The following privacy statement aims to outline in a clear and transparent manner the ways in which we collect and use your data, and what we do to safeguard your data from inappropriate or improper use.
If you have any questions, comments or complaints about it, please email firstname.lastname@example.org or call us on 0207 324 4739.
In particular, you have specific rights to:
- be provided with a copy of the data we hold about you and what we do with it;
- ask to correct or update any data we hold that is incorrect;
- ask us to stop processing your data.
Please direct any such request to the address above and we will see to it as soon as we can.
Ways we collect and use data
On this website
We use Google Analytics to monitor visits to our website, in order to better understand how the website is used and what content people find interesting. Cookies are used to identify visitors as they move around the site; and we also monitor when people start and submit some of the forms on the site to see how they are working.
In theory, the data collected by Google Analytics could be used to identify specific individuals, but we make a conscious effort not to.
If you do not wish for you usage of the site to be tracked in this way or would prefer to not have cookies saved to your computer, please reject the cookies agreement pop-up displayed when you first visit the site, or change the settings in your web browser.
For our email lists
We operate a number of email lists for keeping members and supporters up to date with the latest news about our work; opportunities to get involved with actions and events; and ways to support us by donating to appeals or joining as a member.
As well as a central Medact list, we maintain separate lists for a few of our campaigns and member groups. We allow the coordinators of these campaigns/groups access to email these lists, though not to see the information of individuals on them.
We will always ask for your express consent before adding you to any email list. We might add the option to another action, such as a petition, but it will always be optional.
We sometimes use additional information we may have about your background, interests or past activities with Medact in an effort to send you only the most relevant emails.
The email system that we use for mailings tracks successful deliveries, opens and link clicks and we use this data to see how relevant what we send is to our supporters.
You can update your email preferences or unsubscribe from future emails at any time – either using links at the bottom of the email, or by emailing email@example.com.
For member forums
We also host a number of Google Group forums for our member groups.
These forums allow members in a group to stay in closer contact with each other. All members of these groups are able to send messages to the group directly; and group co-ordinators are able to see details of individuals in the group.
You can see a list of all update your email preferences for groups here: https://groups.google.com/a/medact.org/forum/#!myforums
On social media
We monitor interactions with our social media channels in order to assess our impact and reach, and attempt to understand it better.
Please be aware that whenever you use social media platforms, including via the sharing buttons on this website, your activity is more often than not publically accessible and identifiable to you.
When running actions & events
We keep records of people taking part in actions or events we organise in order to be able to measure the impact and reach of our work, as well as to understand more about what interests and motivates our supporters.
We may use this information to tailor emails we send you.
Where events are eligible for Professional CPD points we maintain membership registers in accordance with accreditation requirements.
As part of membership
On joining, we ask members for personal information including your contact details, information about your professional background and expertise, affiliations and interest.
We use this information along with members’ membership histories both in order to understand more about our impact and reach; and also to identify particular opportunities to involve members in our work.
We periodically contact members by either email, post or telephone for the purposes of administering membership – e.g. to confirm about membership renewal or provide notice of our AGM. We may also get in touch periodically to check the up-to-dateness of information we hold for you.
We provide contact details for eligible new members to Taylor & Francis as the publisher of our journal, so that they can invite you to redeem your complimentary subscription.
When you donate
We retain personal information of donors where this is given for our financial records, and for processing Gift Aid claims in order to maximise the value of donations.
If you donate by post we may retain addresses to send you details of future appeals.
What we do to keep your data safe
Data access at Medact is restricted only to appropriately trained staff and volunteers with a specific need to use the data.
We use a variety of technologies and best-practices to secure data, including:
- strong password policies and two-factor authentication for user accounts;
- full disk encryption for physical drives;
- SSL/VPN/firewalls for network security;
- regular software updates and backups;
- central device management.
External data processors
We will not share your data beyond Medact except with verified external suppliers where necessary for carrying out the stated purpose of data collection; or with your explicit consent.
We aim to keep the use of external data processors to a minimum, but the main external providers we currently use are:
- Google, for our email service, web forums, cloud documents and storage, and website analytics
- Microsoft, for cloud computing
- Xero, for financial administration
- RSM2000, PayPal & Charities Aid Foundation for processing payments, subscriptions & donations
- Mailchimp, for maintaining member group email lists