1 - Awareness
Management and Administration for Familigram are aware of the importance of GDPR compliance - ensuring Familigram Users are fully aware of the data that is stored and how it is used by Familigram. Anyone with access to data held by Familigram will be aware of the information in this document and
2 - Information Held by Familigram
The information held by Familigram is acquired from the public sending a POST to a care home resident. This POST information is held within the system for the benefit of reprinting POST for residents when required.
Personal data held from the submission of a Familigram POST
Name of Resident Receiving the POST
Their associated Care Home of Residence
The Senders Name
The Senders Email Address
A Message sent from Sender to Resident
An Image/Photograph to accompany the message
The Date on which the message was sent
Where the data came from
When a member of the public sends a message to somebody living in a care home that is registered with the Familigram service they fill in a form with the above data.
Who has access to the Data
Familigram staff can access the POST of all care homes on the system through an overall access login
Access is via secure password login assigned to individuals.
Care Homes have access to you view the POSTs that have been sent to residents with their home. This is assigned to requested logins by the Care Home themselves. Only to email addresses on the domain of the Care Home - confirmed by the Care Home to have access to the POST.
For Care Home Groups with multiple homes, logins exist for the management / head office where multiple Care Homes under their management can be accessed to view POST.
Data Retention
Familigram POST is stored for the purpose of being allowing reprints for residents and for the initial ease in access and printing of the care home team.
Via www.familigram.com a request can be made to remove any post submitted by a person. Based on the removal of all POST sent by a specific email address. Once a request is made via someone's email address, a confirmation email is sent back to confirm before any POST submitted by the user/email address is removed from the Familigram server.
3 - Communicating Privacy Information
For GDPR Compliance the Familigram Privacy Policy has been amended to give a more comprehensive description of the data collected, the reason for it’s collection, they way it is held, why it is held and our policy on sharing the data. This privacy policy is available via a Privacy Policy link on the Familigram website as well as being displayed at the point at which a POST is submitted.
The additional GDPR focus being why the data is being held and the lawful basis for our approach.
4 - Individuals’ Rights
Addressing the GDPR rights for individuals Familigram address the following aspects of individual rights regarding data held
The right to be informed
Our privacy policy, which also addresses the GDPR is available to view both via the Familigram website on an easy to access link as well as being shown clearly at the point of Familigram POST submission. (the point at which their data is submitted)
The right of access
The data being held is specially for the individual POST messages being sent. No other data around the sender or recipient is stored, so the sender will know what is being held based on the content of the POST they have sent. Security of the data means the public do not have access to the Familigram server to view POST and data but users can request their POST is removed at anytime via the ‘remove my POST and data’ request.
The right to rectification
After the POST is printed, acted approx. 24 hours after the POST has been sent that Data is no longer processed for any other purpose than for that specific POST.
The right to erasure
Using the ‘remove my POST and data’ all POST, and by action, all Data held for a user can be removed. Based on the email address of the sender. All POST sent from a sender can be removed.
The right to restrict processing
On sending a POST we do ask the question ‘please tick if you are happy for Familigram to use this POST as an example - your email address will not be shown’ - This option allows Familigram to show Care Homes how Familigram works with the addition of the senders Post as an example.
The right to data portability
As the data saved is for specific POST messages our offering is to delete this data at request. We do not offer the service for senders to copy the data out and to another service. The right to erasure would be the option here if data was to be removed.
The right to object
With regards to POST existing on the system any individual who has sent in a POST has the right to object to that POST being stored or to object to any previous permissions of that POST. For example if when the POST was originally sent the ‘allow for public view’ had been allowed, the sender could request this to be changed.
The right not to be subject to automated decision-making including profiling
The data stored, does by the nature of the POST connect a resident to a sender by name and email association. Familigram do not use this data in any additional processing or purpose. The POST is simply printed as sent.
5 - Subject Access Requests
Due to Familigram offering a low cost service for messaging care home residents, requests by senders to compile any old POST sent would not normally be met. Simply the service to remove all data associated to your email address. This is due to the labour time involved in sending over your previously sent in POST and sending through to you. Removal is an instant process for Familigram Admin and can instantly resolve any issue that may have arisen in terms of worry over your POSTS being stored.
Allowing senders access to the archives via their own admin is something that may arise in the future but at present the most secure system is for no public access, and for the service to operate it is not essential for there to be public access to previous POST.
