The Association of Radical Midwives (ARM) understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, www.midwifery.org.uk, (our ‘Site’) and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
1. Definitions and Interpretation
In this Policy the following terms shall have the following meanings:
|“Account”||means an account required to access and/or use certain areas and features of our Site;|
|“Cookie”||means a small text file placed on your computer or device by our Site when you visit certain parts of our Site and/or when you use certain features of our Site. Details of the Cookies used by our Site are set out in Part 14, below; and|
|“Cookie Law”||means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;|
2. Information About Us
Our Site is owned and operated by the Association of Radical Midwives, a Charity registered with the Charity Commission in England under charity number 1060525.
Registered address: Little Park End, Park End, Simonburn, Hexham, NE48 3AE.
Data Controller: The Association of Radical Midwives
Data Privacy Manager: Irene Walton, Membership Secretary
Email address: firstname.lastname@example.org.
We are regulated by The Charities Commission for England and Wales.
ARM offers information and help to those having difficulty in getting or giving sympathetic,individualised NHS maternity care. We also provide support to midwives in giving that care. We have over 50 local contacts around UK, many with local groups holding regular meetings.
3. What Does This Policy Cover?
4. What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
5. What Are My Rights?
Under the GDPR, you have the following rights, which we will always work to uphold:
- The right to access the personal data we hold about you. Part 13 will tell you how to do this.
- The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 15 to find out more.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we Please contact me using the details in Part 15 to find out more.
- The right to restrict (i.e. prevent) the processing of your personal data.
- The right to object to us using your personal data for a particular purpose or purposes.
- The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
- Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 15.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
6. What Data Do We Collect?
If you comment on a news or blog post, the information will be published and the comment is available for search by search engines. We also hold your email address.
If you’re a member and you post on our member forum, the information will be published on our forum and will be available for other members to see but will not be available for search by search engines.
We also offer a sign up service for everyone to get latest news about our campaigns via email and so if you have signed up, we will hold your contact details for this purpose.
By registering as a member with the Association of Radical Midwives, it is understood that members are actively seeking to be part of the Association of Radical Midwives and its activities. You still have control over your personal data and how it is used and you may change or delete your data at any time.
If you join ARM online, we will use your data for the purposes of administering your membership and we will contact you from time to time with news and updates within the field of birth and the maternity services and other issues relating to your membership and to our charity aims.
We may collect, store and use the following kinds of personal information:
(a)information about your computer and about your visits to and use of this website including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths;
(b) information that you provide to us when registering with our website including your email address;
(c) information that you provide when completing your profile on our website including your name, address, telephone, and employment details;
(d) information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters and/or our magazine, Midwifery Matters, including your name and email address;
(e) information that you provide to us when using the services on our website, or that is generated in the course of the use of those services including the timing, frequency and pattern of service use;
(f) information relating to any purchases you make of our goods and/or services or any other transactions that you enter into through our website including your name, address, telephone number, email address.
(g) we don’t hold your card or payment details as these are dealt with by third party providers including Stripe, Paypal and banks using the BACS system.
(h) information that you post to our website for publication on the internet including your user name and the content of your posts;
(i) information contained in or relating to any communication that you send to us or send through our website including the communication content and metadata associated with the communication; and
(j) any other personal information that you choose to send to us.
Please note that before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
7. How Do You Use My Personal Data?
Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for us to fulfil our obligations as a membership organisation to you, because you have consented to our use of your personal data, or because it is in our legitimate interests as a charity to use it.
Your personal data may be used for any of the following purposes depending on whether you are a visitor to our website or whether you have signed up as a member of ARM or a user of our shop or a user of our Midwives’ Haven service or our enquiry service.
- Providing and managing your access to our Site and the business of our Charity;
- Providing and managing your membership of ARM;
- Supplying you with products purchased through our website;
- Supplying you with membership services if you join ARM online via our website;
- Providing you with details of events or activities you have purchased via our website;
- Sending invoices and payment reminders to you and collecting payments from you;
- Communicating with you. This may include responding to emails or calls from you;
- Supplying you with information or products (such as our magazine, Midwifery Matters) by email or post that you have opted-in to as part of your membership of ARM (you may unsubscribe or opt-out at any time by using the unsubscribe option in the email, or by emailing our Data Privacy Manager, Irene Walton at email@example.com);
- Analysing your use of our Site and gathering feedback to enable us to continually improve our Site and your user experience;
- Sending you email notifications that you have specifically requested;
- Sending you non-marketing communications;
- Sending you our email newsletter and campaign updates, if you have requested these (you can inform us at any time if you no longer require the newsletter and/or campaign updates);
- dealing with enquiries and complaints made by or about you relating to our website;
- keeping our website secure and prevent fraud; and
verifying compliance with the terms and conditions governing the use of our website (including monitoring our private forum);
- if you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the license you grant to us;
- Part of the Charity’s work is to assist members and non-members with giving or receiving individualised maternity care. We also assist those who face difficulties in the course of their professional work with childbearing women. We may contact you in order to seek your permission to share your personal data with other members or enquirers in pursuit of this work, but we will never share your personal data without such permission.
