Who we are
One NHS Finance is hosted by HFMA.
One NHS Finance takes the management of individual’s personal private data seriously and complies with the Data Protection Act 1998 and the General Data Protection Regulations (EU) 2016/679.
The HFMA is a registered charity in England and Wales, no 1114463 and Scotland, no SCO41994. HFMA is also a limited company registered in England and Wales, no 5787972.
We are dedicated to protecting the public interest by setting and promoting the highest standards in financial management and governance in healthcare.
What information we collect
We collect the following information:
- name, job title and organisation
- contact information including email address
- information such as postcode, preferences and interests
- inclusion and diversity information for members including; gender, age, ethnic origin and disability
- other information relevant to member surveys and/or offers
- digital images and videos at our events
- any other information required to process your membership/course application or enquiry that you submit to us
The personal information HFMA collects will be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
What we do with the information we gather?
We require this information to understand your needs and provide you with a better service, and for the following reasons:
- process your enquiry or application
- internal record keeping
- we may use the information to improve our products and services, or to shape the content that we provide to our members
- we may periodically send promotional emails about new products, events, special offers or other information which we think you may find interesting using the email address which you have provided
- from time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, mail or email. We may use the information to customise the website or our app according to your interests
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect from you.
Controlling your personal information and our duty
You may choose to restrict the collection or use of your personal information in the following way:
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by emailing us at firstname.lastname@example.org
- Subject to your communication preferences, HFMA may share your personal information (name, email, job title, organisation) with our third party service providers for the purposes of completing tasks and providing services to you on our behalf . However, we only intend on keeping your data for the time it is necessary and to not use it for anything other than the purpose it was collected for.
- You also have the right to request us to erase your personal information or to restrict our processing of your personal information or to object to our processing of your personal information.
However, we only intend on keeping your data for the time it is necessary and to not use it for anything other than the purpose it was collected for.
Alternatively, if you believe that any information we are holding on about you is incorrect or incomplete, please email us at email@example.com as soon as possible, and we will promptly amend it.
Special category data
HFMA will never share special category data and will only use this information to inform the association about who our members our and to shape the services we offer. All special category data that we collect from members is stored and processed in accordance with GDPR legislation.
If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
If you request a password reset, your IP address will be included in the reset email.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.