The Tuberous Sclerosis Association (TSA) takes great care to safeguard personal data provided by our supporters and to process this data fairly and lawfully in accordance with the Data Protection Act 2018.
Tuberous Sclerosis Association is a registered charity:
Our registered address is CAN Mezzanine, 32-36 Loman Street, London, SE1 0EH
TSA takes data protection very seriously. It is required to adhere to the requirements of the Data Protection Act 1998, the General Data Protection Regulations 2018 (GDPR), all other related privacy laws and any codes of practice issued by the Fundraising Regulator (FR) or the Information Commissioners Office (ICO). TSA’s intention is to be compliant, user friendly and to ensure its supporters only receive information in which they are interested. Unless stated otherwise, TSA is the data controller in respect of all data it collects on this Website or otherwise. This means that TSA is responsible for full legal compliance.
By visiting our website, social media pages, services (including phone and email ) or providing your information to us, we will collect and use your information in the way(s) set out in this policy. If you do not agree with this policy, please do not use our sites, social media pages or services.
1.Non-personal information such as IP addresses (the location of the computer on the internet), pages accessed, and files downloaded. This helps us to understand how many people use our websites, how many people visit on a regular basis and how popular/useful our web pages are. This information doesn't tell us anything about who you are or where you live.
2.Personal information. We will ask you for information in order to provide you with the services requested, for example to send you information or process a donation.
3. Sensitive personal information or special category data. We may ask you for information about your health so that we can provide you with relevant information and support or in order to support your safe participation in an event. We may also collect this information if you make the information public or if you tell us about your experiences relating to TSC (for example, if you agree to share your story with us). We only collect this information with your consent.
We are committed to protecting the privacy of the young people that engage with us. If you are under 16 and would like to get involved, please ensure you have consent from a parent or guardian before you provide your personal information to us. We do not send any marketing communications direct to children under 16.
We are committed to protecting vulnerable supporters and follows the guidance issued by the Fundraising Regulator and Institute of Fundraising regarding treating donors fairly.
We believes this helps to support staff and volunteers who come into contact with supporters, enabling them to provide high-quality customer care and ensuring anyone donating to TSA is in a position to make a free and informed decision.
We may collect personal information that you give us about you or your family whenever you contact or interact with the Tuberous Sclerosis Association (TSA). We collect information about you in the following ways:
We may also receive information about you from third parties if you have given them permission to share this information and indicated that you wish to support the TSA, for example, if you set up a fundraising page for us with JustGiving or Virgin money giving or sign up to a challenge with a partner organisation or enter an independently organised event like the London Marathon.
If you have been named as the Executor on a Will, we may receive your details in order to administer a Gift left to us in that will.
Information about other people. If you provide TSA with personal data relating to any person other than yourself, you must ensure, before you do so, that they understand how their personal data will be used and that you are authorised to disclose it to TSA, and to consent to its use on their behalf.
The main reason we need your personal details is to enable us to communicate with you and keep you informed about what we’re doing and opportunities to support you or for you to support our work.
We record contact we have with you, so we have a clear understanding of our relationship, how you've supported us or have been supported by us in the past. We may also collect and retain your information if you send us feedback about our services, give us a compliment or make a complaint.
We believe it's important to make sure that all of our services are the very best they can be, which is why we evaluate them. Once you've used one of our services, taken part in an event, received information or bought a product, we may get in touch to ask you about your experience. You don't have to take part but it's really valuable to help us improve in the future.
We are committed to providing everyone who gets in touch with us with the very best experience, providing you with timely and relevant communications and using our resources effectively.
To do this, we may use profiling techniques to provide us with general information about you, which may include geographic, demographic or other information relating to you to better understand your interests and preferences. By doing this it allows us to understand the background of the people who support us and helps us to make the right requests. Importantly, it helps us to raise more funds, sooner, and more cost-effectively, than we otherwise would.
If you have provided us with your postal address we may send you mail, including SCAN magazine newsletter, which will include updates on our work - the research we're funding, the information and support services we offer and our campaigning work. We may also contact you about fundraising, events and trading. We do not ask for consent to write or call you about these things, because, as a charity, each of these activities is fundamental to how we work, so we have a legitimate interest to contact you. However, you will also have an option to opt-out of receiving marketing communications by post or phone.
We will only send you marketing communications by email if you have consented to receive these. You can unsubscribe at any time by clicking on the link in the email. Our mass email service allows us to track who has opened our e-newsletter and what links have been clicked on. This allows us to monitor what information is most useful to improve our content and information in future.
