Privacy policy

Where this page refers to, we or us, or EACH, we mean East Anglia’s Children’s Hospices, and its trading subsidiaries East Anglia’s Children’s Hospices (Trading) Limited, Stable Trading and the Children’s Hospice for the Eastern Region.

EACH is registered with the Information Commissioner’s Office (ICO) in accordance with UK General Data Protection Regulations (UK-GDPR). https://ico.org.uk/

  • Registered Charity Number 1069284.
  • Company number 03550187 (registered in England and Wales).

EACH has appointed a Data Protection Officer who ensures your information is always handled securely and in accordance with the law. You may contact the EACH Data Protection Officer at any time if you have any concerns or questions about how your data has been used:

By telephone: 01223 800 800
By email: dataprotectionofficer@each.org.uk
By post: East Anglia’s Children’s Hospices, Church Lane, Milton, Cambridge. CB24 6AB.

Accessibility

If you wish to receive this Privacy Policy in a different format, such as large print, braille, audio recording, or translated into a different language, please contact us:

By telephone: 01223 800 800
By email: supportercare@each.org.uk
By post: East Anglia’s Children’s Hospices, Church Lane, Milton, Cambridge. CB24 6AB.

Your rights

Under data protection regulations, you have rights over how your personal information is used by others:

  • The right to be informed about your personal information we store and/or process.
  • The right of access to the information we hold about you and make a subject access request
  • The rights of erasure or restricted processing.
  • The right of portability – you may be able to ask us to give information we hold about you to another organisation.
  • The right to object to the way in which we store or process your information.
  • The right to object to any automated decision-making process that we may use.

If you would like to exercise any of these rights, please contact the Data Protection Officer at DataProtectionOfficer@each.org.uk, or telephone 01223 800 800, or write to the Data Protection Officer at East Anglia’s Children’s Hospices, Church Lane, Milton, Cambridge, CB24 6AB.

If you no longer wish to receive emailed or web-based marketing information you can unsubscribe at www.each.org.uk/unsubscribe. For non-web-based marketing please contact supportercare@each.org.uk.

Personal information

Personal information is any information about you from which you can be identified, such as your name, address, date of birth, debit/credit card details, IP address, photos or film, but it may also be anything that identifies you, for example, your NHS number or biometric data. Some personal information will be sensitive, for example, information regarding health and wellbeing, ethnicity and religious views.

EACH will only use your information in ways that you would reasonably expect having read this Privacy Policy. Your information will only be collected, stored or processed where specific purposes have been identified and highlighted in this policy or by direct communication with you.

The amount of information we collect and use about you will vary depending on your relationship with EACH. We always make sure there is a legal basis in data protection law when we collect and use your information. The legal bases we rely on are:

  • Consent: Where you have given us clear and informed permission.
  • Contractual: Where there is a contract between you and us.
  • Legal obligation: Where a law says we must.
  • Legitimate interest: Where it is necessary for our charitable aims and the benefits have been carefully balanced against respect for your privacy, your information rights, and your expectations.
  • Vital interest: Where providing data could protect life in a life-or-death situation.
  • Public task: Where it is necessary for us to perform a task in the public interest.

All legal basis, including consent are reviewed on an ongoing basis, please let us know if you would like us to update our records.

How information is collected

Directly from you: This is information you give to us directly when, for example, you become a service user, register for a fundraising event, volunteer to support the charity, become an employee, or make a donation or otherwise interact with the charity and its subsidiaries. You may provide this on a paper or digital form, during a telephone or face-to-face conversation, or by other means.

If you are a member of staff or a volunteer specific information will be required. Depending on the work you do we may need to ask you for sufficient information to carry out some background checks and there are also key personal data details required. We may provide you with forms to complete or capture your details directly in our Applicant Tracking System or HR systems. Many of the EACH systems are integrated so if you provide information in one system it may also update another (e.g. HR to Payroll).

If you are a service user then your records will probably include sensitive personal data, including medical information. Much of this will be collected directly from you.

You may provide information to us directly through our website or other electronic medium. When you interact with an EACH website it is helpful to be able to identify you to improve your experience. Like most websites EACH uses ‘cookies’ to enable the website to recognise you when you return. A cookie is a small text file that transfers to your computer (or phone or tablet) and can help with things such as auto filling your name and address in text fields. By using an EACH website, you are confirming you agree to our privacy and cookies policies. Click here for more information on our cookies policy.

