We use personal information on a day to day basis in order to operate, but we only collect personal information where there is a clear reason for us to do so.
Our use of personal information allows us to make better decisions, keep our site updated, fundraise more efficiently and, ultimately, help us to reach more cancer patients, Information Seekers and Information Providers to ensure we offer the most appropriate and updated information as possible.
The types of personal information we collect
What we collect about you and how we do this depends of which Cancer Central services you use, and how much personal data about you we need to provide these services.
We may collect, store and use the following kinds of personal information if and when you choose to provide it to us, and if you give us permission, where appropriate, to retain the information:
Sensitive Personal Information
We collect personal information in the following ways:
In accordance with common website practice, we will receive information about the type of device you’re using to access our website. The settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, what your device settings are, and why if a crash has happened. Your device manufacturer or operating system provider will have more details about what information your device makes available to us. This is information about the device only and will not give us any personal information about you or any other sites you may visit.
Information you provide to us directly
Information you provide to us indirectly
Depending on your settings or the privacy policies for social media and messaging services like Facebook, WhatsApp or Twitter, you might give us permission to access information from those services, for example if you publicly tag us in an event photo.
Information available publicly
We may supplement information on our Information Providers with information from publicly available sources such as charity websites and annual reviews, corporate websites, public social media accounts, the electoral register and Companies House in order to create a fuller understanding of an Information Provider’s interests and support of Cancer Central. This information will be used to verify that the Information Provider is a genuine and trading organisation, as opposed to dissolved or closed.
How we use personal information
We will use your personal information to:
Send marketing communications:
Send information on Events and fundraising
How you can manage your contact preferences
How we keep your information safe
We ensure that there are appropriate technical and organisational controls (including physical, electronic and managerial measures) in place to protect your personal details. For example, our online forms are always encrypted and our network is protected and routinely monitored. As no method of electronic transfer is absolutely secure we cannot guarantee 100% security although we follow and maintain high standards to ensure protection of information both submitted to and stored by us.
How long do we keep your information for?
AInfinity works to specific criteria to determine how long we will retain your information for, which are determined by legal and operational considerations. We might keep some personal information for tax or health and safety purposes, as well as keep a record of user interactions with us for due diligence. Under UK legislation, you may request information about what data Cancer Central holds about you and also request that we remove all data that we hold about you. We have one month to comply with your request for erasure or to advise if any data must be retained for legal reasons. Deletion of data can take up to 72 hours. Backed-up information may exist after deletion.
Sharing your information with other organisations
We will never sell or rent your information to third parties for marketing or advertising purposes. We will only disclose your information to third parties who are our strategic partners delivering key components of the AInfinity platform. Such as; payment processing, search facilities, data storage and analytics.
Some of our partners run their operations outside the European Economic Area (EEA) - this may include a country which may not be subject to the same data protection laws as companies based in the UK. In these circumstances, we will take steps to make sure they provide an adequate level of protection in accordance with UK data protection law, and appropriate safeguards are in place.
You are responsible for safeguarding the password that you use to access your account and you agree not to disclose your password to any third party. You are responsible for any activity using your account, whether or not you authorised that activity. You should immediately notify us of any unauthorised use of your account.
Your RightsUnder UK data protection law, you have rights over personal information that we hold about you. We’ve summarised these below:
Right to access your personal information
You have a right to request access to the personal data that we hold about you. You also have the right to request a copy of the information we hold about you, and we will provide you with this unless legal exceptions apply.
Right to have your inaccurate personal information corrected
You have the right to have inaccurate or incomplete information we hold about you corrected. If you believe the information we hold about you is inaccurate or incomplete, please provide us with details and we will investigate and, where applicable, correct any inaccuracies.
Right for your personal information to be portable
If we are processing your personal information (1) based on your consent, or in order to enter into or carry out a contract with you, and (2) the processing is being done by automated means, you may ask us to provide it to you with written permission to forward to another service. We would process this within the obligated timeframe and there may be a charge applicable.
Your Rights under Data Protection Law
Making a Freedom of Information (FOI) or Subject Access Request
If you wish to make an FOI or Subject Access Request, your contact details and case history will be collected to process your request and will be kept for two years.
If you wish to make a complaint to the Information Commissioner's Office (ICO) regarding a decision on a FOI or Subject Access Request, AInfinity is legally obliged to share your case records, which includes personal data, with the ICO in order to progress your complaint. You may withdraw your complaint at any time.
Making a complaint
Changes to this privacy statement
If this privacy statement changes in any way, we will place an updated version on the AInfinity website. If you do not agree with the changes we make please do not continue to use the website. Regularly reviewing this webpage ensures you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.