Privacy Policy


The Friends of the Royal Marsden, Surrey is a registered charity. As part of our objectives, we raise funds to provide amenities, medical equipment and services for the wellbeing of patients at the hospital.

To help us do this we may collect and process your personal data in connection with:-

  • Donations
  • Subscriptions for membership of the Friends of the Royal Marsden, Surrey
  • Recruitment of volunteers

We adhere to the requirements of the General Data Protection Regulation 2018 (the “GDPR”) and respect any personal data you share with us. We will be clear about when we collect your data and will only use your data for the purposes which you would reasonably expect.
Please read this policy carefully to understand how we collect, store and use your information.

Contacting us

The Friends of the Royal Marsden, Surrey is a data controller in respect of your personal data. If you have any questions about this policy or the ways in which we may process your personal data, please contact us:

Data Protection & Privacy
Friends of the Royal Marsden, Surrey
Downs Road

Telephone: 020 8661 3082

What personal information we collect, and how

Personal information is information that can be used to identify you or tell us about you. We will only collect what we consider necessary. This may include the following:

  • Your name
  • Your contact details
  • Donations you make to us
  • Gift Aid status
  • Enquiries, feedback and complaints
  • Date of birth (if a volunteer)
  • Logs of communications we’ve sent you and you’ve sent us
  • Your bank details
  • Your personal and charitable interests
  • Any relationships relevant to your support, e.g. a relationship to the hospital, the cause, or to another one of our donors
  • Data collected from your website use using cookies
  • Employment history / qualifications / health / convictions – (if a volunteer)
  • Photographic and address ID (if a volunteer)

Sensitive Data

Occasionally we may need to collect information that is considered to be sensitive. For example, health information you have given us related to your application to be a volunteer. On most occasions where we collect sensitive personal data we will obtain your consent and advise you of what we are collecting and why. Also, please see Your rights

How we collect personal information

We will collect personal information directly from you when you:

  • Ask about our activities
  • Make a donation
  • Pay a subscription
  • Apply to volunteer
  • Engage with our website
  • Make an enquiry or complaint
  • Write, email or talk to us on the phone or in person

We may collect personal data indirectly from you in the following ways:

  • We collect contact details, financial transactions, Gift Aid status and communications preferences via third party fundraising platforms e.g. Virgin Money Giving, that support your fundraising
  • We gather and observe data about supporters’ use of our websites, such as which pages are most visited –please see Our website and Cookie Policy

Ensuring the accuracy of your information

We aim to ensure that all information we hold about you is accurate and, where necessary, kept up to date. If any of the information we hold about you is inaccurate and either you advise us or we become otherwise aware, we will ensure it is amended and updated without delay. You can find our contact details above.

Why we collect and how we use your information

As a data controller, The Friends of the Royal Marsden, Surrey takes its responsibilities under the GDPR very seriously. Our lawful bases for processing your data are as follows:

  • We have a legitimate interest in processing your data to run our registered charity effectively and efficiently and in connection with your membership of the Friends of the Royal Marsden, Surrey. The personal data we process on this basis include contact and identification details and financial transactions. We also have a legitimate interest to process your data to manage volunteers
  • We also process data to comply with legal obligations. The categories of personal data we process on this basis include contact and identification details, financial transactions and Gift Aid status. This may also include processing for fraud prevention purposes. Charities are known to have been targeted for illegal purposes such as money laundering and so we are required to monitor financial activity and report suspected fraud to the appropriate authorities.
  • We also have to process data to comply with legal obligations as part of pre-volunteer recruitment, to meet immigration law obligations
  • for the performance of a contract – for example, we need your personal detail to process your application to become a volunteer at the Friends

Legitimate interest

We process some of your personal data in a manner that you would reasonably expect to pursue our legitimate interests. We have carefully balanced your interests against our interests when deciding whether this is appropriate. Our legitimate interests and the purposes for processing that fall under each of them are as follows:

Processing and record keeping

  • Processing your donation(s)
  • Acknowledging donations
  • Processing subscriptions
  • Acknowledging subscriptions
  • Managing feedback and complaints
  • Keeping a record of your communications with us
  • Contacting members with matters relevant to membership of the Friends including the issue of reports and invitations to meetings

Managing volunteers

  • Managing rotas
  • Keeping a record of communications
  • Attendance at/compliance with training
  • Training records

Compliance with legal obligations

We require data in order to process Gift Aid claims. We are required to meet tax obligations relating to Gift Aid declarations.

