Privacy Policy

At Roy Castle Lung Cancer Foundation we are committed to protecting your personal data.

The details you provide will only be used by Roy Castle Lung Cancer Foundation and its trading company. We will never swap, share or sell your details.

We protect any personal information that you share with us, or that we get from other organisations and we keep it safe. We always aim to be clear with you about how we will use your data and we promise not to do anything with it that you would not reasonably expect.

In May 2018 we will be moving to an ‘opt-in’ only communication policy. This means that we will only send communications to those that have explicitly stated that they are happy for us to do so via their preferred channel (s) (post, e-mail, phone or SMS).

What is the definition of personal data?

Personal information is any information that can be used to identify you.

It can include information such as your name, date of birth, e-mail address, postal address, telephone number, as well as information relating to your health.

The type and quantity of information we collect and how we use it depends on why you are providing it. We promise that we will only gather information from you that is adequate and relevant to be used for an explicit and specific purpose.

Where do we obtain personal data from?

When you give to us directly

We collect personal information about you when you make a donation, ask about our activities, share your story with us, register with us to take part in a fundraising activity or patient information day, participate in a Cut Films project, register for Gift Aid, purchase an item from our on-line retail store or seek information or assistance from us.

We may also obtain information about you from other sources, such as if a family member or friend contacts us on your behalf, or if a fundraiser passes on your details to us.

When you give to us indirectly

You may have provided permission for a company or other organisation to share your details with us (e.g. but not limited to Tough Mudder, Global Adventure Challenges, Ride London, Time Outdoors, Run Britain, The Skydive Centre, Run4Charity, Action Challenge, Payroll Giving). This could be when you register interest or sign up for an event or commit to making a donation through your monthly salary.

If you register your details for on-line fundraising with Just Giving, Virgin Money Giving, Everyday Hero or BT My Donate then those organisations will share your data with the charity. We use this data to contact you to acknowledge your gift and to see if we can offer any support or guidance.

Whenever you provide personal data you should check their Privacy Policy to understand fully how that organisation will process your data.

Social Media

We will only contact you through social media sites such as Facebook, Linked In, Instagram or Twitter if your privacy settings give us access to your contact details.

Online shop

Our on-line retail shop is hosted on Actinic. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored through Actinic's data storage, databases and the general Actinic application. They store your data on a secure server behind a firewall.

To read full terms and conditions for the on-line shop simply follow this link:


If you choose a direct payment gateway to complete your purchase, then Actinic stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

To read the full Privacy Policy for Actinic simply follow this link:

How do we use your information?

  1. We use your personal information to provide you with the information, support, services, or products you have specifically asked for e.g. information about fundraising activities, research, patient services or appeals
  2. We use your information to gain a full understanding of your situation so we can develop and offer you the best possible personalised services.
  3. We use your information for internal administrative purposes (such as our accounting and records), and to let you know about changes to our services or policies.
  4. We use your personal information to claim Gift Aid on your donations.
  5. We may use your personal information to look into, and respond to, complaints, legal claims or other issues
  6. We will use your bank account details to process a donation you have made to us
  7. We will also use your personal data to claim gift aid (if applicable)

Who do we share your information with?

We will not share or sell your personal data with any third parties.

When we advertise services to our supporters e.g. our free Will writing service, Lasting Power of Attorney services, funeral plans, access to legal advice we do not share personal data. It is up to you to make contact- we will never share your personal data with external organisations.

Third party organisations who collect data on our behalf

We work with a number of external organisations who collect data on our behalf. These include, but are not limited to:

Sporting events

  • Time outdoors
  • Action Challenge
  • Skydive Centre
  • Global Adventure Challenges
  • Skyline
  • Real buzz
  • Classic Tours

Information & Support Services

  • Macmillan
  • National Lung Cancer Forum
  • Health Unlocked


  • Virgin
  • Just Giving
  • BT My Donate

Payroll Giving

  • Payroll Giving in Action
  • Sharing the Caring
  • Hands on Payroll Giving

We have given these organisations permission to collect data on our behalf and, unless you specify otherwise, they will share that data with us.

How can you ask the charity to stop using your personal data?

You have the right to withdraw consent for us to contact you at any time.