If you enter details onto one of our online forms and you don’t send or submit the form, we may contact you to see if we can help with any problem you may be experiencing with the form or with our website.

CCTV: Some of our premises are monitored by CCTV or door access systems. For the purposes of security, images and videos may be retained for a limited period of time.

Third parties: Sometimes, information will be provided indirectly through a third party, for example: through a donation website (e.g. JustGiving), from an organisation where you have given permission to share your data. Service user information may have been shared with EACH through the NHS spine or by other agencies, health, and social care professionals.

Third parties must only supply EACH with your information if they have the correct lawful authority to do so. When you share your information with anyone, you should check their privacy policy so you understand how they will process and share your data. You should also regularly check your security settings for online services with whom you share your data.

Information collected from public sources: EACH may collect information from public sources such as Companies House, social media profiles, newspapers and other published material. EACH may also carry out research into population demographics, geographic data or other areas which may impact on our future service delivery or identify potential areas of focus to raise funds. Information from different sources may be combined for profiling or analysis purposes.

What kind of personal information do we process

For care service users, we will record your contact details, demographics, and access to medical records which we can update.

We may also collect data about your family members and professionals who work with you.

If you receive community care, we will make sure we have the information we need to work in your home which may be everything from your Wi-Fi password to where you keep medications.

We will record data for ethnicity and diversity monitoring.

We will record your name, address, contact details, date of birth, gender, ethnicity and religious beliefs, next of kin, and information about your health and wellbeing.

For employees, we hold information related to your employment record, payroll, supervision and appraisal notes, disciplinary proceedings, occupational health records (obtained only with your consent), data for ethnicity and diversity monitoring.

For donors, it is helpful if we can collect more information than the minimum of contact details and gifts received:

  • Charitable donations may be given anonymously, but we would prefer to have and hold your contact details so that we can confirm receipt and keep you informed; you will be able to choose whether you supply this information. Depending on your payment method we may be required to record your some of your personal information in connections with payment details.
  • As a donor, we will often ask you for more information than the bare minimum to process your donation, this may be so that we can identify you as an event entrant or it may be part of building a long-term relationship with you. Our fundraisers will be genuinely interested in how you have raised funds and why you have chosen to support EACH and may record this information so they have a record when they next contact you.
  • Information required for us to process your fundraising requests, for example, using your preferred contact method to allow us to send you information relevant to an EACH event or to provide pertinent stewardship and support for your fundraising for EACH. If you ask us to support you with a fundraising activity, we will continue to do so unless you make a change to your request as we consider this to be good stewardship. We differentiate our communications between stewardship and marketing to ensure we can effectively comply with the Privacy and Electronic Communications Regulations (PECR) which require consent for electronic marketing. We will always ensure we have your consent for electronic marketing.
  • Information required in the legitimate interest of the charity or its subsidiaries, for example, as a supporter of the charity, a balancing test may show that it is in the legitimate interest of both EACH and you as a supporter to keep you informed about our work.
  • Personal information may also be held and processed under legitimate interest, consent, contract or legal obligation for the purposes of claiming Gift Aid, recording financial transactions, customer service support etc. Whenever legitimate interest is applied, EACH will carry out a balancing test to ensure fairness.
  • Depending on your payment method we may record your payment details and pass them on to a third-party mercantile service to process the payment. We will ensure your payment details are handled securely.
  • In some instances, acceptance of a gift may require more information to ensure we comply with Money Laundering Legislation, and we may not always be able to accept a gift anonymously.

For online browsers, in addition to your contact details we may collect and store your address, phone numbers, email addresses. On our website we process and store IP addresses and information about your browser type, version, times, operating system platform, Uniform Resource Locators (URLs or web addresses), clickstreams to, through and from our site and browsing activity on our site.

‘Recite Me’ provides our website’s accessibility toolbar, and processes any data displayed as text on our webpages. It also processes the IP address of those who launch the toolbar. This is to provide usage statistics and does not include individual user information.

Targeted Advertising and Meta Tools
We use targeted advertising on platforms such as Facebook and Instagram to help raise awareness of our work and reach people who may be interested in supporting us. This includes the use of Meta’s Custom and Lookalike Audiences, and Meta Pixel tools.

