This privacy notice sets out how Douglas Macmillan Hospice (DMH), also known as Dougie Mac uses and protects personal information collected.

DMH is committed to ensuring that an individual’s privacy is protected under the Data Protection Act 2018 specifically regarding information collected, by which an individual can be identified.

DMH may change this notice when necessary by updating this document. You should check the latest version from time to time to ensure that you are content with any changes.

This privacy notice tells you what to expect regarding personal information collected:

  1. Why we require your information
  2. What information we collect
  3. How and when we collect your information
  4. Lawful basis for processing your information
  5. How we use collected information
  6. How we keep your information secure
  7. How long we keep your information for
  8. Controlling your personal information and access rights
  9. Recording of electronic images
  10. Photographs and moving film images
  11. Safeguarding adults and children
  12. Protection of minors
  13. Approval & accessibility of privacy notice
  14. Right to complain
  15. Version control
  16. Subject Access Request Form

1. Why we require your information

We will require your personal identifiable information if you:

  • are a patient accessing care services
  • are next of kin or a carer of a hospice patient
  • are a parent or guardian of a child (under 18 years of age) in our care
  • are a carer referred individually to the hospice for end of life carer support
  • access any of our services as a relative, next of kin, parent or guardian of one of our patients
  • support or engage with us by participating in events, initiatives and/or campaigns
  • donate money, services or goods to us
  • have registered for Gift Aid and/or participate in our Retail Gift Aid Scheme
  • apply for a job
  • hold a contract of employment with us i.e. are working for us
  • apply for a volunteer role
  • volunteer your time on a formal basis
  • provide goods or services to us
  • make an enquiry, request or a complaint
  • enquire, book facilities or attend meetings/training within our Learning and Development centre
  • historically were engaged with us in a way detailed above

2. What information we collect

We may collect the following information: 

  • Name
  • Title and honours
  • Personal and business contact addresses
  • Personal and business email mail addresses
  • Personal and business telephone numbers
  • Job title
  • Demographic information such as age range
  • Other information relevant to the relationship held with the organisation
  • Financial information such as Credit/Debit card details
  • Date of birth
  • Gender
  • Next of kin and their contact details
  • Your association with the organisation e.g. staff, volunteer, patient, carer, donor (not exhaustive)

Additionally if you are a patient, receiving treatment or care we may also collect more sensitive data relating to:

  • your medical history
  • current medical records
  • information concerning your personal demographic data including ethnic origin, spiritual preferences and contact details regarding your carers and/or family members.

If you have been referred to us by a health care professional this information will be provided by your doctor, another healthcare professional or the NHS. We store this information securely on our computerised medical record platform.

If you apply for a paid job or volunteer role we will require:

  • documentation for proof of identification purposes (and DBS requirements if necessary for the role)
  • information regarding previous employment and or volunteering activity
  • information about your education/qualifications
  • personal demographic data including ethnic origin
  • vaccination status

This information is securely stored on sector recognised computerised software platform.

3. How and when we collect your information

We will collect your information on either paper, electronic forms or via the web and subsequently record and store this information on electronic information systems whenever you interact with us. This may be when:- 

  • Supporting and/or donating towards funding the care we provide
  • Registering for an event/campaign
  • Buying goods in our shops or online
  • Enquiring about our care services and accessing our care services
  • Enquiring about a meeting room or attending a meeting or training session
  • Applying for a volunteer role
  • Applying for a job
  • Submit a general enquiry
  • Joining our Lottery
  • Purchasing a Lottery product eg weekly draw, raffle ticket, scratchcard
  • are making a complaint

4. Lawful basis for processing your information

We will observe the requirement to have at least one of the six recognised lawful basis for processing data (personally identifiable information) always upholding an individual’s rights and interests, namely:

  • You have given consent
  • We believe there is a legitimate interest
  • A contract exists between you and DMH
  • We are legally required, entitled or instructed to do so
  • We believe there is vital interest to protect someone’s life
  • Deemed to be lawfully in the public interest and part of our formal basis

5. How we use collected information

We require relevant and appropriate information to carry out activities regarding your relationship with us and provide you with an excellent service. From time to time we may use this data to:

  • keep our information systems fit for purpose and up to date
  • run a health check on our supporter data bases contracting the services of a specialist*
  • print and fulfil a mailing and associated printed materials using the services of a mailing house*
  • meet employment and other contractual obligations
  • to improve our services
  • process your data and communicate with you for the reasons given at the point of collection
  • communicate with you when you request us to do so, such as to receive specific or general marketing information
  • communicate with you on the grounds of legitimate interest
  • communicate with you by email or text message when you have given consent

*In order for Douglas Macmillan Hospice to operate, we need to engage with other organisations for the provision of some services. We always enter into Data Sharing agreement that is legally binding for both parties to ensure complete adherence to Data Protection Act 2018 by all stakeholders. All third part contracts are assessed to ensure compliance with the General Data Protection Regulations.*

6. How we keep your information secure

DMH is committed to ensuring your information is kept safe and secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to keep safe and secure the information we collect online and offline. We use sector approved secure electronic databases to protect and store your personal information.

