Highland and Islands Blood Bikes
This policy refers to HAIBB and how personal data is processed in compliance with the Data Protection Act (DPA) 1998 and the new General Data Protection Regulation (GDPR) which came into effect from 25th May 2018. Headings within this policy are inserted for the convenience of the reader only and are not to be considered when interpreting this policy.
Personal data is any information that could identify a person (data subject). Personal sensitive data relates to information concerning a data subject’s racial or ethnic origin, political opinions, religious beliefs, trade union activities, physical or mental health, sexual life, or details of criminal offences.
A data subject (those whose data we hold) is any identified or identifiable person whose personal data is processed by the data controller. A data controller (HAIBB) determine s the purposes for data processing and the way personal data is processed.
Processing is any action or actions performed on personal data such as collection, organisation, storage, erasure or destruction.
HAIBB collects personal data that is required for the provision of the services it offers to the NHS Boards across the Highlands and Islands. This can include:
- Next of Kin details
- Email addresses
- Telephone numbers
- Demographic information such as postcode and collection address
- Car/Motorcycle Licence details, advanced riding/driving qualifications and any other relevant information such as Driving Record, Penalty points awarded etc.
- Shift details
- Training requirements, and training conducted
- Supervision and performance data
HAIBB collects any additional data received by email, letter, telephone, through the website (www.haibloodbikes.co.uk) or by any other means of correspondence.
Data Protection and Retention
To prevent unauthorised access or disclosure, HAIBB has suitable physical, electronic and managerial procedures to safeguard and secure personal data.
HAIBB retains personal data for no longer than is necessary. Data will only be held for the reason(s) it was originally collected and where otherwise required by law.
Personal data retained by HAIBB can be reviewed annually to determine whether it is still needed and accurate. Data which is found to be unnecessary, or inaccurate, will be deleted according to the guidance in the paragraph above.
All personal details will be held only whilst a volunteer remains a Member off HAIBB. Thereafter all data will be erased in line with our Data Retention timescales. However, if a Data Subject asks that their data be removed immediately, HAIBB will comply with the request (unless there is a valuable, and legal reason why the data should not be deleted).
Please be aware that companies can keep personal data for longer if kept for public interest archiving or statistical purposes.
Data may be obtained from cookies through the HAIBB website (www.haibloodbikes.co.uk). Cookies are small text files that are placed on a device by websites when they are visited. Cookies enable delivery of more personalised content and are widely used to make websites work or work more efficiently.
Most web browsers allow some control of most cookies through the browser settings. Please note that in a few cases some website features may not function if cookies are removed from the browser.
When the HAIBB website (www.haibloodbikes.co.uk) is visited, a third-party service called Google Analytics is used to collect standard internet log information and details of visitor behaviour patterns. This is to discover factors such as the number of visitors to various parts of the website.
This information is processed in a way that does not identify anyone; HAIBB does not make, and does not allow Google to make, any attempt to find out the identities of those visiting www.haibloodbikes.co.uk.
HAIBB acts as a data controller by processing personal data. Processing is always with legitimate interest and compatible with the reason(s) the data was originally collected.
HAIBB collects and uses personal data to provide our Members and Customers with requested products and services and for internal record keeping. HAIBB may contact Members and our Customers regarding products and services and in response to enquiries. HAIBB does not contact Members of Customers with unrelated marketing information.
HAIBB may be required to process personal data for investigating, detecting and reporting crime; to demonstrate compliance and to actively comply with industry standards and any laws and acts that may apply.
The HAIBB website (www.haibloodbikes.co.uk) may contain links to external websites. HAIBB is not responsible for the practices of other websites and encourages visitors to read the privacy policies of every website that collects personal data.
HAIBB may occasionally update this policy therefore our Members, Customers and visitors to our website ( www.haibloodbikes.co.uk) may want to review it each time personal data is provided.