Since our establishment in 1986, the Histiocytosis Association has been dedicated to preserving the confidentiality of the personal information of our donors and members. To demonstrate the importance of your privacy, the Histiocytosis Association has established this policy outlining our usage of any personal information collected by our organization. This policy has been updated to reflect changes which comply with the newly established European Union (EU) General Data Protection Regulation ("GDPR").
What is the GDPR?
On May 25, 2018, the EU General Data Protection Regulation (GDPR) will take effect. For Europeans, the GDPR expands upon data privacy rights and gives more control to an individual over their data. As an organization who serves individuals around the world, including in the EU, it is our obligation to comply with the changes.
The GDPR has requirements organizations must comply with, as well as explains the rights Europeans have to control their data. Additional information about the GDPR can be found on the EU data protection website.
Collection of Information
The type of information collected depends on how you use the services of the Histiocytosis Association. Personal data is collected via account registration, online information forms, order forms, submission forms, donation forms, event registration forms, over the phone, and/or by email. In most situations information requested will include name, address, phone number, and/or email address. In some cases, information regarding a patient may be collected, such as patient name, date of birth, diagnosis, date of diagnosis and the relationship to that patient. Physicians or other medical personnel may be asked to supply information regarding their institution of employment. In the case where someone is making a contribution, payment information (i.e. credit card data) will be collected and processed using a secure third-party merchant and payment gateway.
When you create an online account through our website, your information is processed by our website and its forms, which are hosted by Blackbaud, and linked to our database, also hosted by Blackbaud.
You have the right to request that any or all of this information be deleted from our database at any time. Requests may take up to 30 days to be executed. Requests to review or delete your data should be made to email@example.com.
In addition to direct information collected, we employ the use of third party services, such as Google Analytics, to track website usage and visits. This information may include location, device type, page visitation information, and any demographic information you have made available to tracking services.
Use of Information
The Histiocytosis Association does not sell, rent or distribute donor, member or personal information to any for-profit or nonprofit organization without prior consent. This practice is automatically applied and, thus, it is not necessary for you to contact us in order to make this request. Physicians who have provided their information for the Physicians directory have consented to have their contact information (as provided by them directly) listed on our website for viewing by anyone who registers for an account on our website. Physician information is updated upon request.
Access to all personal information is restricted to only those employees and volunteers of the Histiocytosis Association who need it to provide our services to you. Your information may also be used for awareness campaigns, fundraising appeals, and to provide updates on the developments made in the search for a cure for histiocytic disorders.
Tracking information from Google Analytics is used to assess the functionality and success of our website. It is also used to establish future plans to accommodate changing technology usage such as mobile vs. desktop devices and how our website functions on those platforms.
Online security and privacy are of the utmost importance to the Histiocytosis Association. Therefore, we work with our online system service provider, Blackbaud®, to ensure that our online data collection process is safe and secure. To prevent unauthorized access, maintain data accuracy and ensure the correct use of information, we have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information we collect online.
This includes the use of Blackbaud Merchant Services to process your payment information for any donations made at www.histio.org. Purchases of eStore items are processed through BigCommerce and BrainTree Payments, a division of PayPal.
Conflicts of Interest Policy
It is recognized that occasions may arise when a member of the Board or an officer of the Corporation has a financial interest or has a familial relationship with a person who has a financial interest in a contract or transaction involving the Corporation or a committee thereof. In such cases it is the policy of the Corporation and of its Board that:
(a) Any material facts as to such financial interest shall be disclosed by such interested Trustee or officer to the members of the Board or committee.
(b) The Trustee or officer having such financial interest in any matter shall not vote or use any personal influence with regard to the matter (except that he or she may state a position on the matter and respond to questions about it); however, such interested Trustee or officer may be counted in determining the quorum for the meeting at which the matter is voted upon. The minutes of the meeting shall reflect that the disclosure was made and that such Trustee or officer abstained from voting. At the Board’s discretion, the interested Trustee(s) or officer(s) shall leave the room during discussion and voting on the matter(s) subject to the conflict of interest.
Should you have any questions/comments regarding our Privacy or Conflicts of Interest Policies, please contact us at +1 856-589-6606 or firstname.lastname@example.org.
Effective Date: May 25, 2018