Custom and Lookalike Audiences
Custom Audiences allow us to show ads to people who have already interacted with us, for example, by visiting our website, signing up for a newsletter or engaging with our social media content. To achieve this:

  • We convert your personal data (e.g. your email address) into a simple file format, like a CSV.
  • This file is uploaded to our browser, where the data is hashed locally – before it is sent to Meta. Hashing transforms your personal data into randomised code. The process cannot be reversed and the data cannot be decrypted.
  • Once hashed, the data is transmitted to Meta, which compares it to its own hashed user data. If a match is found, your account may be included in a Custom Audience, meaning you could see relevant ads from us on Meta platforms.
  • Meta deletes both matched and unmatched hashed data after the matching process is complete. The hashed data is not shared with other advertisers or third parties.
  • Importantly, we cannot see which individuals have been matched, nor can we identify any Facebook or Instagram accounts within a Custom Audience.
  • For more information on this process, visit Meta’s help centre.

Lookalike Audiences help us reach new people who are similar to our existing supporters. Meta uses data from our Custom Audiences to identify users with similar interests, behaviours or demographics and shows our ads to them. This helps us connect with potential supporters who are likely to be interested in our cause.

Meta Pixel
We use a Meta Pixel across our website to track user interactions (like page views and clicks) and help us deliver more relevant ads. This data is hashed and securely sent to Meta for matching and audience creation.

A separate Meta Pixel is used on our Local Hospice Lottery page, managed by Local Hospice Lottery (LHL). This pixel functions similarly, helping LHL deliver targeted ads and build Lookalike Audiences.

Meta pixels are only activated if you consent to marketing cookies via our cookie banner.

For more information about how Meta Pixels work, click here.

When we process your personal data for our legitimate interests in this way, we take great care to consider and balance any potential impact on you and your rights.

The nature of Meta ads means that some of our adverts may still reach you (even if we have not used your personal data to create Custom or Lookalike Audiences). In this scenario, Meta is the data controller and will provide options within its privacy settings about ad preferences.

For our purchasing suppliers, many are organisations outside the scope of this policy, but there are a few individuals for whom we will keep the minimum data we need to comply with legislation, and this will include your contact details, details of purchases and amounts spent.

How information about you is used

Care Services
If you use our care services, we will collect your personal data and sensitive or ‘special category’ information that relates to your physical and/or mental health and any other relevant information such as religious beliefs or sexual orientation. This data goes onto form your healthcare record, together with additional information such as the personal details of your family and/or carers, etc.

From time to time, care staff may be asked to take clinical photographs of you for medical or training purposes. Such photographs would form part of your medical record and would not be made publicly available without your explicit consent.

Information will be used to carry out care assessments, book appointments or visits, send you correspondence, complete surveys, record incidents and deliver care. We may receive commendations or complaints and concerns, and process the information contained therein to respond to you and develop our service.

To inform the development of care services for children, young people and families, we may use your data to identify patterns and trends. We will also use it for resource planning. We will keep records to:

  • Enable home visits.
  • To let you know about services and events.
  • To monitor trends and progress in care.
  • Undertake research, with your permission, to better understand people’s expectations about how their data will be used.
  • To provide you with information, products or services you request.

So that we can provide high quality care and support we need specific data. This is collected from or shared with:

  1. You or your legal representative(s);
  2. Third parties. We may do this face to face, via phone, via email, via our website, via post, via application forms. Third parties are organisations with whom we have a legal reason to share your data with. These may include:
    • Other parts of the health and care system such as NHS Trusts, your GP, the pharmacy, social workers, and other health and care professionals.
    • Local authorities.
    • The police or other law enforcement agencies or courts subject to law or court order.

We are also required by law to report certain information to appropriate third-party authorities. This is only provided after formal permission has been given by a qualified health professional or Caldicott Guardian. Occasions when we must pass on information include:

  • Where we encounter infectious diseases which may endanger the safety of others, such as meningitis or measles.
  • Where a formal court order has been issued
  • Where information sharing is requested by third parties and no legal obligation to share exists, we will not disclose any health information without your explicit consent, unless there are exceptional circumstances, such as when the health or safety of others is at risk.

The Director of Care, Care Service Leads, Data Protection Officer and Caldicott Guardian may look at your records to monitor and audit the quality of records and care, or if dealing with a complaint.

The Care Quality Commission, our regulatory body, may also look at records as part of their inspection process; they will ask your consent.

There is limited access to identified members of our administration team in support of care and patient and family related events.