 Specifically, financial information such as Credit/Debit card details collected online and offline are securely processed through our various financial service providers, observing the most up to date PCI DSS standards, and all card details recorded in a paper based form will be destroyed once the process is completed, using a cross shredder at DIN Level 4.

 Information collected to facilitate sales transactions using card readers is similarly securely processed through our various financial service providers and information on receipts is encrypted using industry standard methods.

 We will never retain your financial information within our electronic database without applying encryption security.

7. How long we keep your information for

We will only retain your information for the purpose it was collected, as stated at the point of collection. Your information will be kept for the period of time the purpose it was collected dictates and/or as long as we are legally bound to keep it – such as HMRC regulations.

8. Controlling your personal information and access rights

We will never sell, distribute or lease your personal information to third parties.

We will only share your information with other healthcare services, when required as part of care being received, in all other circumstances we will only share your information with another third party with your permission.

Data Subjects may request a copy of all information being held at any point and this will be provided in excel spreadsheet format.  

Requests can be made by using any of the contacts options below or by using the Data Subject Access Request Form (see section 16), also available online at

A formal written request will be responded to within 28 working days, which may be extended, if the request is numerous or complex.

Where information being held is thought to be inaccurate, corrections will be made upon receipt of notification of the correct information by one of the contact options listed below. We will correct any information found to be incorrect or remove information thought to be inaccurate.

Contact options

  • By Phone – 01782 344300
  • By Email –
  • By post or in person – Douglas Macmillan Hospice, Barlaston Road, Stoke-on-Trent, ST3 3NZ

9. Recording of electronic images

We have CCTV cameras in place on both hospice sites in Barlaston and Trentham Lakes, as well as in our shops in Meir and Burslem. The footage recorded will be stored for 30 days before it overwrites itself. In particular circumstances such as an investigation we may have need to keep a copy of the footage(s) for evidence. Once an investigation is completed the recordings will be securely destroyed.

10. Photographs and moving film images

All photos and image recordings which mean an individual can be identified will be treated the same way as any other format of personal data.

Before we take any individual or a group of people’s photograph and/or moving film images on the Hospice premises or shops, we will obtain full consent from the individual using appropriate consent forms. We will ensure that these are captured and used, fairly and lawfully.

11. Safeguarding of adults and children

We are committed to preserving confidentiality regarding identity, however, there may be occasions when we are required to inform Local Authority Safeguarding Teams and/or the Police where there may be experience or risk of abuse and neglect and any acts outside the law.  Although we would usually seek peoples consent before taking this action, we may sometimes have to do this without consent in accordance with local and national safeguarding policy and procedures.

12. Protection of Minors

We consider anyone under 18 to be a minor and protection of children and young people is important to us. 

We will only collect data and information from young people, under 13, with permission of a parent or appointed guardian and therefore we will require confirmation of consent from a parent or appointed guardian.  Consent must be demonstrated at the point personal information is collected.

If we collect personal information unknowingly without such consent we will attempt to inform the parent or appointed guardian. This information will be securely destroyed or securely archived if a donation has already been administered.

We will collect data and information from young people aged over 13, but under 18, without parental consent, but we will require age verification to ensure we can process the information and communicate in ways that are legal and compliant.

We will flag on data recording systems, the age and/or date of birth of the young person, at the point at which the age was admitted.

13. Approval and accessibility of privacy notice

This privacy notice and any associated Data Protection Policies are approved by the Senior Executive Group and Trustee Board of DMH and reviewed at 3 year intervals, as a minimum.

The notice will be posted on our website, notice boards on our premises, our internal intranet and produced as a hard copy on request.

This notice can be made available to you in an alternative format that suits your specific needs upon request, such as a different language, brail or an auditory format.

14. Right to complain

Should you have any concerns about the way we process your data, you have the right to complain and we would encourage you to contact us in the first instance so that we can attempt to resolve any concerns. Our contact details are as follows:

  • By Phone – 01782 344300
  • By Email –
  • By post or in person – Douglas Macmillan Hospice, Barlaston Road, Stoke-on-Trent, ST3 3NZ

If you are not satisfied with our response you can also complain to the ICO about how we have used your data.

The ICO’s contact details are:

  • Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
  • Helpline number: 0303 123 1113

15. Version Control

The current updated frequency of this document is 3 years.

Version 1: 1/06/18

Version 2: 4/02/21

Version 3: 26/01/22

16. Data Subject Access Request Form

Please click here to open the Data Subject Access Request form.