Privacy Policy

Privacy Notice

Bright Northumbria is a registered charity and donations make it possible for us to support a number of projects which can make a huge difference to our patients.

How we use your information

This privacy notice tells you what to expect when Bright Northumbria Charity collects personal information. It applies to information we collect about:

  • Visitors to our websites
  • Individuals who submit general enquires to us or provide donations.

While visiting our website there may be instances where we may collect personally identifiable information through our website.  On the Bright Northumbria Charity Website this is done so when you submit a general enquiry to use. We collect name and contact details in order to provide you with a response.

There may be occasion when we need to share your information with other organisations in order to carry out our public functions, in such circumstances we make every effort to establish a written form of agreement/ contract in such cases to ensure that all information is kept secure and is not disclosed to any unauthorised individuals.

Security

This site has security measures in place to protect the loss and alteration of information under our control.

People who contact us via social media

If you send us a private or direct message via social media the message will be accessible by the communications team at Northumbria Healthcare NHS Foundation Trust. It will not be shared with any other organisation unless there is a legal requirement to do so. Feedback received via social media may be used internally in reports, all personal identifiable information is however removed.

People who contact us via phone

When you call any telephone number belonging to Bright Northumbria Charity, we collect calling line identification (CLI) information.  We use this information for audit and security purposes.

Some of our services may require you to provide us with personal information over the phone. All information provided to us via this method is treated processed in line with Data protection legislation (GDPR) and trust policies.

When you call some of our services, we may record these calls. You will be notified however that you are being recorded before this takes place. All recorded calls are securely stored in line with Data Protection requirements and are retained for six months.

People who email us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

People who make a complaint to us

When we receive a complaint from an individual, we create a file containing the details of the complaint. This usually contains the identity of the complainant and any other individuals involved in the complaint.

We will only use the personal information we collect to process the complaint and to check on the level of service we provide, information may also be used to improve the services we provide. We compile and publish statistics & report showing information like the number of complaints we receive. This does not contain any identifiable information.

We may have to disclose the complainant’s identity to whoever the complaint is about (e.g. informing the relevant service). This may be necessary in order to investigate complaints, for example if a service need to investigate medical treatment, this will be needed in order to check patient records. If a complainant doesn’t want information identifying them to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.

We will keep personal information contained in complaint files in line in line with our complaint policy. It will be retained in a secure environment and access to it will be restricted accordingly to those who need access to it for the purposes of complaint investigation.

Visitors to our physical sites

Visitors: During visits to our sites, visitors may be asked to sign in on a register. The information provided in relation to this may include your name & purpose of your visit.

This is so that Northumbria Healthcare is aware of who is visiting the site at all times for audit purposes. This information would also be vital in the event that any premises need to be evacuated e.g., in the event of a fire.  The information in these registers is only retained for as long as necessary before being securely destroyed.

CCTV: The Trust has CCTV deployed around our sites, in addition some security personnel may also have body-worn cameras, which record both sound and images. Both of these are in order to manage and investigate the following circumstances:

  • alleged security incidents, theft, assault, or any other crime on Trust premises
  • staff, visitor, and patient safety
  • investigation of traffic incidents or congestion on the Trust site
  • supporting the management of a fire or major incident alert
  • the security of Trust premises
  • investigation of persons acting suspiciously on Trust premises
  • CCTV images are retained for 90 days.

Images and sound recording from body-worn cameras are retained for 90 days.

Images are only viewed by charity personnel, but images may be shared with the police where necessary to aid the investigation or prosecution of criminal activities within charity grounds and premises.

Donations

If you make any donations to us via website, please consult with the individual website privacy notice for how your information is used.

If you make a donation by telephone, limited information will be taken and processed by the finance team at Northumbria Healthcare in order to process the transaction.

Suppliers

As a supplier/ prospective supplier to the charity we collect the following information:

  • Name.
  • Company details & contact information (address, email, telephone number etc).
  • If you are a sole trader, your unique tax reference (UTR) number.

