This document describes the personal data that AIMS keeps about its members, donors, and other contacts:
We record and keep members’ contact details so that we can manage their membership and provide them with information about what we are doing as a charity as well as newsletters, notification of meetings, invitations to special events, etc.. This information is kept as a ‘Legitimate Interest’ under the terms of the GDPR legislation because:
We keep records of all the payments that we have received from members (usually membership subscriptions), donors and AIMS shop customers so that we have a proper audit trail of all the charity’s income. This is kept for contractual reasons and is a Legitimate Interest under the terms of GDPR because:
Thirdly, we hold contact details for people who are not members who have asked to be kept informed about AIMS talks and other events. This information is kept with the individual’s “Consent” under the terms of the GDPR because:
First name, last name and title
If an individual has not renewed their membership, they will be classified as a lapsed member. Their personal details will be kept on the membership database for a maximum of 12 months from their last renewal date. If they do not re-join in this time they will be treated as ex-members (see below).
If an individual has informed us that they are not renewing their membership, or if their membership has not been renewed for over 12 months, they will be classified as an ex-member. We will retain the information below for archive purposes but remove all contact details from our database.
All personal information is obtained directly from AIMS members, donors, customers and those who have requested to be put on the Talks contacts list.
AIMS does not record any personal information from any third parties.
AIMS does not share or sell any information about its past or present members or contacts with any third parties.
All membership data is stored in a secure database with access limited to a small number of volunteers. All access to the membership database is through individual accounts of authorised users and all accounts are protected by passwords.
All use of the membership database is logged, including the timestamp of the interaction, the user account used and any queries or actions carried out.
The system administrator is automatically notified by email of any anomalous events or errors in the membership database system.
All those with access to the membership database receive training in their responsibilities as Data Processors under the GDPR.
Individuals can request a copy of the Personal Information that AIMS holds on them, ask for this information to be amended or for it to be deleted by emailing firstname.lastname@example.org.
Access to the Mailchimp mailing lists is restricted to a small number of volunteers and access is protected with 2-factor authentication (password and SMS codes.)
Payments and donations are processed through PayPal, Stripe, Linnworks and BT MyDonate. These companies have all published their own privacy policies confirming that their data processing meets EU standards.
AIMS receives downloads of data from these companies when people make payments or donations, and these include email and postal addresses as well as some payment information. AIMS retains only the minimum information on these transactions that are required for legitimate purposes such as accounting and reporting to the Charity Commissioners. Other information in these records such as postal addresses and any payment information is deleted immediately on receipt of the download.
Note specifically that AIMS does not hold any details of any donor’s or customer’s bank or credit/debit card or any other accounts. Card details of members who pay their annual membership through the website are held in encrypted form in a database, access to which is through individual accounts of authorised users and all accounts are protected by passwords.
The AIMS helpline is a confidential information and support service provided by a small group of volunteers (the Helpline Group). This document describes the personal data that AIMS keeps about people who contact the helpline:
AIMS records the personal information of enquirers to the helpline in the form of emails and voicemails as a “Legitimate Interest” under the terms of the GDPR because
AIMS also records personal information including details of the enquiry and our response(s) to it in a database with consent because
If you prefer for us not to record your personal details in the database we will record details of your enquiry and our response(s) in anonymised form to enable us to use this information for research, quality assurance and training purposes.
The information can roughly be grouped into two areas:
Firstly, there is the direct personal information about the person making the enquiry. This makes it simple to maintain the context of an ongoing enquiry across possibly several helpline volunteers. It also helps if the same person contacts AIMS again with a subsequent enquiry which could be years later. This information may include some or all of the following:
Secondly, there is the less-direct information about the enquiry itself. The Helpline database keeps the text of the email enquiries and responses, and notes about conversations etc with the enquirer and with possibly multiple AIMS helpline volunteers, and there may be personal information such as names, dates and locations included in those notes and messages.
AIMS helpline volunteers work from home so all may have copies of emails and other communications in their personal electronic devices and similarly online including online email and messaging accounts.
You can check what information we have on you in the database or ask us to delete your personal data from it by emailing email@example.com If you ask us to delete your personal information we will retain your records in anonymised form.
All personal information is obtained directly from individuals who call or email the AIMS helpline.
AIMS does not record any personal information from any third parties.
AIMS does not share or sell any information about the people who make helpline enquiries with any third parties.
If you speak to a helpline volunteer by phone you do not need to tell them your name or contact details unless you wish to do so. However, the volunteer may ask for these details for the purposes described above.
If you leave a voicemail, an email which includes your phone number and a recording of your message will be sent to all our helpline volunteers, so that one of them can call you back as soon as possible. Similarly, if you email firstname.lastname@example.org your email address and message will be seen by all our helpline volunteers so that we can respond to you as soon and as fully as possible.
We take your confidentiality very seriously and we will not share your personal information or the details of what you tell us with anyone outside the Helpline Group without your permission.
Occasionally we may ask your permission to share your personal information with another organisation, for example to find additional information or sources of support for you.
The only exception to this would be in the very rare situation where there is a safeguarding issue. In this case if we have information that identifies the enquirer and their location we might tell someone else in order to get help for them. This might be that an enquirer is at risk of harm and unable to help themselves (for example, if they have a medical condition which is worsening), or that they’ve told us that they or a child is at risk of being hurt by someone else. We would never do this without telling the person concerned what we were doing.
All helpline data is stored in a secure database with access limited to a small number of volunteers. All access to the helpline database is through individual accounts of authorised users and all accounts are protected by passwords.
All use of the helpline database is logged, including the timestamp of the interaction, the user account used, and any queries or actions carried out.
The system administrator is automatically notified by email of any anomalous events or errors in the helpline database system.
Helpline volunteers receive training in their responsibilities as Data Processors under the GDPR, and have signed an undertaking which requires them to:
You can ask us at any time to delete all helpline emails to and from your email address by emailing email@example.com .
Updated May 2018
To read or download this Journal in a magazine format on ISSUU, please click here AIMS Journal, 2019, Vol 31, No 3 By Emma Ashworth For years, AIMS produced a small book…Read more
To read or download this Journal in a magazine format on ISSUU, please click here AIMS Journal, 2019, Vol 31, No 3 By Shane Ridley I’m very pleased to introduce a book, T…Read more
To read or download this Journal in a magazine format on ISSUU, please click here AIMS Journal, 2019, Vol 31, No 3 By Beth Whitehead After a difficult birth, it is natura…Read more
The festival runs from 8am to 5pm on 23rd April 2020 and includes expert speakers, an exhibition, seminars and an awards ceremony. Speakers include: Mary Renfrew FRSE (Pr…Read more
8.30am - 5pm Study day, including networking breaks and lunch, with sessions on the following topics: Bipolar support in pregnancy and planning for the postnatal period M…Read more
Details TBCRead more
The Nursing and Midwifery Council (NMC) plays a key role in the ongoing quality assurance and regulation of the maternity services and its staff. Effective and efficient…Read more
Call for submissions: Mistreatment and violence against women during reproductive health care with a focus on childbirth The mandate of the United Nations Special Rapport…Read more
AIMS submitted our response to this consultation on 7 May 2019. The Nursing and Midwifery Council (NMC) plays a key role in the ongoing quality assurance and regulation o…Read more