We are also required by law to protect against the possibility of charitable donations being used as part of criminal activity such as fraud or money laundering, which would need to be reported to the authorities. Such instances are rare but where a risk is highlighted, we are required to process personal data in order to carry out due diligence in order to be confident in accepting legitimate offers of support.

We are required by law to conduct pre-recruitment and identity checks in accordance with immigration legislation.

Information sharing and disclosure
We will not, without your consent, supply any of your personal data to any third party except for the following reasons:

  • We are required to do so by law enforcement or regulatory bodies where this is required or allowed under the relevant legislation
  • We share personal data with The Royal Marsden for volunteer management.

Law enforcement

We will disclose your personal information to third parties if we are required to do so through a legal obligation (this would include but not exclusively, HMRC, Information Commissioner’s Office, Charity Commission, Companies House, the police or government bodies); to enable us to enforce or apply our terms and conditions or rights under an agreement.

The Royal Marsden

We work closely with The Royal Marsden in managing the volunteers that help in the hospital. It is necessary for us to disclose information to The Royal Marsden in the following ways:

  • Volunteers – We will share your personal data with the hospital as part of the recruitment process and to enable them to support your volunteer experience and have access to the relevant training. The Royal Marsden will be the data controller of any personal or sensitive data provided with regards to your work in the hospital e.g. your occupational health data
  • We will share your name and address with the Royal Marsden NHS Foundation Trust as you automatically become a member of the Royal Marsden NHS Foundation Trust when you volunteer

The Royal Marsden Privacy Policy can be found here

Under 16s

If you are aged 16 or under, and would like to make a donation please make sure that you have your parent or guardian’s permission before giving us your personal information. When we collect information about a child or young person, we will make it clear as to the reasons for collecting this information and how it will be used. We will not communicate with under 16s directly beyond fulfilling the relevant service i.e. acknowledging the gift. You can withdraw consent at any time (see Contact Us).

Vulnerable circumstances policy

We recognise the importance of protecting our vulnerable supporters and donors fairly. We believe this helps to support our volunteers who come into contact with supporters in providing high quality customer care, ensuring anyone donating to us is in a position to make a free and informed decision.

Storing your information

We take information security very seriously. No one is allowed to access our system or files unless this is necessary to provide a service to you or for one of the other purposes discussed in this notice. We will keep all your information secure and only for as long as is required, taking into account our legal and financial obligations, legitimate interests and contractual arrangements.

When we no longer need to retain your information we will ensure it is disposed of securely at the appropriate time. For more information regarding our retention policy, please contact us (see Contacting Us).

Our website

To make full use of our website you need to accept cookies. Without cookies you can still visit our website but some features won’t work. More information on cookies can be found in our Cookies Policy.

Our website is hosted on a secure server. Any information you send to us over the internet is encrypted using secure socket layer technology (SSL). Although we cannot 100 per cent guarantee the security of any information you transmit to us, we enforce strict procedures and security features to protect your information and prevent unauthorised access.

Our website contains a link to one other website belonging to a third party – Virgin Money Giving. However, we would advise you that we do not have any control over the privacy practices of this site. You should make sure when you leave our site to visit another site that you have read and understood that site’s privacy policy.

Your rights

Under the GDPR, you have the following rights:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to portability
  • The right to object
  • Rights in relation to automated decision making and profiling.

For full information on each of these rights and when and how they apply, please see the:-

If you wish to obtain a copy of the information we hold about you, please contact us:
Privacy Information Request
Friends of the Royal Marsden, Surrey
Downs Road

Or telephone on 020 8661 3082 or email: 

We trust that you will not have cause to complain about us. If a problem does arise you are, of course, entitled to complain – if you have any concerns or complaints that cannot be raised with us through the above details, you can also contact the Information Commissioners Office website:

This policy is effective from 17th May 2018



Our Christmas Cards






Friends of The Royal Marsden, Surrrey
The Royal Marsden Hospital,
Downs Road,

Charity Number: 1120637

Follow this link to make an online
donation via Virgin Money Giving


Friends of The Royal Marsden, Surrrey
The Royal Marsden Hospital,
Downs Road,

Charity Number: 1120637

Contact Us

Follow this link to make an online
donation via Virgin Money Giving

© Friends of the Royal Marsden, Surrey | Web Design by Web Social