Privacy policy

Who we are and what we do

Ashgate Hospice is an independent registered charity that provides care to patients across North Derbyshire at the hospice and in the community. The hospice has a 21-bed Inpatient Unit, 16-place Day Hospice and provides a range of therapy and support services on site. The hospice also provides a wide range of community-based care and support services to enable people to stay in their own homes for as long as possible.

All services are provided free of charge to patients and their families which is mainly funded through donations, gifts in Wills and income raised through our fifteen shops and three coffee shops. Patients with any life-limiting illness can access Ashgate Hospice’s specialist services via a referral, normally through their GP.

We care about your personal information and it’s important that you know how we use it and how we keep it safe. This Privacy Policy covers how, when and why we use your information. It also explains the choices you have about the way in which we use your information and outlines your rights.

We are always happy to provide additional information where needed and our Data Protection Officer can be contacted either by email, telephone or in writing using these contact details:

Address: Data Protection Officer, Ashgate Hospice, Ashgate Road, Old Brampton, Chesterfield, Derbyshire, S42 7JD.

Telephone: 01246 568801

Email: dpo@ashgatehospice.org.uk

This Privacy Policy applies to all personal information held by Ashgate Hospice, whether you are a patient, service user, member of staff, volunteer, supporter or contractor.

For further details on the information we may hold about you as a supporter or customer, please refer to our ‘Keeping In Touch’ leaflet www.ashgatehospice.org.uk/contact-preferences/
For patients, please see our ‘How We Use Your Health Records’ leaflet.

Reviews and changes to our Privacy Policy

We keep our Privacy Policy under regular review. We will make updates if any of our processes or legislation changes. We advise you to visit this page regularly to keep up to date with any changes. This policy was last reviewed in February 2022.

Why we process personal information

We process personal information for various reasons:

• We collect and hold information about patients and next of kin to enable us to give you the correct care and treatment and to contact you and your loved ones about your healthcare or treatment. The information is held electronically and in paper records.
• We collect and hold information about our staff, volunteers and Trustees to communicate and carry out administration, as necessary for your role.
• We collect and hold information from donors and supporters to make better decisions about how we raise and spend funds. As a registered charity, the hospice relies largely on the people living in its local community for support – both financially and through Gifts in Kind.
• We hold information about our suppliers, including financial and contact information, who provide us with goods and services.
• We collect certain technical data from visitors to our website to ensure that content from our website is presented in the most effective manner for you and for your device. For more information, please see our ‘Cookies’ section further down this page.

We do not always need to use personal information. Sometimes we will use information that does not identify you i.e. statistics or anonymised reports.

How we collect and use personal information

We can receive personal information face to face, electronically, on paper (such as a form you complete) or verbally (during telephone conversations we have with you).

The information may come to us:

• directly from you, such as when you make a donation, attend the hospice as a patient or client, sign up to an event or activity, join our lottery, sign up as a Gift Aid donor in one of our shops, sign up as a volunteer or member of staff or enter into a formal contract with the hospice.
• from another organisation, for example, where you use fundraising sites such as Just Giving, to fundraise for Ashgate Hospice. These organisations may share your personal data with us if you allow them to do so.
• from social media sites or apps. If your settings and preferences allow, we can receive information from social media services such as Facebook and Twitter.

Information about other people

If you provide personal information to us about another person, please make sure that the person understands how their information will be used and that you are authorised to pass it onto us.

The personal information we collect

The type and quantity of personal information we collect and how we use it depends on why you are providing it. If you support us, for example, by making a donation, volunteering, registering to fundraise, signing up for an event or buying something from our shop, we will usually collect your name and your contact details. Occasionally, we may ask for your date of birth, for example, if there is an age restriction on an event or activity you have chosen to take part in (e.g. lottery players must be over 16).

If you are attending the hospice as a patient or service user, we will ask for detailed medical information. Our commitment to you is that we will only use this information for providing you with direct healthcare or treatment. We will share this information with other organisations, for example, your own GP, community nurse or hospital, in connection with healthcare or treatment to make sure that you receive the best quality care, both here at the hospice and in the comfort of your own home.

As part of our fundraising events and activities, and where it is appropriate, we may ask for:

• information relating to your health (for example, if you are taking part in a high-energy event such as one of our marathons or fun runs).
• how you heard about the event, activity or the hospice.
• why you have decided to donate to us (we understand that you may have private reasons and we only want to know the answer if you are comfortable telling us).
• your bank or credit card details (these are used for the single transaction only and are destroyed after use).

Where we are required to use personal information, we will only do this if we have a legal and legitimate reason to do so. Please see below our legal reasons for processing your personal information:

• The information is necessary for providing you with direct healthcare.
• We have received consent from you to use your information for a specific purpose other than healthcare e.g. fundraising, lottery, research.
• There is an overriding public interest in using the information e.g. to safeguard an individual or to prevent a serious crime.
• There is a legal requirement that will allow us to use or provide information e.g. a formal Court order, returns to HMRC (HM Revenue & Customs), information provided to regulatory bodies i.e. Care Quality Commission (CQC).
• We have set up a formal contract regarding the supply of goods or services or for employment purposes.
• We have a legitimate interest e.g. someone who wishes to volunteer for us, for direct marketing purposes (we will only use ‘legitimate interests’ where you have expressed an interest in an event or taken place in an event previously. For all other direct marketing purposes, we will only contact you if you have provided us with your consent).