You can always amend your preferences by logging into our website and updating your details or you can contact us at any time on email@example.com or call on 020 7922 7731 to opt-out of any or all forms of marketing communication.
You can unsubscribe from receiving electronic messages by following the “unsubscribe” instructions included in our communication.
Please note that, even where you opt-out of marketing communications, we may still send you non-marketing communications (for example, event information relating to an event you have signed-up to, or information about any on-going donation you are making to the charity).The accuracy of personal information is determined by the accuracy of the information you supply to us. If you have an ongoing relationship with the Charity, we encourage you to notify us when there are changes in your personal details, so that we can keep our records up to date. In addition, we will pro-actively take steps to do this from time to time.
When you give us your details, you agree to us recording your details on our secure database, so we can provide you with the best possible service every time you contact us. We store your data on secure servers in the UK ,access to this system is limited and there is restricted access to data based on a person's role in the organisation. Data can only be be viewed only by our authorised staff, and partner organisations (for example, our IT support provider) with whom we have GDPR compliant contracts.
Our third party suppliers store data in the EU, with the following exception/s:
All paper records are stored on premises at our offices. These offices are securely locked when no members of staff are present and access is restricted and monitored during the working day.
In line with the principles defined in the Data Protection Act 2018 and the General Data Protection Regulation, TSA will ensure that personal data will be processed in ways that are:
We take precautions to prevent the loss, misuse or unauthorised alteration of personal information you give us. Access to your information is restricted to staff and partners who need it to perform their work. Sensitive information you give us is kept separate from other information and access is even more heavily protected. All staff who have access to your information have been successfully DBS-checked (Disclosure Barring Service) and are subject to our strict confidentiality agreements.
Transmitting information over the internet is can never be guaranteed as secure, and while we do our utmost to keep our systems and communications protected, we cannot make assurances that the security of your data in transit. Any data you transmit to us over the internet is at your own risk.
We are a charity with a small number of staff and rely on a number of trusted suppliers and partners working with us to provide a wide range of services to you. In order to provide you with these services we may need to share some of your personal information with our suppliers and partners from time to time so they can process it for us according to our instructions.
We may also provide information to third party service providers who process information on our behalf to help run some of our internal business operations including email distribution, IT services and customer services, or in relation to this website, such as card payment providers. Where we use service providers, we will enter into appropriate contracts to ensure that we are able to exercise control over their access to, and use of, your personal information.
In each case we will never share more information than is necessary to provide the service in question. For example, to send you a printed copy of SCAN magazine we need to give your address details to our print supplier.
If you use your credit or debit card to donate to us, pay for a registration or make a purchase over the phone, we will ensure this is done securely and in accordance with the Payment Card Industry Data Security Standard. We do not store your credit or debit card details at all following the completion of your transaction. All card details are securely destroyed once the payment or donation has been processed.
All purchases and donations completed online are handled securely by World Pay or PayPal and we do not receive your card details.
Form more information read our cookies policy.
The TSA uses a number of social media platforms to communicate our news, invite input and feedback, raise awareness and campaign for people affected by TSC, their families and carers. There are many other great websites on the internet with useful resources and information relevant to the TSC community.
However please be aware that the TSA is not responsible for and has no control over information you or others submit, post or share on social media or other websites even where we link to them from our own website or they link to our website. When you use these sites you do so in accordance with the separate terms and conditions and policies of these sites.
Where we are using your personal information on the basis of your consent, you have the right to withdraw that consent at any time.
The Tuberous Sclerosis Association (TSA) will always endeavour to keep accurate and up to date information on you but if you think any of the personal information we hold about you is not correct, you may also request that it is corrected.
Any person whose personal information is held or processed by TSA has the right to know:
Individuals have a right to access certain personal data being kept about them, either physically or digitally. Anyone who wishes to exercise this right should apply, in writing, to the Data Protection Officer at the address below. The Charity will respond within one month, providing that the request includes appropriate contact details, proof of identity from the individual and we can validate the request.
In relation to all of these rights, please email firstname.lastname@example.org or write to us at: CAN Mezzanine, 32-36 Loman Street, London, SE1 0EH marked FAO Data Protection Officer
If you are unhappy at any time about the way we process your personal information, please contact the Data Protection Officer at the address above, who will investigate your concerns.
If you remain unsatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office:Information Commissioner’s Office
We regularly review and update this policy to make sure it is accurate and simple to understand. This policy was last updated in August 2018.