For friends, relatives, appointed next of kin, we will record basic details and contact information e.g. name and address.

We require this data because we have a legitimate interest in holding next of kin details about the individuals who use our service and keeping emergency contact details for our staff.

Your right to withdraw consent for us to share your personal information:

  • At any time, you have the right to refuse/ withdraw consent to information sharing. The possible consequences will be fully explained to you and could include delays in receiving care.

How can you get access to your own health records?

  • The Data Protection Act 2018 gives you the right to see or have a copy of your health records.
  • If you want to access your health records you should make a written request (which can be by email) to our Data Protection Officer at dataprotectionofficer@each.org.uk. You should also be aware that in certain circumstances your right to see some details in your health records may be limited in your own interest or for other reasons.

We do not share any patient personal information, or the information of those associated with our patients without their consent to our:

  • Fundraising team
  • Marketing team
  • Retail team

Families - more detailed information regarding how children and families’ information is managed can be found in the Family Information Leaflet ‘What happens to your information’. Please ask our staff for a copy.

National Data Opt Out Programme - From the 25th May 2018, any person aged 13 years or over, with an NHS number, can opt-out of having their confidential identifiable patient information being used for reasons other than their individual care and treatment. A person with parental responsibility can opt out on behalf of a child under 13 years of age. If you wish to opt out or want to find out more information about this, please go to https://digital.nhs.uk/services/national-data-opt-out-programme or ask a member of your local hospice team for a leaflet.

EACH is part of the Shared Care Record for the East of England - Why shared care records matter, every health and social care organisation that you have contact with has their own set of records. To provide you with the best care it is important that authorised health and social care staff have the most up to date information available to them. Shared care records assist staff to make the best decisions by having a more joined-up picture of your information. This is important in providing safe, personalised, and connected care. Please see our privacy notice for the shared care record.

Income Generation

For the purpose of income generation, we may use your personal data to:

  • Steward your fundraising, ensuring we are offering you the support you need during your activity or donation.
  • Provide pertinent stewardship and support for your fundraising for EACH. If you ask us to support you with a fundraising activity, we will continue to do so unless you make a change to your request as we consider this to be good stewardship. We differentiate our communications between stewardship and marketing to ensure we can effectively comply with the Privacy and Electronic Communications Regulations (PECR) which require consent for electronic marketing. We will always ensure we have your consent for electronic marketing.
  • Claim Gift Aid from HMRC and/or to register you for retail Gift Aid as a donor of second-hand goods.
  • Report to fundraising bodies on anonymised statistics and activity.
  • Provide you with information, products or services you request.
  • Comply with Money Laundering Legislation and we may not always be able to accept a gift anonymously.
  • Ensure we contact supporters with the most appropriate communication we may profile your data by combining the information we hold with other sources of information or carry out other analysis techniques. This will enable EACH to contact you in the most relevant way and provide an improved experience. It will also enable EACH to have a greater insight and understanding of its supporters and use the information to develop the charity’s donor base. If you do not want your data to be used in this way then you can opt out at any time by emailing supportercare@each.org.uk or by telephoning 01223 800807.
  • We send some data to specialist agencies for data cleaning which includes correcting and may include enhancing the data.
  • Ask for your support to help EACH continue our work of caring for children, young people and families. This may be through volunteering, fundraising, becoming a Gift Aider or other means of providing support to the charity.
  • Steward your fundraising, ensuring we are offering you the support you need during your activity or donation.

Marketing

We may use your personal information:

  • If you have consented to our processing your personal data for marketing purposes, in accordance with this privacy policy, we may send you information (via email, post, phone or text) about our activities and services we consider of interest to you or those that you have requested.
  • To provide web services for the enrolment and processing of volunteers.
  • To interacting with you on our website providing information, online shopping and forums.
  • We may take individual or group photos at events and your image may be used in promotional material if you attend our events or sites.
  • EACH does not sell personal details to third parties for the purposes of marketing.

Running our organisation

We may use your personal information to:

  • Ensure you receive excellent stewardship and are updated on our work and progress.
  • Ask for your support to help EACH continue our work caring for children, and families. This may be through volunteering or other means of providing support to the charity.
  • Record payment information, depending on your payment method, we may need to record your payment details and pass them on to a third-party mercantile service to process the payment.
  • We may record telephone conversations for the purposes of staff training or other development.

