Detailed Privacy Policy for Friends, Supporters and the MMS Website

Society of Catholic Medical Missionaries - Central Fund, aka Medical Mission Sisters - Registered Charity No: 1072554

Purpose of this Notice

This Privacy Notice outlines the way in which the Society of Catholic Medical Missionaries – Central Fund, also known as Medical Mission Sisters will use personal information provided to them. Personal information includes any data that identifies you personally, such as your name or contact details as well as other information with which you freely provide the Medical Mission Sisters, or which we may obtain through your visit to the Medical Mission Sisters' website. Respecting the importance of your privacy and personal data, we outline below how we use, disclose and protect this information. This privacy statement also tells you about your rights to control this data.

The Board of Trustees of the Society of Catholic Medical Missionaries – Central Fund controls the data it holds, decides how the data is processed and for what purposes. In case you have any questions or information updates, please contact the Society's Data Protection Contact, using the address provided at the end of this document.

Why we collect data:

It is a legitimate interest of charities to communicate and interact with the wider public and with interested groups of people. We collect, store and process personal data for the following purposes:

  1. Responding to enquiries made to Medical Mission Sisters;
  2. Maintaining up-to-date data for ease of communication/ interaction with our friends and supporters and for meeting our obligations to them;
  3. Processing donations received and maintaining accurate accounts and records (including the processing of Gift Aid applications);
  4. Furthering our charitable aims through public relations and fundraising and by sharing current news about our charitable activities worldwide with the interested public;
  5. Inviting the interested public to Medical Mission Sisters’ events; and
  6. Fulfilling contractual or other legal obligations.

How we use personal data

Our primary goal in collecting personal data from you is to provide you with the desired information and interact with you in a way that meets your needs. We only collect personal data from you through information provided through enquiry forms (if submitted), your expressed wish for further news updates, information and website usage data. We do give you the option to access our website’s homepages without subscribing or registering or disclosing your personal data.

Please note that www.medicalmissionsisters.org.uk (“this site”) does contain links to external websites, namely of Medical Mission Sisters living and working in other countries. This privacy statement does not cover the activities of these sites. Please consult the respective privacy policies on those websites for information on how your data is used by them.

Website cookies and similar technologies

We use cookies to improve the performance of the site. You can find more about this in our cookie policy.

Disclosure of information

Personal information will not be shared with any third party outside our Society without your consent, unless we are obliged or permitted to do so by law.

Medical Mission Sisters does not sell or pass on personal contact details to any organisation and will not do so in future without asking you for your specific consent to that scheme.

If you inform us about your interest in a particular project or activity of Medical Mission Sisters in other countries and give consent, we will pass on some of your personal data to them for ease of communication and interaction.

Medical Mission Sisters will only share your personal information with external third parties where this is necessary for the purposes of data processing. If we enter into a contract with companies for data processing, i.e., hosting of our email services, website or data backup, we will ensure that they fulfil their contractual obligation and in line with the UK 2018 Data Protection Act (UK GDPR). We also use other third parties, i.e., CAF, to process personal details in connection with online donations or payments.

We may also disclose your personal data to other third parties including professional advisers, or governmental or State institutions or regulatory authorities, where necessary, in order to exercise or defend legal rights or where required by law.

All third-party service providers process your personal information only on the Society’s behalf and are bound by contractual terms that are compliant with data protection law.

Legal Basis for processing personal information

Under the UK's General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, organisations are required to have a legal basis for processing personal data. Our legal bases for processing data are:

We were set up to “advance the religious, health-related and other charitable work” and to “invite“ ...and “accept donations … for the general charitable purpose of the Charity or for particular charitable purposes“. It is in therefore our legitimate interest to collect, store and process the personal data of our friends and supporters, i.e., those who have been in regular contact with us, who have provided us with their personal data, or who have given consent to the processing of their personal data for specific purposes.

Any processing of your personal data is permitted only in as far as our legitimate interest as a charity is not outweighed by your legitimate rights and freedoms.

We respect your rights as subject of your personal data and will honour your requests and direction about the way we use them. We will adjust or stop processing your personal data as soon as you make known to us your objections. However, we may still need to hold the de-activated data in our records for a certain period in order to fulfil our legal and canonical obligations.

Storage, security and Transfer of personal information

Medical Mission Sisters strives to ensure that personal data is accurate and held in a secure and confidential environment, granting restricted access only to persons authorized to process the data. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.

Once we have received your information, we will use strict procedures and security features trying to prevent inadvertent modification, unlawful destruction, accidental loss or disclosure of your personal data to any unauthorized person or third party, unless you have provided us with your explicit consent for such sharing.  (Please see above.)

All our employees, contractors and data processors, who have access to, and are associated with the processing of your personal data on our behalf, are obliged to keep the information confidential and not use it for any other purpose than to carry out the services they are performing for us, in line with the standards set out in the UK GDPR.

We will keep your personal data only for as long as you have regular contact with us, for as long as we are obliged to keep it by law, or may need it in order to respond to any questions or complaints or to show that we treated you fairly.

When your data is no longer needed, it will be securely destroyed or permanently rendered anonymous. [For detailed information, contact us at the address below.]

We may keep personal data for statistical purposes, but only in an anonymized form.

Your personal data is stored on servers in the European Economic Area (EEA). If we share your personal data with any third-party service provider, those third parties are required to process your data in accordance with contracts which comply with current European data-protection legislation.

Your Rights

Getting a copy of your personal information

You have the right to be informed about the personal data which we hold about you and – upon a written request – to receive an electronic copy of the data.

Objections

You have the right to question or object to our use of your personal data, to ask us to remove or stop using and processing this data, if you see no need to do so.

If we are processing your data on the basis of your explicit consent, you can withdraw your consent at any time.  In this case, please inform us by writing to generalate@medicalmissionsisters.org.uk

There may be legal or other reasons why we need to keep or use your data to fulfil legal obligations. Please tell us if you think that we should not be actively using it.

Inaccuracies

Please inform us in writing about any changes in your personal data, or if you believe that your personal data held by us is faulty, thus ensuring that we use the correct information when communicating with you. Any incomplete or faulty data will be corrected as quickly as possible.

At any point, you can make a request to us via email.  We will try to respond within one month.

Privacy policy updates

This privacy policy is subject to occasional revision and we will place any updates on this web page. If we make substantial changes to this privacy policy, we will notify you through the website interface, or, if you have provided your email address and given consent for its use, by email. You are responsible at all times for keeping your email address up to date. Any changes to this privacy policy will be effective immediately and your continued use of our websites after such time shall constitute your acceptance of the amended policy.

Contact

You can contact us by writing to our Data Protection Contact:

generalate@medicalmissionsisters.org.uk

Medical Mission Sisters

41 Chatsworth Gardens

Acton, London W3 9LP

020 8992 6444

How to complain

You do have the right to complain to the Information Commissioner’s Office about anything relating to the processing of your personal information by our charity.

You can contact the ICO via its website at www.ico.org.uk or at:

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.