The ESCAPE-pain programme is hosted by the charity Orthopaedic Research UK under licence agreement from Guy’s and St Thomas’ NHS Foundation Trust. Both parties are committed to protecting your personal information. Together we take great care to protect and respect the rights of individuals in relation to their personal data. See links below for more information on how we use and protect your information.
This privacy notice explains how and why we use your personal data to ensure you remain informed and in control of your personal information.
The General Data Protection Regulation (GDPR), which was implemented in May 2018 and the Data protection Act 2018, provide new guidance and transparency on the processing of personal data and gives more rights to individuals and more obligations to organisations holding personal data.
This privacy notice explains specifically what information we collect and how your personal data will be used. The new regulation requires us to have valid reason and basis to process your information. In this case we have decided that we will be using consent as the legal basis of processing and in particular to allow us to contact you. This means you have a choice as to whether you wish to receive messages from us. You also have the right to withdraw your consent to us processing your personal information at any point. However, there may be circumstances when this is not possible as we may need to comply with our legal obligations.
This is entirely optional, and you have the right to change your mind and withdraw consent at any time. If you decide you no longer wish to be contacted by us please notify us by email to firstname.lastname@example.org.
If you choose to unsubscribe from email contact by ESCAPE-pain or an associated third party, it may take a few days to remove your details from our list. Regrettably, this may mean you might receive an email before your details have been updated.
What information do we collect about you and how do we use it?
Type of Information
We collect information from you when you complete the ESCAPE-pain survey at the beginning and end of the programme via this website.
We ask for your email address in order to complete the ESCAPE-pain surveys are required.
We ask you to answer questions about the primary location of your pain (hip or knee or back), the location name of where you are attending ESCAPE-pain, and demographic questions related to age, gender, ethnicity and post-code.
The demographic questions are optional and you are not required to give this information if you do not wish to.
We ask you to complete one questionnaire (listed below), the scores of which you can use to measure your progress throughout the programme.
- Knee Osteoarthritis Outcome Score (KOOS) - This questionnaire will you understand your knee joint pain OR
- Hip Osteoarthritis Outcome Score (KOOS) - This questionnaire will help understand your hip joint pain OR
- MSK-HQ for those with chronic back pain - This questionnaire will help understand you back pain
Finally, we ask you about how many ESCAPE-pain classes you have missed
How do we use it?
We use your email address for three reasons. Firstly, the email address is needed in order to send reminder emails to users who are nearing completion of the ESCAPE-pain programme, and to invite them to complete the end-of-programme survey. Secondly, we send the results of the questionnaire to users at the end of each survey. This allows users to view and preserve their clinical outcomes scores for their records. The third reason we collect an email address is to ensure we can link the first and second survey information together to produce the end report for users, and linked data for the ESCAPE-pain team.
We ask you to identify the joint affected by pain in order to select the appropriate questionnaire to complete.
We ask you to identify the location of where you attend the ESCAPE-pain programme in order to be able to track progress by geographical region and to stratify results by ESCAPE-pain provider which can be important in identifying trends in service delivery.
Demographic data is used by the ESCAPE-pain team to monitor inclusion into the programme. This data will never be shared with any Third Party.
We will use the information provided in your clinical questionnaires to measure overall progress through the programme for all participants. This information is used in an anonymous and aggregated format to evaluate whether or not the programme continues to be clinically effective. It is also used to produce a user report which is displayed at the end of each survey. Finally, we may from time to time produce anonymous reports for ESCAPE-pain providers who wish to assess their service delivery around the ESCAPE-pain programme.
The attendance data is used to monitor uptake and attrition of the ESCAPE-pain programme.
Type of Information:
We collect information from you when you visit our website. Website usage information is collected using cookies.
How do we use it?
Please see the section below on ‘Cookies’.
With Whom Do We Share the Information That We Collect?
Your data will be held securely within our databases and we will not share your personal details with third party companies for marketing purposes.
We will not sell, trade, rent or make available your personal information to others unless you have given us your permission to do so.
We work with Pad Creative Ltd, our website developer and support company, who have access to the details you register with. Pad Creative Ltd will never use these details other than to provide you with an account, or for any maintenance or improvement matters.