You are not required to provide personal data to us. However, your failure to do so may affect your ability to provide the services you request.  For example, we are unable to receive a donation from you if you do not provide us with your payment information.

Whenever we send you information in the post or in an e-mail, we will always include a simple and clear way to unsubscribe for future mailings.

If at any time you wish to withdraw your consent and tell us not to contact you then please contact a member of the Data Compliance team:

By e – mail:

By phone: 0333 323 7200

By post: Roy Castle Lung Cancer Foundation Head Office
Cotton Exchange Building
Old Hall Street
Liverpool L3 9LQ

We will endeavour to make sure that your preferences are updated as soon as possible and within a maximum of 72 hours.

How can I update or correct the personal data that the charity has from me?

You can contact us at any time to update the personal details that we have on our database - in fact, that would be a great help to us.

You can also contact us at any time to inform us if you would like to change your contact preferences (post, e-mail, phone or SMS) or to change what information you would like to receive from us e.g. fundraising information, information on our latest appeals, breakthroughs.

If at any time you wish to amend your details, please contact a member of the Data Compliance team:

We will endeavour to make sure that your preferences are updated as soon as possible and within a maximum of 72 hours.

Your rights

You will always have control over your personal data. You have the right to request information about the data we hold on you at any time for free. We promise to provide access to that data within 1 month of your request.

You have the right to correct your data and update your preferences at any time

You have the right to have your data erased at any time.

You have a right to ask us to stop processing your personal data at any time.

If at any time you wish to withdraw your consent and tell us not to contact you then please contact a member of the Data Compliance team:

By e – mail:

By phone: 0333 323 7200

By post: Roy Castle Lung Cancer Foundation Head Office
Cotton Exchange Building
Old Hall Street
Liverpool L3 9LQ

How often will my preferences be refreshed?

We will not pester you but we do want to make sure that we keep your information up to date.

The National Council of Voluntary Organisations working group on consent in September 2016 proposed that large fundraising organisations that undertake mass fundraising campaigns should consider refreshing consent at least every 24 months. Therefore, unless we hear from you sooner, we will make contact with you through your preferred method at least every 24 months.

You can help us to keep the details we have for you up to date by informing us if you move house or change your e-mail or phone number.

Who do I speak to if I have a question regarding the use of my data?

If you have any questions or queries about any aspect of how we store, update and use your personal data then we would be more than happy to talk to you. The most appropriate people to talk to within the charity are the members of the Data Compliance team.

How can I lodge a complaint about the way in which the charity has used my data?

If you have contacted us and you are unhappy with the way in which we have dealt with a query regarding the use of your data then it is within your rights to lodge a complaint with a supervisory authority.

The ICO (Information Commissioner’s Office) is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

You can find out more information or report a concern through the ICO website:

How does the charity keep your data safe and who has access to it?

Everyone who handles your data has a responsibility to protect it in accordance with the law. The charity has a comprehensive Data and Procedure Management policy in place to ensure that staff members are aware of the regulations surrounding the use of personal data. All staff and volunteers who have access to your data will be fully trained.

Password access and the appropriate firewalls are in place to ensure that only those with permission can access your data.

When data is transferred to an external mailing house to distribute our Inspire magazine we ensure that the appropriate measures are in place to protect personal data by using a secure FTP link and password encrypting the data.

What security is in place to protect the loss, misuse or alteration of your information?

A data breach can be defined as, ‘accidental or unlawful destruction, loss alteration, unauthorised disclosure of, access to, personal data’.

In the event of a data breach the charity will contact the ICO (Information Commissioner’s Office) within 72 hours. The consequences of the breach will be documented and the appropriate actions will be taken to mitigate the consequences.

The charity has a commitment to our supporters to alert them if the breach poses a high risk to their rights and freedoms. As a charity, we are committed to notifying the ICO if an individual is likely to suffer ‘some form of damage’, such as an identity theft. We also promise to contact the ICO if the data breach leaves any of our supporters open to financial loss.

How will I know if you make changes to this Privacy policy?

The date in the footer of this document indicates when this document was last updated.

When we make changes to this privacy policy we will make an announcement in the News section of our website.

Cookies and privacy

A cookie is a small file, which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. 

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. 

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. 

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Version: 1.2 11th September 2018

Was this helpful?   
Yes (91)
No (78)
Contact us
Call us now 0333 323 7200