplier/ prospective supplier to the charity we collect the following information:

  • Name.
  • Company details & contact information (address, email, telephone number etc).
  • If you are a sole trader, your unique tax reference (UTR) number.

Your information is collected under a contractual legal basis under the Data Protection Act 2018/ General Data Protection Regulations and may be used for the following purposes:

  • Contacting you in relation to a procurement exercise.
  • Contacting you in respect of establishing or managing a contract.
  • If applicable your UTR number will be used to confirm that you are registered with HMRC for self-assessment tax purposes.

Information is only held for as long as is necessary for the purposes it has been collected for and in line with the appropriate retention periods stipulated by the records management code of practice for health and social care 2016.

Links to other websites

This privacy notice does not cover any links within this website that direct individuals to external websites that are not part of the Northumbria Group. We encourage you to read the privacy statements on the external websites you visit.

Cookies

When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small files known as cookies. They cannot be used to identify you personally.

These pieces of information are used to improve services for you through, for example:

  • Remembering if you have clicked “hide” or “show” on the accessibility toolbar.
  • Enabling a service to recognise your device so you don’t have to give the same information several times during one task.
  • Recognising that you may already have given a username and password so you don’t need to do it for every web page requested.
  • Measuring how many people are using services, so they can be made easier to use and there’s enough capacity to ensure they are fast.

You can manage these small files yourself and learn more about them at Directgov. You can also reject cookied by clicking “Cookie options” in the bottom left corner, however, certain functions on the website won’t work as expected.

Cookie NameDescription
civicAllowCookiesCookie Control: When you click “I’m happy with this…” on the Cookie Control user interface, a cookie is set in order to remember your preference.
civicShowCookieIconThese cookies are set only after the user has given consent to us to use cookies.
__utma __utmb __utmc ___utmvc __utmz _ga_{ID} _gat_gtag_UA_{ID}  Google Analytics: We use Google Analytics to monitor traffic levels, search queries and visits to this website.   Google Analytics stores IP address anonamously on its servers in the US, and neither Northumbria NHS Trust or Google associate your IP address with any personally identifiable information. These cookies enable Google to determine whether you are a return visitor to the site, and to track the pages that you visit during your session.   These cookies are set only after the user has given consent to us to use cookies.
incap_ses_{ID} visid_incap_{ID}  These cookies are used by our Web Application Firewall (WAF) which defends against malicious attacks. They identify the browser session and device of the visitor. These cookies are necessary and always in use.

Your rights

Under Data Protection Laws (General Data Protection Regulations) you are able to find out what information is held about you, on computer and in certain manual records. This is known as “right of subject access”.

If you want to see or receive a copy of your information, a copy of the application form can be found here, you can also contact please contact us on the details provided below. In certain circumstances access to your information/records may be limited, if such an instance occurred, we would provide reasons for this.

Under Data Protection Laws (General Data protection Regulations), you may also have additional rights in relation to your information. For example:

  • You also have the right to request any decisions taken by automated decision making with regards to your information;
  • You may have the right to erasure of your personal information held by us, in certain circumstances.
  • You have the right to withdraw consent at any time, where consent has been given.

Changes to our policy

If our privacy policy changes in any way, we will place an updated version on this page. Regularly reviewing the page ensures you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.

Further information

If you would like to know more about how we use your information or if, for any reason you do not wish to have your information used in any of the ways described above, please contact us using the information below. Further guidance about data protection can be obtained at www.ico.org.uk. You also have the right to lodge a complaint with the Information Commissioners Office.  Additionally the full Privacy Notice for Northumbria Healthcare can be found here

Contact information

Information Governance team
Information Governance
Digital Services
Northumbria Healthcare Manufacturing and Innovation Hub,
Avenue Road
Seaton Delaval
Whitley Bay
NE25 0QJ
0191 607 3609 or
igofficer@northumbria.nhs.uk

Data Protection Officer
Tracey Best
Digital Services
Northumbria Healthcare Manufacturing and Innovation Hub,
Avenue Road
Seaton Delaval
Whitley Bay
NE25 0QJ
tracey.best@northumbria.nhs.uk    

Do you want to get involved?

Volunteering can be highly rewarding.