Last revision date: 24/04/2020
Privacy Statement Summary
This privacy statement explains what information we gather about you, what we use that information for and who we give that information to. It also sets out your rights in relation to your information and who you can contact for more information or queries.
Who this privacy statement applies to and what it covers
This privacy statement applies to the WeHelpOurHospitals initiative organised by CCOW.
We are committed to protecting your privacy and handling your information in an open and transparent manner.
This privacy statement sets out how we will collect, handle, store and protect information about you when:
- Registering as an individual volunteer or as a contact for an organisational volunteer or healthcare provider
- providing support to healthcare providers or volunteers and the supporting organisations
- you use “our Website” or
- performing any other activities that form part of the operation CCOW and WeHelpOurHospitals, as described in further detail below.
When we refer to “our Website” or “this Website” in this policy we mean the specific webpages of WeHelpOurHospitals, and to specific webpages with a URL commencing ‘https://wehelpourhospitals.be’.
In this privacy statement, your information is sometimes called “personal data” or “personal information”. We may also sometimes collectively refer to handling, collecting, protecting and storing your personal information as “processing” such personal information.
When referred to “healthcare providers”, in this policy we mean the parties that will request help from CCOW, including the organisational volunteers that have joined the initiative.
Organisational volunteers being companies that have joined our initiative by making time and effort available through their employees.
Individual volunteers being security professionals that have joined CCOW in their own name.
What information we collect
In the course of providing voluntary services to you as an intermediary, or to the healthcare providers and performing due diligence checks in connection with our voluntary services (or discussing possible services we might provide), we will collect or obtain personal data about you. We may also collect personal data from you when you use our Website.
We may collect or obtain such data because you give it to us (for example in a form on our Website), because other people give that data to us (for example your employer, colleague or adviser) or because it is publicly available.
The personal data that we collect or obtain may include: your name; e-mail address; telephone number; employment and education details (for example, the organization you work for and your education details); your IP address; your browser type and language.
Where we are provided with personal data about you one of the volunteering parties, we use reasonable efforts to include clauses into the contract with the healthcare provider that will require them to comply with the privacy laws and regulations relevant to that information; this may include, for example, that the healthcare provider has provided you with notice of the collection (and other matters) and has obtained any necessary consent for us to process that information as described in this privacy statement.
We understand the importance of protecting children’s privacy. Our Website and services are not designed for, or intentionally targeted at, children. It is not our policy to intentionally collect or store information about children.
Use of personal information to provide services to the healthcare providers
We will use your personal data to provide you or the healthcare provider with the requested voluntary services. As part of this, we may also use your personal data in the course of correspondence relating to the services. Such correspondence may be with you, the healthcare providers, other members of the CCOW, or competent authorities. We may also use your personal data to conduct due diligence checks relating to the services.
Because we provide a wide range of voluntary services to healthcare providers, the way we use personal data in relation to our services also varies. For example, we might use personal data:
- about an organisational volunteer’s employees to enable them to help the healthcare provider
- about a healthcare provider’s contact person for matching them to a volunteering party
- about an individual volunteer to reach out to them in case of an incident at a healthcare provider who needs urgent help from CCOW
Use of personal information for other activities that form part of the operation of CCOW
We may also use your personal data for the purposes of, or in connection with:
- requests and communications from competent authorities
- administrative purposes
- risk analysis purposes
- protecting our rights and those of the healthcare providers.
Use of personal information collected via our Website
In addition to the purposes connected to the operation of CCOW above, we may also use your personal data collected via our Website to manage and respond to any request you submit through our Website.
Who we disclose your information to
In connection with one or more of the purposes outlined in the “How do we use information about you?” section above, we may disclose details about you to: other members of the CCOW Network; third parties that provide services to us and/or the CCOW Network; competent authorities (including courts and authorities regulating us or another member of the CCOW Network); your employer and/or their advisers; your advisers; organizations that help us reduce the incidence of fraud and other third parties that reasonably require access to personal data relating to you for one or more of the purposes outlined in the “How do we use information about you?” section above.
Protection of your personal information
We use a range of electronic and managerial measures to ensure that we keep your personal data secure, accurate and up to date. These measures include:
- administrative and technical controls to restrict access to personal data on a ‘need to know’ basis
- technological security measures, including fire walls, encryption and anti-virus software
Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure. We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to us or by us.
How long we keep your information
We will hold your personal data on our systems for the longest of the following periods: (i) as long as is necessary for the relevant activity or voluntary services; (ii) any retention period that is required by law; or (iii) the end of the period in which litigation or investigations might arise in respect of the services.
You have various rights in relation to your personal data. In particular, you have a right to:
- obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you
- ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete
- ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data
- withdraw consent to our processing of your personal data (to the extent such processing is based on consent)
- receive a copy of the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit such personal data to another party (to the extent the processing is based on consent or a contract)
- object to our processing of your personal data.
To exercise any of your rights, or if you have any other questions about our use of your personal data, please email firstname.lastname@example.org.
You may also use these contact details if you wish to make a complaint to us relating to your privacy.
Right to complain
If you are unhappy with the way we have handled your personal data or any privacy query or request that you have raised with us, you have a right to complain to the EU Data Protection Authority (“DPA”) in your jurisdiction. If you would like to be directed to the appropriate DPA, please contact us as indicated above.
Changes to this privacy statement
We may modify or amend this privacy statement from time to time.
To let you know when we make changes to this privacy statement, we will amend the revision date at the top of this page. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to periodically review this statement to be informed about how we are protecting your information.