We compile anonymous records of user trends which we may make use of ourselves, or to unconnected parties. This information is used in an anonymous and aggregated format and will not include any personal information by which you may be identified.
We may disclose details about use of our website/apps/online tool to other businesses e.g. to demonstrate patterns of use to business partners. The information we pass on will not include any personal information by which you may be identified.
We may forward your personal details to the police or another regulatory body or government authority if we are asked to do so or wish to do so in order to comply with the law or in relation to the investigation of suspected illegal activities or in relation to any suspected misuse by you of our website/apps/online tool or any of our digital services.
We have adopted measures to ensure that users' personal details are not misused, accidentally destroyed, lost or altered. Where information is transferred to a third party, that third party will be required to keep your personal details secure.
We endeavour to prevent unauthorised disclosures of your personal information by other people, but we are not responsible for any unauthorised disclosures or other breaches of security or for the actions of others if the information was passed to them with your authority or with the authority of anybody other than us or our member organisations.
Please be aware that if you disclose information on chat areas, forums or other public services it may be possible for other people to use this information. We are not responsible for the disclosure of any information you post in this way.
Your data is securely transmitted/encrypted in transit over secure https protocol, from the website to the server. Furthermore, all data on servers is encrypted at rest. All servers have firewalls in place.
We use Let’s Encrypt a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG). They provide digital certificates needed in order to enable HTTPS (SSL/TLS) for websites and in doing so create a more secure and privacy-respecting Web.
Our handling of your data is compliant with the General Data Protection Regulation launched in May 2018 and the Data protection Act 2018.
We will only use and store information (except for email addresses) for as long as it is required for the purpose it was collected for. This is dependent on the information in question and what it is being used for. We will continually review what information we hold and delete what is no longer required.
Email addresses are only stored for a period of 12 weeks from first entry to the site. After this time, email address data will be deleted from all servers.
Transfer of Details outside the EEA
Given the global nature of the Internet, use of the Internet to collect and process personal details may involve the transmission of data internationally. Therefore, by browsing this website and communicating electronically with us, you acknowledge and agree that we may process your personal details outside the European Economic Area (EEA).
However, we will always endeavour to ensure that any third party to whom your personal details are transferred will take appropriate steps to safeguard your personal details in accordance with the General Data Protection Regulations and Data Protection Act 2018.
Updating Your Details
Accessing Your Details
You have the right to request a copy of the information that we hold about you, free of charge. If you would like a copy of some, or all, of your personal information, please provide a written request. To make a request, you should send an email to email@example.com and provide your full name, postal address and postcode. Requests for access/ change/deletion of data must be made to us within 12 weeks of first access to the website, after this time, email address which acts as an identifier will be removed from our databases and we will no longer be able to identify individual level data.
We will correct any inaccuracies if these are notified to us within the 12-week period stated above.
You can also request that the personal details that we hold about you are removed from our system within the 12-week period noted above.
What are cookies?
Cookies are small pieces of data that are gathered from the device you use to visit our website, for example your computer, tablet or mobile phone. Cookies are created to improve your experience of websites, for example they are needed for shopping carts or if you visit a site where you need to log in.
Cookies can be classified into persistent or session and first party or third party, explained below:
- session cookies are created temporarily when you a visit a website, for example to remember your information entered in a form when navigating to different pages. They do not contain any personal information about you and are deleted when you leave the site
- persistent cookies (also called a stored or permanent cookie) are used to collect information such as web surfing behaviour or preferences for a specific website. These cookies are not deleted when you leave the website, but expire after a set period
- first or third party cookies – these describe whether the cookies are issued by the website that you are currently visiting (first party) or by a different site (third party).
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Changing your cookie settings in your browser
To control the way your device manages cookies, go to your browser settings. The links below are designed to help but are not exhaustive:
- Changing cookie settings in Google Chrome
- Changing cookie settings in Firefox
- Changing cookie settings in Safari (OS X)
- Changing cookie settings in Internet Explorer (Information for IE8 and above)
- Changing cookie settings in Safari (iOS)
- Changing cookie settings in Android
For more information, visit the Information Commissioner’s Office website: www.ico.org.uk