This document describes the personal data that AIMS keeps about its members, donors, and other contacts:
All personal information is obtained directly from individuals. This includes AIMS members, donors, customers, contractors, employees and those who have requested to be put on our mailings list.
AIMS does not record any personal information from any third parties.
AIMS does not share or sell any information about its past or present members or contacts with any third parties.
We record and keep members’ contact details so that we can manage their membership and provide them with information about what we are doing as a charity as well as newsletters, notification of meetings, invitations to special events, etc.. This information is kept as a ‘Legitimate Interest’ under the terms of the GDPR legislation because:
Without members’ contact details we cannot keep our members informed of what the charity is doing, including events, campaigns, local activities etc. The members’ personal information we keep consists of the following:
If an individual has not renewed their membership, they will be classified as a lapsed member. Their personal details will be kept on the membership database for a maximum of 12 months from their last renewal date. If they do not re-join in this time they will be treated as ex-members (see below).
If an individual has informed us that they are not renewing their membership, or if their membership has not been renewed for over 12 months, they will be classified as an ex-member. We will retain the information below for archive purposes but remove all contact details from our database.
In addition to the information we hold on them as members, those who wish to Volunteer with AIMS are asked to provide information about their qualifications, skills, experience and interests. AIMS has a ‘Legitimate Interest’ in storing this information as we need it to enable us to identify roles or tasks which may be of interest to a Volunteer.
We hold also contact details for people who are not members who have asked to be kept informed about AIMS talks and other events. This information is kept with the individual’s “Consent” under the terms of the GDPR because:
The information we keep for these people consists of:
Applicants for paid or unpaid roles with AIMS may supply us with personal information as part of their application. This information is used purely for the purpose of recruitment, or in the case of successful applicants for paid roles, for HR and employment purposes. Details of unsuccessful applicants will be destroyed once the appointment is complete.
AIMS holds information on its paid employees to enable us to manage their employment. This includes:
AIMS sometimes employs individuals as contractors. We need to hold thir contact information in order to liaise with them about their current work or new opportunities to do work for the charity., and bank account details on their invoices to enable payment to be made. The information we hold on contractors may include some or all of:
We keep records of all the income that we have received and payments we have made. Income includes membership subscriptions, donations and payments from AIMS shop customers or those booking tickets for AIMS events. Payments include Volunteers' expenses, employees' salaries and expenses, and payments to suppliers or contractors.
We need to keep this information, which may include personal information and bank account details, so that we have a proper record of all the charity’s income and expenditure. This is kept for contractual and audit reasons and is a Legitimate Interest under the terms of GDPR because:
Volunteers who wish to claim expenses incurred for their AIMS volunteering work provide us with this information as part of their expense claim to enable payment to be made.
Individuals can request a copy of the Personal Information that AIMS holds on them, ask for this information to be amended or for it to be deleted by emailing firstname.lastname@example.org.
All membership data is stored in a secure database with access limited to a small number of volunteers. All access to the membership database is through individual accounts of authorised users and all accounts are protected by passwords. All use of the membership database is logged, including the timestamp of the interaction, the user account used and any queries or actions carried out. The system administrator is automatically notified by email of any anomalous events or errors in the membership database system. All those with access to the membership database receive training in their responsibilities as Data Processors under the GDPR.
Access to the Mailchimp members' and subscribers' mailing lists is restricted to a small number of volunteers and access is protected with 2-factor authentication (password and SMS codes.)
Expense claim forms and invoices are stored in electronic format in a Dropbox to which only members of the Finance team have access. These are retained to provide an audit trail.
Payments and donations are processed through PayPal, Stripe, Linnworks and BT MyDonate. These companies have all published their own privacy policies confirming that their data processing meets EU standards.
AIMS receives downloads of data from these companies when people make payments or donations, and these include email and postal addresses as well as some payment information. AIMS retains only the minimum information on these transactions that are required for legitimate purposes such as accounting and reporting to the Charity Commissioners. Other information in these records such as postal addresses and any payment information is deleted immediately on receipt of the download.
Note specifically that AIMS does not hold any details of any donor’s or customer’s bank or credit/debit card or any other accounts. Card details of members who pay their annual membership through the website are held in encrypted form in a database, access to which is through individual accounts of authorised users and all accounts are protected by passwords.