6 - Lawful basis for processing personal data
The processing of your Data by Familigram is solely to serve the purpose of delivering the message submitted by the sender to the recipient in the Care Home. By filling in the the form and associated fields for sending a POST along with ticking the confirmation box for the privacy policy permission has been granted that the sender is happy for Familigram to process the information to produce a printable message containing that Data.
The product and service can’t exist without the processing of the data.
7 - Consent
Consent is requested at the submission of any POST. The data in each POST being consented to each time a POST is sent. Familigram do not take a blanket view of all POST sent by a Sender to be consented. Senders are given the opportunity on each submission to consent to the conditions for processing the data via the privacy policy, confirmed with the tick box under the statement at the point of sending the POST message.
8 - Children
The nature of Familigram POST, in sending messages to loved ones living in care homes means it is open to all ages. As the only sender information stored is Name and Email, Familigram have very limited sender details on file. The only real detail being the residents name who they are connected to, in terms of addressing the POST to. There is the potential that a sender may include a photo of a child in the POST message. As a sender they will be shown the privacy policy - whilst indication is made to remind the sender that this is a printed POST that will be in a Care Home - so by that nature not in a secure environment such as a password server.
9 - Data Breaches
Both the Familigram software and server have processing monitor in effect to detect any unusual login attempts or hacks. Along with long and complex password requirements. Senders are reminded that as a service the data they are sending is destined for a printed A4 piece of paper containing that data. So although the nature of the POST is that it is private and for the individual for whom it has been sent, it is in the public domain.
If Familigram had a data breach the data access would be the POST archive - an archive of A4 PDF printable sheets that contain the messages that although destin for individuals, had consent the policy that they would be in the public domain.
10 - International
Although Familigram POST is available to care homes worldwide, the privacy policy is governed in the UK and by using Familigram to send POST users are agreeing to consent to the privacy policy shown.
11 - Public Privacy Policy
On submitted a Familigram POST we ask the user to tick a confirmation box which states “Please tick to confirm our privacy policy. Your data is used just for this POST and is not shared or sold.” - In a box below the statement, the further details are shown as follows:
To ensure Familigram abides by the latest GDPR EU privacy law please find a full disclosure of our privacy policy with details of how we work with your data, which to initially confirm, we only use your data for the Familigram POST you are sending to your friends or family member recipient.
By proceeding to send a Familigram POST and confirming the terms of our privacy policy you will be agreeing to the terms outlined below. When sending a Familigram POST you are submitting the following information. Your Name, Your Email Address, the Name of the Recipient for your message, the Care Home they live in, your message and the photograph you attach.
This information is printed onto the A4 piece of paper Familigram POST and is handed to the resident of the Care Home you have addressed it to. Although not promoted or reproduced and handed around, this Familigram POST is then in the public domain so please be aware that there is the possibility that someone else other than the intended recipient may be able to view its content.
Although your Familigram POST is automatically generated by the Familigram system - Familigram administration approve POST that passes through the system so will see the data contained, if just briefly. At the final delivery the Care Home themselves will then see the POST you have sent ready for printing.
One copy of your Familgram POST will then be printed and handed to your recipient. The POST will remain on the secure Familigram system so that the Care Home admin can log in and do a reprint if required. If you require the deletion of your Familigram POST you can make a request through the Familigram website at www.familigram.com following the link to Privacy Policy and scrolling to the bottom of the page.
Although your Name and Email as sender is contained within the POST along with the Message, Recipient Name and Care Home we do not use your data for any other purpose than for composing your POST message. Your Data is not passed to any other company although it is worth noting that the Care Home receiving your POST will see your Name and Email address as a sender, and it is printed on the POST.
If you have ticked the box that states we are allowed to use your POST as a an example and you decide later that you have changed your opinion on that you have the right to withdraw the permission. Please make the request at the Familigram website at www.familigram.com following the link to Privacy Policy and complete the form at the bottom of the page.
You will receive a link to see your Familigram POST once it has been sent through to your Recipient. POST is sent to the Care Home the day after you send it. By 9am. Familigram do not offer users/senders access to old POST at present for security purposes, although we hope to open this up in the future.
We may at some point send you email with regards to Familigram POST, and only on that subject. Either in connection to the POST you have sent or to a service that applies and assists in how you use the Familigram Service.