TreatSMA

Privacy Policy

security, secure, locked
Last updated: 04 November 2023

At TreatSMA, accessible from www.treatsma.uk, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by TreatSMA and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.

Consent By using our website, you hereby consent to our Privacy Policy and agree to its terms.

Information we collect The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number.

How we use your information We use the information we collect in various ways, including to:

  • Provide, operate, and maintain our website
  • Improve, personalize, and expand our website
  • Understand and analyze how you use our website
  • Develop new products, services, features, and functionality
  • Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
  • Send you emails
  • Find and prevent fraud

You have the right to request:

  • access to any information we hold about you
  • that we amend or correct your information
  • that we delete information we hold about you
  • that we restrict who may see / use your information
  • that you are given your information in a form that you can use

​For more information about how to make these requests please contact us.

1. Data Governance

In accordance with the U.K. General Data Protection Regulations (U.K GDPR) of 2021, it is essential to delineate the roles of data controllers and processors.

At TreatSMA, our Data Controllers are appointed trustees and are tasked with deciding the nature and method of data collection.

Data Processors, which include all our team members, handle the data as per the directives of the controllers, tailored to their specific roles. External processors such as Google, Mail Chimp, and Survey Monkey also play a role. Hostinger, a recognized IT support entity, secures our server, ensuring our database is both secure and functional. Mail Chimp and Survey Monkey manage our email communications and survey distributions, with stringent security measures to protect email addresses and access limited to designated TreatSMA trustees.

This policy aims to clarify our adherence to GDPR compliance.

2. Privacy Assurance

We hold individual privacy in the highest regard and adhere to the principles of the UK General Data Protection Regulations (U.K GDPR) effective from 1st January 2021, the Data Protection Act 2018, the Freedom of Information Act 2000, and the Privacy and Electronic Communications Regulations 2003 (PECR), as well as the E.U. GDPR for data received from the E.U. before 1st January 2021.

The application of these principles varies with our activities, which range from information and support services to fundraising and governance. Managers oversee their implementation and report to the Board as necessary.

The GDPR principles we practice include:

  • Lawful, Fair, and Transparent Processing: We collect and use personal data on legitimate grounds and with transparency, ensuring that individuals have clear information about our data use and protection measures.
  • Purpose Limitation: We are explicit about the purposes for data collection and do not process data beyond these specified purposes without proper consent.
  • Data Minimization: The personal data we retain is relevant and limited to what is necessary for the intended purposes.
  • Accuracy: We ensure the accuracy of personal data and keep it up to date.
  • Storage Limitation: Personal data is retained only as long as necessary and securely deleted when no longer needed.
  • Integrity and Confidentiality: We maintain robust security measures to protect data from unauthorized access, loss, or damage.

3. Proactive Data Protection

In line with Article 25 of the GDPR, we assess our data processing and storage systems for compliance with Data Protection by Design and Default. This policy details our approach, and we conduct risk assessments for new projects as per our established procedures.

4. Safeguarding Organizational Interests

Confidentiality is paramount for our employees and trustees, who are prohibited from disclosing sensitive information about TreatSMA’s operations or stakeholders. Upon departure, all related materials must be returned or securely deleted.

Media inquiries are to be directed to the appropriate person, and sensitive information is to be clearly marked as ‘Confidential’.

5. General Conduct for Staff, Trustees, and Volunteers

Our team is expected to maintain confidentiality at all times, with specific guidelines for handling sensitive information. The obligations of confidentiality persist even after leaving TreatSMA.

Volunteers are trained in confidentiality and are aware of the precedence of safeguarding over privacy.

6. Incident Management

In the event of a data breach, immediate risk assessment and response measures are undertaken as outlined in our Security Concern or Data Breach Notification procedures.

7. Policy Transparency

This policy is disseminated to all staff and trustees upon induction, and a summary is available on our website for public view, ensuring awareness and understanding of our data protection commitments.

Latest Posts

  • Calling on all the community to ACT NOW to avoid losing treatments!

    Calling on all the community to ACT NOW to avoid losing treatments!

    Currently, there are two approved treatments for SMA: risdiplam and nusinersen. These treatments were initially approved temporarily under Managed Access Agreements while the NHS and NICE gathered data to assess their cost-effectiveness. Now, as these agreements come to an end, both treatments face a crucial review.

    Read more

  • NICE’s upcoming Multi Technology Assessment for Spinraza and Risdiplam

    NICE’s upcoming Multi Technology Assessment for Spinraza and Risdiplam

    SMA UK are proud to join together with Treat SMA and MDUK to bring you this webinar about NICE’s upcoming Multi Technology Assessment for Spinraza and Risdiplam. 2024 sees the end of the managed access agreements (MAAs) for the two treatments. An expert committee will gather to assess the new clinical and real-world evidence, along…

    Read more

  • Let the battle begin

    Let the battle begin

    This year the Managed Access Agreement for Spinraza and Risdiplam expires. The MAA was put in place five years ago so the pharmaceutical companies could gather more evidence to resubmit to NICE for approval on the NHS with Biogen extending their MAA by a year.

    Read more