- Your membership details are private. We will never publish these details unless we have your express permission to do so. You can also amend the contact preferences in your account.
We don’t use your personal data for marketing purposes, but with your permission and/or where permitted by law, we may use your personal data in order to provide you with information, news, events, notices of conferences or meetings and other services relevant to your membership of ARM if you have signed up as a member. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.
We don’t use automated marketing decision-making software, but we do use the automated email marketing service, Mailchimp, for purposes of sending out emails to our members. We also use Mailchimp to send out newsletters and campaign updates to non-members who have signed up for these via our website. Mailchimp is compliant with GDPR requirements and has provided easy ways to unsubscribe at any time using the unsubscribe option at the bottom of each email. You may also request to unsubscribe from these emails by contacting our Data Controller, Irene Walton, on firstname.lastname@example.org.
8. How Long Will You Keep My Personal Data?
We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will therefore be kept for the following periods (or, where there is no fixed period, the following factors will be used to determine how long it is kept):
- Information pertaining to your membership of ARM will be retained for as long as you continue to be a member;
- If your membership expires and you do not immediately renew your membership, we will retain your information for one year following expiration. This is to allow you to easily renew your membership without adding your data again if you wish. After one year all your data will be deleted and if you rejoin you will need to provide us with your information again.
9. How and Where do you Store or Transfer My Personal Data?
We will not, without your express consent, supply your personal information to any third party for the purpose of their or any other third party’s direct marketing.
Your personal data is stored on our servers which are in the European Economic Area. If we share your personal data with any third party service provider in the course of providing you with our services, those third parties are required to process your data in accordance with contracts which comply with data protection legislation.
10. Do You Share My Personal Data?
We share limited personal data with GDPR-compliant partners who assist us in fulfilling our aims as a Charity and Membership Organisation. These organisations are our website administrator, third party providers for secure processing of purchases through our shop, and our magazine printer and mail services. All these partners are GDPR compliant and your information and privacy will be protected by them in line with GDPR legal requirements. We will not share any of your personal data with any other third parties for any purposes, including marketing, subject to one important exception.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
11. How Can I Control My Personal Data?
- In addition to your rights under the GDPR, set out in Part 5, when you submit personal data via our Site, you may be given options to restrict our use of your personal data. In particular, we aim to give you strong controls on the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in the emails OR at the point of providing your details and by managing your membership account or by directly contacting email@example.com).
- You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving communications that you have consented to receiving.
12. Can I Withhold Information?
You may access our Site without providing any personal data at all. However, to use all features and functions available on our Site you may be required to submit or allow for the collection of certain data.
13. How Can I Access My Personal Data?
If you want to know what personal data we have about you and you are a member of ARM, if you login to your account you will have immediate access to all the information we have about you and you will have the ability to change that information yourself. Or please email our membership secretary, Irene Walton using the email firstname.lastname@example.org or email@example.com.
Alternatively, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 15.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
What are cookies?
A cookie is a piece of information in the form of a very small text file that is placed on an internet user’s computer. It is generated by a web page server (which is basically the computer that operates the web site) and can be used by that server whenever the user visits the site. A cookie can be thought of as an internet user’s identification card, which tells a web site when the user has returned.
Cookies can’t harm your computer and we don’t store any personally identifiable information about you on any of our cookies.
We use two types of cookies: cookies set by our website and cookies set by third parties (i.e. other websites or services).
Our cookies enable us to keep you signed in to your account throughout your visit and to tailor the information displayed on the site to your preferences.
We also use third party cookies to help deliver relevant information and to integrate content with social networks, such as Facebook and Google+, and to better understand how the features and functions of the site are used in order that we can improve our service.
15. Security of personal information
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
All electronic financial transactions entered into through our website will be protected by encryption technology.
You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping the password you use for accessing our website confidential; we will not ask you for your password (except when you log in to our website).
Your password is only known to you and you can change it at any time in your membership account. Online security risks can be minimised simply by ensuring that your password is always kept secure. We recommend you follow the password security advice below:
(a) Always use a password which is personal and does not contain your name, email address or the word ‘password’
(b) Ensure your password contains both letters and numbers
(c) Never give your password out to anyone – we will never ask you for your password
(d) Change your password at least once every three months
(e) Take a moment to memorise your password so you don’t need to write it down
(f) Try and use a different password for each different website you use
16. How Do I Contact You?
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details (for the attention of Irene Walton):
Email address: Irene@midwifery.org.uk.
Postal Address: Irene Walton, Subject Access Request c/o Little Park End, Park End, Simonburn, Hexham, NE48 3AE
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our Charity in a way that affects personal data protection.
Hopefully that has clarified things for you and as was previously mentioned if there is something that you aren’t sure whether you need or not it’s usually safer to leave cookies enabled in case it does interact with one of the features you use on our site. However if you are still looking for more information then you can contact us here: Contact Page.