Our Privacy Policy

D4HGN GDPR:

Introduction

This Privacy Notice sets out how we (D4HGN) use the personal data of website users, members, and visitors collected by membership, site visit and direct contact in line with Data Protection legislation (UK GDPR and Data Protection Act 2018).

The current data protection legislation came into force on 25 May 2018.  This governs the way that organisations use personal data.  Personal data is information relating to an identifiable living individual.

Transparency is a key element of the data protection legislation, and this Privacy Notice is designed to inform you:

  • how and why D4HGN uses your personal data,
  • what your rights are under UK GDPR, and,
  • how to contact us so that you can exercise those rights.

 

What are the legal conditions/lawful bases for processing?

The legal conditions/lawful bases for processing are set out in Article 6 of the UK GDPR. At least one of these must apply whenever D4HGN and other organisations process personal data:

  • (a) Consent: you, the data subject have given clear consent for D4HGN to process your personal data for a specific purpose.
  • (b) Contract: the processing is necessary for a contract that D4HGN has with you, or because you have asked D4HGN to take specific steps before entering into a contract.
  • (c) Legal obligation: the processing is necessary for D4HGN to comply with the law (not including contractual obligations).
  • (d) Vital interests: the processing is necessary to protect someone’s life.
  • (e) Public task: the processing is necessary for D4HGN to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.
  • (f) Legitimate interests: the processing is necessary for D4HGN’s legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.

 

Why are we processing your personal data?

We process your personal data to:

  • We process personal data to respond to enquiries, create content such as articles and exhibitions, and for our own reporting and development of the platform.
  • We do not sell or pass on personal information as a transaction.
  • Respond to enquiries (Legal Basis-Consent) from potential members such as responding to requests for information about our online exhibitions, benefits or sign up. You will have the opportunity to manage your preferences which includes the right to object to this processing and unsubscribe from communications at any time. D4HGN will respond promptly to any such request.
  • Respond to enquiries (Legal Basis-Consent) regarding or directed to either of D4HGN’s associated organisations, which include Lab4Living, UK, and Good Health Design, NZ.
  • Registration for events (Legal Basis-Consent) such as webinars, or in person conference attendance. We collect data that you provide to D4HGN, Lab4Living or Good Health Design to enable us to register you for both our online/digital/remote and in-person/physical events. Where you provide special categories of personal data/sensitive personal data e.g. access requirements/disability/reasonable adjustments, we process this data on the basis of your explicit consent. It is in D4HGN’s legitimate interests to provide you with further information when required, which we believe is relevant to your enquiry. You will have the right to object to this processing and unsubscribe from further communications at any time.
  • Registering you to use D4HGN online services (Legal Basis-Consent) such as video conference events and access to other online services. Information will only be used to enable you to access the online service you are registered for. Data will be retained while your registration on the service remains current and will be removed should your registration be removed. Data you post to an online service will remain after your registration is removed, for example discourse comments, exhibition photos or news articles.
  • Respond to enquiries and concerns raised by you about a staff or another member (Legal Basis – Consent). We will always obtain your consent before sharing with another member or staff that you have raised a concern, your personal data may be shared within the partner organisations (Lab4Living and Good Health Design) to facilitate the investigation of the concerns raised.
  • Respond to other enquiries (e.g. research, consultancy, business services) (Legal basis – consent, necessary for a contract, legitimate interests depending on the nature of your enquiry) – D4HGN will use the data that you provide to respond to your enquiry. To answer enquiries D4HGN may use a customer relationship management system (CRM). It is in D4HGN’s legitimate interests to provide you with further information which we believe is relevant to your enquiry. You will have the opportunity to manage your preferences which includes the right to object to this processing and unsubscribe from further communications at any time. In these cases D4HGN will respond promptly to any such request. Retention will depend on the nature of your enquiry.
  • Respond to Freedom of Information requests (Legal basis – legal obligation) – in order to make a valid FOI request, you must provide your name and an address /email address for correspondence. These are used for the purpose of managing your request and complying with our legal obligations. Data that you supply and our response to you will be retained for an indefinite period to fulfil legal obligations.
  • Subscription Services (Legal Basis-Consent) such as SMS text messages with regular updates. Any information you supply for this is used only to deliver messages based on the subject you choose to the email address or phone number you specify. You may unsubscribe at any time. In these cases D4HGN will respond promptly to any such request. Your data will be retained until you unsubscribe from this service.
  • Vital Interests To protect the vital interests of our stakeholders in emergencies/life or death situations/ where we believe that a stakeholder or another individual is at significant risk of harm.