Our commitment to data privacy and confidentiality issues

We are committed to protecting your privacy and will only process personal information in accordance with the Data Protection Act 2018, the UK GDPR (General Data Protection Regulation), the Common Law Duty of Confidentiality and the Human Rights Act 1998.  The hospice has a local policy on confidentiality which can be made available on request.

Ashgate Hospice is a Data Controller and we are legally responsible for ensuring that all personal information that we use about you is done in compliance with legislation.

As a data controller, we are required to register with the Information Commissioner’s Office (ICO). Our ICO Data Protection Register number is Z6214584 and our entry can be found on the Data Protection Register on the Information Commissioner’s Office website.

Everyone working for Ashgate Hospice has a legal duty to keep information about you confidential.

All personal information will be held securely and confidentially. We use administrative and technical controls to do this. We use strict controls to make sure only the people who need to see your information can do.

All our staff, volunteers and Leadership Team receive appropriate training to ensure they are aware of their personal responsibilities to uphold confidentiality.

We will only keep information for as long as we need to. This is in line with the NHS Records Management Code of Practice for Health and Social Care. Our Records Management Policy includes guidance around the secure destruction of information and makes sure that we do not keep information for longer than we need to.

We review our data at least annually and confirm that we do not currently process personal information outside Europe.

We will never sell any information about you or pass it onto anyone who is not authorised to receive it.

Your rights

You have certain rights over how your information is processed. They are:

• The right to be informed – we must tell you what we do with your personal information and why we are processing it.
• The right of access – this is the right for you to have access to and copies of information that we hold about you.

• The right to rectification – this is the right to have your personal data amended if it is incorrect or incomplete.
• The right to erasure – this is also known as the ‘right to be forgotten’. Health records are kept in line with NHS national guidance and it is extremely rare that we destroy or delete records earlier than the recommended retention period. We also have a statutory obligation to hold other records for a certain period of time e.g. staff records, volunteer records, records of donations, legacies. Therefore, a request for erasure of all or part of any record will always need to be discussed with our Data Protection Officer.
• The right to restrict processing – this is the right to block or suppress the processing of your personal data. Please note, it will not be possible to restrict processing whilst someone is receiving care and treatment at the hospice.
• The right to data portability – this is the right to receive your personal information if you have provided it to us as part of an automated process. You can also ask us to transfer your information to another organisation.
• The right to object – this is the right to object to the hospice processing data because of a particular situation. It is extremely rare that we would stop processing your health data if you wish to continue to be treated by the hospice. We also have a statutory obligation to process other records e.g. staff records, volunteer records, records of donations, legacies. Therefore, a request to stop processing will always need to be discussed with our Data Protection Officer.

• Rights in relation to automated decision making and profiling – safeguards individuals against the risk that a potentially damaging decision is taken without human intervention. The hospice does not undertake automated decision making or profiling.

You have the right to refuse or withdraw consent to information sharing at any time by using the contact details at the top of this page. If there are any consequences to withdrawing consent these will be fully discussed with you first.

Complaints

Ashgate Hospice aims to meet the highest standards when collecting and using personal information. We take any complaints we receive about this very seriously. We encourage people to bring concerns to our attention and we also welcome any suggestions for improving our procedures. Contact details for complaints regarding the processing of information should be directed to the Data Protection Officer using the details provided at the top of this page.

You can also raise a concern directly with the ICO here; although our aim is to resolve your complaint swiftly ourselves in the first instance. For more information on how to make a suggestion or complaint, please see our guidance leaflet ‘A Guide to Suggestions and Complaints’.

Cookies

Most websites you visit will use cookies in order to improve your user experience by enabling that website to ‘remember’ you. Cookies do lots of different jobs, like letting you navigate between pages efficiently, storing your preferences and generally improving your experience of a website. Cookies make the interaction between you and the website faster and easier.

Cookies may be set by the website you are visiting or they may be set by other websites who run content on the page you are viewing.

We use cookies as part of our website, but no personal information is collected. The cookies are only used to improve how our website functions and make it easier for you to use it.

What is in a cookie?

A cookie is a simple text file that is stored on your computer or mobile device by a website’s server and only that server will be able to retrieve or read the contents of that cookie. Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier, the site name and some digits and numbers. It allows a website to remember things like your preferences e.g. which adverts you would prefer to see.

What to do if you don’t want cookies to be set

Some people find the idea of a website storing information on their computer or mobile device intrusive. Although this is generally harmless, you may not, for example, want to see advertising that has been targeted to your interests. If you prefer, you can block the non-essential cookies, or even  delete cookies that have already been set but you may lose some functions of the website. When you first access our website, you will have a choice to accept or block non-essential cookies. If you have any concerns about cookies, please contact our Data Protection Officer.