If you are an employee or volunteer, we will use your personal information to:

  • Process staff personal data for payroll and Human Resource Management purposes.
  • Issue contracts of employment or volunteer service agreements. We will need your employment history and details about you for this which we will store securely.
  • To carry out diligence checks, for example, checking driving licences to verify eligibility to drive, taking a copy of your passport to establish right to work and place of residence.
  • To notify our insurers of employees age and any driving points you may have on your licence if you drive EACH vehicles.
  • To administrate employee or corporate pension or insurance schemes. In this case, salary, medical and contact details may be shared with third party pension and insurance providers.
  • If you are a member of staff or a volunteer, more information will be required. Depending on the work you do we may need to ask you for sufficient information to carry out some background checks. You will be asked to complete a personal details form when you join EACH and you should provide updates if that information changes. Records of your employment, appraisals, supervision, progression and HR processes are also kept on your personnel record but not kept longer than required.
  • Information required for us to comply with legal obligations, for example, Disclosure and Barring Service applications, financial accounts or payroll records.

For administrative purposes, we may process and store your personal data to:

  • Verify the identity of Trustees or senior managers, to ensure they qualify as ‘fit and proper persons’ and to provide identity verification to banks or financial institutions.
  • To process personal information to support contractual arrangements.
  • Process or store personal information to comply with legal obligations, for example, disclosure and barring service, VAT records and payroll records.
  • Monitor and audit our services and ensure quality and accountability.
  • To provide you with other services, for example, our library service.
  • We may share your data with a third-party specialist, under a confidentiality agreement, in assisting with large volume Subject Access Request redaction.
  • To maintain a relationship with you as a supplier of services.
  • To provide you with IT systems, to set up your accounts and connect to your personal mobile devices.
  • We may share your personal data with solicitors or other advisors if there is a legitimate, contractual or legal reason to do so.
  • Provide Companies House and the Charity Commission with details of Trustees and Directors.
  • Provide information to financial institutions for key staff or Trustees to verify identity for the purposes of authorising transactions.
  • Storing information which you may have provided us with as a matter of your own vital interest, i.e. to maintain your own personal safety such as next of kin or information about your health.

Contacting you

Default: If you have told us how you prefer to be contacted then we will use your preferred method to contact you when appropriate. This may be by post, email, telephone, text or another method you have requested. Please let our staff know your preferences.

Marketing: If you have consented to our processing of your personal data for marketing purposes, in accordance with this privacy policy, we may send you information (via email, post, phone or text) about our activities and services we consider of interest to you. We will only send you marketing communications via electronic means if we have your consent to do so.

Sharing information

Information may be shared with other parties for a variety of reasons:

  • For shared delivery of care (with other healthcare professionals).
  • To raise awareness of the needs of families and EACH service users.
  • To provide information to regulatory bodies or funders.
  • To make sure we maintain our responsibilities for quality and accountability (audits and inspections).
  • To inform the development of care services for children, young people, and families.
  • For funding purposes including to provide evidence that contracted services have been delivered.
  • To fulfil a legal duty.
  • With our IT Managed Service Provider to support your work IT requirements.
  • To set you up as a user on cloud systems.
  • Due to contractual requirements.
  • To carry out research.
  • To work with EACH contracted third parties.
  • To make payments on employees’ behalf into their group personal pension scheme, or other deduction from pay.
  • EACH may engage third party medical or therapeutic professionals, or other contractors or agency staff to work on site providing or supporting EACH services. These third parties may be given access to personal information on the same basis as EACH staff and will be contractually bound to the same standards of data protection and confidentiality.
  • EACH uses third-party organisations or contractors who act under our data governance rules to carry out tasks on behalf of the charity. This may include data cleaning, direct mail fulfilment services, database technical support from IT providers, data hosting, external secure archiving, and confidential record destruction. These providers have the same obligations as EACH under data protection legislation and we ensure these obligations are built into our contracts with them.
  • Payroll data will be shared with our payroll processing bureau and with His Majesty’s Revenue and Customs.
  • Employee data may be shared with third parties for the purpose of occupational health assessments (consent will always be obtained for this).
  • There may be occasions where EACH is required to notify and share data with other service organisations or professional bodies in the event of concerns regarding safeguarding, negligence, or serious misconduct by employees.
  • The employee may be advised to notify relevant organisations directly or with relevant consent, EACH may share details directly with such service organisations to maintain safety of CYP in EACH’s care.
  • EACH may be required by law to share data to comply with legislation, for example, to safeguard a child or adult at risk of harm, as a result of a court order, a request from the police who are investigating a crime or an investigation from other authorities, for example, a tax enquiry.