 

Who do we share your data with?

You should be aware that in order to provide our services we may need to share your personal or sensitive personal data within the organisation or outside D4HGN, Lab4Living and Good Health Design. The privacy of your personal data is paramount and will not be disclosed unless there is a justified purpose for doing so. D4HGN and partners NEVER sells personal data to third parties.

Your data may be shared with:

  • D4HGN, Lab4Living and Good Health Design staff who need the information to process your request, purchase, or application, to make improvements to our service and to maintain the security and systems of our premises.
  • Contractors and suppliers, where D4HGN uses external services or has outsourced work which involves the use of your personal data on our behalf. D4HGN will ensure that appropriate contracts and/or data sharing agreements are in place and that the contractors and suppliers process personal data in accordance with the current data protection legislation and other applicable legislation. Examples of suppliers include Web site developers and domain hosting companies who host our platform, IT services and support, confidential waste disposal. If we need to transfer your personal information to another organisation for processing in countries that aren’t listed as ‘adequate’ by the European Commission, we’ll only do so if we have model contracts or other appropriate safeguards (protection) in place.
  • Emergency Services, and/or other support organisations called upon in case of an emergency where the disclosure of personal data is considered in the data subject’s vital interests or pertinent to their safety and well-being.
  • Police, and/or other organisations responsible for safeguarding or investigating a crime where a data subject may be involved.
  • Government bodies and departments, in the UK and overseas, responsible for statistical analysis, monitoring and auditing.
  • Insurers, legal advisors and auditors
  • The Information Commissioner’s Office to respond to complaints, challenges and audits.

We may also ask for your consent to use your personal data for other purposes. You will be given additional information for each purpose and have the right to withdraw your consent at any time.

 

Security

The University takes a robust approach to protecting the information it holds. This includes the installation and use of technical measures including two-factor authentication, limited administrator rights, and captcha login. D4HGN staff monitor and respond to suspicious activity.

Alongside these technical measures there are comprehensive and effective policies and processes in place to ensure that users and administrators of D4HGN information are aware of their obligations and responsibilities for the data they have access to. By default, people are only granted access to the information they require to perform their duties.

Data Subject Rights

One of the aims of the Data Protection Legislation is to empower individuals and give them control over their personal data.
UKGDPR gives you the following rights:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erase
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

 

Contact Us

  • If you would like to request copies of your personal data held by.
  • If you would like to exercise your other rights (e.g. to have inaccurate data rectified, to restrict or object to processing).
  • you have a query about how your data is used.
  • you would like to report a data security breach (e.g. if you think your personal data has been lost or disclosed inappropriately)
  • you would like to complain about how D4HGN has used your personal data

 

Further Information and Support

Please see more information about Cookies, GDPR, and User Agreement.

The Information Commissioner is the regulator for UK GDPR.  The Information Commissioner’s Office (ICO) has a website with information and guidance for members of the public:
https://ico.org.uk/for-the-public/

The Information Commissioner’s Office operates a telephone helpline, live chat facility and email enquiry service.  You can also report concerns online.  For more information, please see the Contact Us page of their website:
https://ico.org.uk/global/contact-us/

The Design4Health Global Network is not responsible for the content of external websites.