The AIMS helpline is a confidential information and support service provided by a small group of volunteers (the Helpline Group). This document describes the personal data that AIMS keeps about people who contact the helpline:
AIMS records the personal information of enquirers to the helpline in the form of emails and voicemails as a “Legitimate Interest” under the terms of the GDPR because
AIMS also records personal information including details of the enquiry and our response(s) to it in a database with consent because
If you prefer for us not to record your personal details in the database we will record details of your enquiry and our response(s) in anonymised form to enable us to use this information for research, quality assurance and training purposes.
The information can roughly be grouped into two areas:
Firstly, there is the direct personal information about the person making the enquiry. This makes it simple to maintain the context of an ongoing enquiry across possibly several helpline volunteers. It also helps if the same person contacts AIMS again with a subsequent enquiry which could be years later. This information may include some or all of the following:
Secondly, there is the less-direct information about the enquiry itself. The Helpline database keeps the text of the email enquiries and responses, and notes about conversations etc with the enquirer and with possibly multiple AIMS helpline volunteers, and there may be personal information such as names, dates and locations included in those notes and messages.
AIMS helpline volunteers work from home so all may have copies of emails and other communications in their personal electronic devices and similarly online including online email and messaging accounts.
You can check what information we have on you in the database or ask us to delete your personal data from it by emailing email@example.com If you ask us to delete your personal information we will retain your records in anonymised form.
All personal information is obtained directly from individuals who call or email the AIMS helpline.
AIMS does not record any personal information from any third parties.
AIMS does not share or sell any information about the people who make helpline enquiries with any third parties.
If you speak to a helpline volunteer by phone you do not need to tell them your name or contact details unless you wish to do so. However, the volunteer may ask for these details for the purposes described above.
If you leave a voicemail, an email which includes your phone number and a recording of your message will be sent to all our helpline volunteers, so that one of them can call you back as soon as possible. Similarly, if you email firstname.lastname@example.org your email address and message will be seen by all our helpline volunteers so that we can respond to you as soon and as fully as possible.
We take your confidentiality very seriously and we will not share your personal information or the details of what you tell us with anyone outside the Helpline Group without your permission.
Occasionally we may ask your permission to share your personal information with another organisation, for example to find additional information or sources of support for you.
The only exception to this would be in the very rare situation where there is a safeguarding issue. In this case if we have information that identifies the enquirer and their location we might tell someone else in order to get help for them. This might be that an enquirer is at risk of harm and unable to help themselves (for example, if they have a medical condition which is worsening), or that they’ve told us that they or a child is at risk of being hurt by someone else. We would never do this without telling the person concerned what we were doing.
All helpline data is stored in a secure database with access limited to a small number of volunteers. All access to the helpline database is through individual accounts of authorised users and all accounts are protected by passwords.
All use of the helpline database is logged, including the timestamp of the interaction, the user account used, and any queries or actions carried out.
The system administrator is automatically notified by email of any anomalous events or errors in the helpline database system.
Helpline volunteers receive training in their responsibilities as Data Processors under the GDPR, and have signed an undertaking which requires them to:
You can ask us at any time to delete all helpline emails to and from your email address by emailing email@example.com .
Updated May 2018
AIMS Journal, 2020, Vol 32, No 4 Lorna Tinsley Interview by Rachel Boldero AIMS believes that an effective Nursing and Midwifery Council (NMC) is crucial for a well-funct…Read more
AIMS Journal, 2020, Vol 32, No 4 By Wendy Jones PhD MRPharmS MBE ‘ Scientific, evidence-led information which is very up to date and relevant, and … better informed than…Read more
AIMS Journal, 2020, Vol 32, No 4 The OBS facilitators: Charlotte Gilman, Julie Gallegos, Lisa Mansour and Jayne Joyce (left to right) By Jayne Joyce IBCLC Project Lead Ox…Read more
POSTPONED FROM JUNE 2020 Making a difference past and future The purpose of the day is to celebrate what Birth Activists in general and AIMS in particular have achieved,…Read more
This year’s AGM will be an online meeting, so we plan to keep it to two hours. However, there will be the opportunity to stay, chat and socialise with friends and colleag…Read more
AIMS has written this week to Jeremy Hunt MP, in his role as chair of the Health and Social Care Select Committee, as a response to the current discussion regarding a so-…Read more
AIMS has submitted comments on the draft NICE Shared decision making Guideline. You can read our comments here The details of the consultation on the draft guidelines can…Read more
AIMS has submitted comments on the draft update of the NICE Neonatal Infection Guideline. You can read our comments here . The details of the draft guidelines can be foun…Read more