CCTV use when supporting families in their home

Families may choose to use home CCTV or personal recording devices during care visits. While UK law does not prohibit individuals from recording in their own homes-even covertly-this raises important considerations for staff privacy, consent, and professional boundaries.

The legal position is:

  • Under UK law, individuals may record in their own homes without requiring consent from those being recorded, including health care professionals.
  • Such recordings are typically considered for personal use and are not subject to the same data protection rules as organisational surveillance systems.

Whilst this is the legal stance EACH’s guidance for employees is as follows:

  • Employees should be able to raise concerns if they feel any recording is intrusive or inappropriate and we’d encourage an open discussion with their line manager and the family.
  • If any recording compromises staff privacy we should retain the opportunity to refuse or withdraw care.
  • We should provide access to supervision and support for any staff who feel uncomfortable or distressed by being recorded.

Where the legal basis for processing data is based on consent, we will always obtain this from you before sharing data.

Safeguards to protect your priavcy

EACH takes data protection and information governance very seriously.

All EACH staff receive formal information governance training annually and are supported with resources, materials and advice to ensure that the organisation complies with the requirements of the various data management and protection legislation and best practice guidance.

An Information Governance Management Group oversees the arrangements for ensuring compliance with required law and standards. Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used in accordance with this privacy policy, applicable data protection laws and other regulatory requirements.

All access to data is managed through role-based security to ensure access to systems and data is restricted only to those who have appropriate authority.

All EACH-owned mobile devices and servers are encrypted, and data is held in a secure data centre. On our website, if the web page starts with HTTPS or if you see a padlock symbol, your data is encrypted when it is sent from your computer to its destination. If you do not see this symbol then it is not encrypted, and you should not send confidential, financial or sensitive data.

Software versions are updated to ensure they are supported, and EACH deploys up-to-date virus protection systems and participates in the NHS CareCERT virus and malware advisory system.

All data processes and systems at EACH are risk assessed to ensure compliance with legal requirements and best practice. The process includes the identification of the legal basis by which all information is processed. Depending on what this is, further steps are carried out to protect your interests; this may mean contacting you to obtain your specific consent or carrying out a balancing test to ensure our treatment is fair.

EACH has a retention policy for all data stored or processed on EACH systems. The retention policy is decided and then reviewed as part of the annual data risk assessment process. Information is only kept as long as it is required, or as long as there is a legal requirement to keep it. Information no longer required is disposed of in a secure manner.

To maximise the security around processing of financial transactions, the EACH website uses industry recognised secure payment processing companies to process payments. This means that whilst on an EACH website you may be seamlessly passed over to a third-party payment portal to complete your transaction (e.g. PayPal or Committed Giving) – this may include the transfer of personal details you have already provided. We will always make it clear where this happens.

Where our website links you to sites hosted by other organisations, we will make this clear, so you know you are leaving the EACH website.

International data transfers

Most of EACH data is processed in the UK or the European Economic Area (EEA) on EACH systems. Occasionally, there may be a requirement to process non-care data outside of this zone. Where data is sent outside of the EEA, we will ensure appropriate controls are in place to give your data the same level of protection as it would have in the EEA. This may be through data sharing agreements, national agreements or confidentiality contracts. If you require further information, you can request it from our Data Protection Officer.

Debit and credit card information

If you use your credit or debit card to donate or pay for a transaction, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard. EACH does not keep your payment card details – all card details and validation codes are securely destroyed once the payment or donation has been processed.

Inappropriate website and social media content

If you post or send any content, we believe to be inappropriate, offensive or in breach of any laws, such as defamatory content, we may use your personal information to inform relevant third parties such as your internet provider or law enforcement agencies.

Changes to the privacy policy

We may need to change this notice in response to different ways of working, or new regulations. The version number and revision date is included in this notice. As a matter of course, we will review the notice every three years or sooner if changes are required. Please ensure you check our website for updates.

Equity and diversity statement

EACH will ensure that the contents of this document are applied in a fair and reasonable manner that does not discriminate on the grounds of any protected characteristic as defined by the Equality Act 2010.

Read our latest editions and sign up to hear more!

Shopping Cart
Scroll to Top