Your information is collected under a contractual legal basis under the Data Protection Act 2018/ General Data Protection Regulations and may be used for the following purposes:

  • Contacting you in relation to a procurement exercise.
  • Contacting you in respect of establishing or managing a contract.
  • If applicable your UTR number will be used to confirm that you are registered with HMRC for self-assessment tax purposes.

Information is only held for as long as is necessary for the purposes it has been collected for and in line with the appropriate retention periods stipulated by the records management code of practice for health and social care 2016.

Links to other websites

This privacy notice does not cover any links within this website that direct individuals to external websites that are not part of the Northumbria Group. We encourage you to read the privacy statements on the external websites you visit.

Cookies

When we provide services, we want to make them easy, useful and reliable. Where services are delivered on the internet, this sometimes involves placing small amounts of information on your device, for example, computer or mobile phone. These include small files known as cookies. They cannot be used to identify you personally.

These pieces of information are used to improve services for you through, for example:

  • Remembering if you have clicked “hide” or “show” on the accessibility toolbar.
  • Enabling a service to recognise your device so you don’t have to give the same information several times during one task.
  • Recognising that you may already have given a username and password, so you don’t need to do it for every web page requested.
  • Measuring how many people are using services, so they can be made easier to use and there’s enough capacity to ensure they are fast.

You can manage these small files yourself and learn more about them at Directgov. You can also reject cookied by clicking “Cookie options” in the bottom left corner, however, certain functions on the website won’t work as expected.

Cookie NameDescription
civicAllowCookiesCookie Control: When you click “I’m happy with this…” on the Cookie Control user interface, a cookie is set in order to remember your preference.
civicShowCookieIconThese cookies are set only after the user has given consent to us to use cookies.
__utma __utmb __utmc ___utmvc __utmz _ga_{ID} _gat_gtag_UA_{ID}  Google Analytics: We use Google Analytics to monitor traffic levels, search queries and visits to this website.   Google Analytics stores IP address anonymously on its servers in the US, and neither Northumbria NHS Trust or Google associate your IP address with any personally identifiable information. These cookies enable Google to determine whether you are a return visitor to the site, and to track the pages that you visit during your session.   These cookies are set only after the user has given consent to us to use cookies.
incap_ses_{ID} visid_incap_{ID}  These cookies are used by our Web Application Firewall (WAF) which defends against malicious attacks. They identify the browser session and device of the visitor. These cookies are necessary and always in use.

Your rights

Under Data Protection Laws (General Data Protection Regulations) you are able to find out what information is held about you, on computer and in certain manual records. This is known as “right of subject access”.

If you want to see or receive a copy of your information, a copy of the application form can be found here, you can also contact please contact us on the details provided below. In certain circumstances access to your information/records may be limited, if such an instance occurred, we would provide reasons for this.

Under Data Protection Laws (General Data protection Regulations), you may also have additional rights in relation to your information. For example:

  • You also have the right to request any decisions taken by automated decision making with regards to your information.
  • You may have the right to erasure of your personal information held by us, in certain circumstances.
  • You have the right to withdraw consent at any time, where consent has been given.

Changes to our policy

If our privacy policy changes in any way, we will place an updated version on this page. Regularly reviewing the page ensures you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.

Further information

If you would like to know more about how we use your information or if, for any reason you do not wish to have your information used in any of the ways described above, please contact us using the information below. Further guidance about data protection can be obtained at www.ico.org.uk. You also have the right to lodge a complaint with the Information Commissioners Office.  Additionally, the full Privacy Notice for Northumbria Healthcare can be found here

Contact information:

Information Governance team
Information Governance
Digital Services
Northumbria Healthcare Manufacturing and Innovation Hub,
Avenue Road
Seaton Delaval
Whitley Bay
NE25 0QJ
0191 607 3609 or igofficer@northumbria.nhs.uk

Data Protection Officer
Tracey Best
Digital Services
Northumbria Healthcare Manufacturing and Innovation Hub,
Avenue Road
Seaton Delaval
Whitley Bay
NE25 0QJ

tracey.best@northumbria.nhs.uk    

Do you want to get involved?

Volunteering can be highly rewarding.

GET INVOLVED