Why do we process your data?
During the course of its Membership activities, Mid Cheshire Hospitals Foundation Trust (MCHFT) collects, stores and processes personal information on current and former Foundation Trust Members.
MCHFT is the Data Controller for this information and is registered with the Information Commissioners Office. Our registration number is: Z4846564.
This notice describes how the Trusts uses staff including former staff), members of the public and volunteers’ data for the purpose of administering Members Services. The only public members included on the database are those that have specifically given consent to become a Member.
PLEASE NOTE – The Trust will take all reasonable steps to ensure that your information is up to data however if your details change, such as you change address, email or phone number, please advise us by emailing corporate.
What types of personal data do we handle?
In order to carry out our activities and obligations as an employer we handle data in relation to:
- Personal demographics (including gender, race, ethnicity, sexual orientation, religion)
- Contact details such as names, addresses, email addresses and telephone numbers
- Records of engagement and contact as Members of the Trust (including responses to Membership emails and the acceptance of event invitations)
What is our legal basis for using your information?
Members of the public that become Public Members apply and provide us with their explicit consent to become a member of the Trust.
Staff are automatically enrolled as members upon commencement of employment and are advised of how to optout should they so wish as part of the Trusts recruitment process this is because as a Foundation Trust we are required to establish a membership base from whom governors can be elected under the NHS Act 2006, the processing of staff information is therefore necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
You can change your mind at any time, if you wish to become a member or wish to remove yourself from membership please contact the membership office at corporate.
Sharing your information
There are a number of reasons why we share information. This can be due to:
-
Our obligations to comply with legislation
-
To prevent crime or fraud
-
Our duty to comply any Court Orders which may be imposed
Any disclosures of personal data are always made on case-by-case basis, using the minimum personal data necessary for the specific purpose and circumstances and with the appropriate security controls in place. Information is only shared with those agencies and bodies who have a "need to know" or where you have consented to the disclosure of your personal data to such persons. Your information is never collected or sold for direct marketing purposes.
Information Retention
Your information will be retained in line with the Trust’s policies and relevant legation. This will usually be for a period of seven years.
Security
The Trust will take all available steps to ensure that sufficient technical and organisations security measures are applied to your data in order ensure it remains safe and secure.
Individuals Rights
Data Protection laws give individuals rights in respect of the personal information that we hold about you. These are:
- To be informed why, where and how we use your information.
- To ask for access to your information.
- To ask for your information to be corrected if it is inaccurate or incomplete.
- To ask for your information to be deleted or removed where there is no need for us to continue processing it.
- To ask us to restrict the use of your information.
- To ask us to copy or transfer your information from one IT system to another in a safe and secure way, without impacting the quality of the information.
- To object to how your information is used.
- To challenge any decisions made without human intervention (automated decision making)
If you wish to make an information rights request, please email legal.
Should you have any further queries on the uses of your information please contact corporate.
If your wish to make a compliant regarding the use of your data, please contact dpo