St. Francis Hospice is committed to protecting the privacy of all who come in contact with our services and takes the responsibility regarding the security of our service users and clients’ information very seriously. We ensure that all personal data:
1) Is obtained and processed lawfully, fairly and transparently
2) Is processed for specific, explicit and legitimate purposes only, and not in any manner incompatible with those purposes. Is processed only in ways compatible with the purposes for which it was initially obtained.
3) Is kept safe and secure
4) Is accurate and up to date
5) Is adequate, relevant and not excessive
6) Is retained for no longer than is necessary for the purposes for which it was obtained
7) Is given, on request, in an electronic and structured form to you or to another party on your instruction.
You have the right to make a complaint at any time to the Irish Data Protection Commissioner. The Commission’s website is www.dataprotection.ie
This Statement sets out the following:
What personal data we collect and process about you in connection with your relationship with us as a patient, family member, main carer, volunteer, fundraiser, student, contractor, supplier, current employees, former and prospective employees and employees’ main carer. All personal data is collected and processed in accordance with Irish and EU data protection laws.
In this Privacy Notice, the use of “we”, “us”, and “our” means St Francis Hospice Dublin.
Where we got your personal data:
Patients: All patients are referred by their General Practitioner if they are at home, or by their Consultant/Specialist if in hospital, who provide personal information about you.
Family Members/ Main carers: We obtain information about you from you or from your family member, the patient.
Staff: We only hold data that you have provided to us during the course of your employment with us.
Volunteers: We only hold data that you provide to us on your application form.
Fundraising: We only hold data that you provide to us via our website or in person when you raise funds for us.
Education: We only hold data that you provide to us via our website or when you complete our registration form.
What Data we Collect:
Patients/ Family Members/ Main Carers/ Staff /Volunteers: Personal data means any information relating to you which allows us to identify you, such as your name, contact details, and information provided to us for the purposes of healthcare delivery, support or contractual compliance.
For all users of our website we collect certain technical data as part of the system logs for this website and for analysis, for example, your computer’s IP address and the web browser you use
For users who submit a message to our Remembrance Book webpage we process your name, email address and any personal details you choose to include in the ‘Tribute’ section of your submission.
For users who make donations, register for an event, purchase items through our website, or subscribe to one of our mailing lists we process your name and contact details, including your address, phone number and email address, details for the event for which you have registered (e.g. the mini-marathon) or which you are organising (e.g. a coffee morning). We also process your credit card information when you make a donation or purchase an item through our website.
What we use your personal data for:
St. Francis Hospice only collects personal data for specific purposes, in compliance with legislation. We use personal data for the following purposes as outlined below:
Patients: Health records are a special category of personal data and we process your personal data including your health records for the purpose of providing health care to you. We know the sensitivity of health related information and will keep it safe secure and confidential. This is allowed under GDPR Article (9) and HSE policy. Your personal data may also be anonymised and used for audits, statistical or research purposes. If you have a dispute with us as a healthcare provider, you may request that your healthcare record is ‘locked’, (under Article 18 of GDPR) but in that situation we will not be able to continue to provide medical care to you.
Family Members/ Main Carer: Our reason for asking for this information is to be able to contact you in case of an emergency which is part of our care and in our legitimate interest. We would also like to hold with your consent your contact details on our files so that you and your family may avail of our support services. We will keep your Personal Data safe, secure and confidential. You may receive support or counselling from us. We will process your records in line with Article 9 of GDPR and HSE policy. You have the right to withdraw your consent at any time.
Staff: Processing is necessary for the purpose of carrying out a legal obligation and contractual reasons in the field of employment as defined under GDPR, including personal data (e.g. address / date of birth) for human resources purposes, financial data (e.g. PPS number) for payment purposes and sensitive personal data (e.g. processing parental leave).
Volunteers: We hold your personal data that you have consented to provide in your application form in order for us to contact you to help us in services for which you have volunteered.
Fundraising: Fundraising is a legitimate interest of St. Francis Hospice as we need donations to continue to run our service. Once you contact us to raise money for us, to donate directly and/or make purchases on our website, we keep your personal data on our database for record and audit purposes and to enable us to contact you again about other fund raising events if you give us permission to do so. We also use your personal data to claim tax back from Revenue, where possible. You may withdraw your consent at any time by contacting us directly or clicking “unsubscribe” within any of these emails.
Education: St. Francis Hospice provides training and education. We keep your personal data on our database to register you for training and to enable us to contact you again about other training events if you give us permission to do so. You may withdraw your consent at any time by contacting us directly or clicking “unsubscribe” within any of these emails.
For Legal process: We will use your Personal Data when it is necessary to preserve or to defend our rights in court, to respond to law enforcement requests or discovery procedures, or where required or permitted by applicable laws, court orders, government regulations, government authorities or HSE policy.
If you choose to communicate with us or to follow us on social media for example, Twitter, Facebook and LinkedIn, it is up to you to choose your preferred profile settings.
Third party links
You might find links to third party websites on our website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability at all for their content, links and policies as we have no control over them. Any external links to other websites are clearly identifiable as such.
How long will St Francis Hospice retain your personal data?
St Francis Hospice holds personal data for a range of time periods; these are guided by HSE policy, our statutory requirements for certain data, our contractual obligations and our business and risk management requirements.
Under Article 23.1(g) the right to erasure of medical records is not an absolute right and restrictions may apply.
Security of your personal data:
We follow strict security procedures in the storage and disclosure of your personal data.
In limited circumstances we may share your information with third parties. These are set out below:
· Files and records are retained securely in our computer systems and we retain hard copies in locked filing cabinets.
· Credit card payments are handled by a specialist third party payments service provider. We do not store credit card details when payments are made through our website.
· With our service providers: To a limited extent, we may share personal data with our service providers, particularly where this is necessary to provide our website to you, to process your donations and purchases and to process your registration for our events and fundraising activities. These service providers will be obliged to keep your personal data confidential, safe and secure.
· For legal and safety reasons: We may provide information to a third party if we believe in good faith that we are required to do so for legal reasons.
· This website is hosted within the European Economic Area.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Collect any personally identifiable information without your express permission
Collect any sensitive information without your express permission
Pass data to advertising/marketing networks
Pass personally identifiable data to third parties
List of cookies we collect and purpose
CATEGORY_INFO Stores the category info on the page, that allows to display pages more quickly.
_utma --- stores the amount of visits (for each visitor), the time of the first visit, the previous visit, and the current visit.
_utmb --- used to check approximately how fast people leave: when a visit starts, and approximately ends.
_utmc --- used to check approximately how fast people leave: when a visit starts, and approximately ends (c expires quickly).
_utmz --- records whether the visitor came from a search engine (and if so, the search keyword used), a link, or from no previous page (e.g. a bookmark).
These cookies list below are from Google Analytics, a web analytics service provided by Google, Inc (“Google”). We use these cookies to measure the user experience of our website, e.g. how many times and how long a user visits our website, etc. This information is anonymous and we use it to help us continue to develop our site to improve your experience.
CUSTOMER_INFO An encrypted version of the customer group you belong to.
CUSTOMER_SEGMENT_IDS Stores the Customer Segment ID
LAST_PRODUCT The most recent product you have viewed.
NEWMESSAGE Indicates whether a new message has been received.
NO_CACHE Indicates whether it is allowed to use cache
If you have any questions regarding this Privacy Statement or our use of your personal data, please contact us using the following information:
Postal Address: Data Protection Officer
St Francis Hospice Dublin
Updated 22nd August 2018