Mission 

The core purpose and associated activities of Stroke Recovery Network.

Personal Information 

Personal Information includes a broad range of information and/or opinions that could identify an individual. Examples of Personal Information include but are not limited to: 

• an individual’s name, signature, address, phone number or date of birth 
• Sensitive Information 
• Credit information 
• Employee Application record information, including but not limited to 
  • Application information submitted and obtained from the Prospective Employee or volunteer and other sources in connection with applications for employment and volunteering at Stroke Recovery Network 
  • Employment performance information 
  • Personal information e.g. home address and contact details, gender, date of birth, next of kin 
  • Information regarding issues and incidents in the workplace 
  • Information obtained to assist in managing stakeholder and business relationships, and 
  • Information documenting the work history of employees and/or members (e.g. letter of appointment and bank account details including records of salary adjustments) 
• Contact and Relationship Management information, including but not limited to 
  • Products and services offered/provided by Third Parties 
  • Current and historical interactions between Stroke Recovery Network and its donors, consumers and stakeholders 
  • Contact details of Employees who provide specialised donor, consumer and stakeholder services 
• Stroke Experience Content  
• Internet protocol (IP) addresses 
• Voice print (e.g. audio recording) 
• Location information from a mobile device. 

Stroke Experience 

Personal Information that captures a person’s lived experiences of stroke, images/photographs and/or video/audio recordings. 

Contributor

A person who actively shares their Stroke Experience with Stroke Recovery Network. 

Sensitive Information 

Sensitive Information is Personal Information that includes information or an opinion about an individual’s: 

• racial or ethnic origin 
• political opinions or associations 
• religious or philosophical beliefs 
• trade union membership or associations 
• sexual orientation or practices 
• criminal record 
• health or genetic information. 

It may also include some elements of biometric information. 

Consent 

Consent is defined as ‘Express Consent or Implied Consent’. All Consent must be informed. The four key elements of Consent are: 

• the individual is adequately informed before giving Consent 
• the individual gives Consent voluntarily 
• the Consent is current and specific, and 
• the individual has the capacity to understand and communicate their Consent. 

Express Consent 

Express Consent is given explicitly, either orally or in writing. 

Implied Consent 

Implied Consent arises where Consent may reasonably be inferred in the circumstances from the conduct of the individual and Stroke Recovery Network. Inference of an individual’s Consent will only be appropriate where the Contributor could reasonably expect the shared content to be used to further Stroke Recovery Network’s Mission and the ability to opt out was clearly communicated and easy to access. 

California Consumer Privacy Act

 

Stroke Recovery Network adheres to the principles set out in the CCPA in the way it collects, manages and uses Personal Information. 

 

Open & Transparent Management of Information 

Stroke Recovery Network’s Privacy Policy is publicly available on its website. 

Stroke Recovery Network will take reasonable steps to inform the individual of the type of Personal Information held and how it collects, holds, uses and discloses that Personal Information. 

 

Collection of Information 

Stroke Recovery Network collects Personal Information that it requires to carry out its work. Wherever practicable, Personal Information is collected directly from the individual. Information may also be collected if publicly available but only where that collecting and holding information is necessary to carry out Stroke Recovery Network’s Mission. 

Stroke Recovery Network has implemented procedures and systems to obtain and record Consent.  

Stroke Recovery Network collects Sensitive Information where Express Consent has been provided and it is relevant to Stroke Recovery Network’s Mission.  

Individuals may be photographed when attending Stroke Recovery Network events. Wherever practicable, Stroke Recovery Network will seek Express Consent for the use of any images obtained. 

Stroke Experience Guidelines 

Stroke Recovery Network has developed specific guidelines to make ethically sound decisions in relation to the collection of Stroke Experiences that abides by relevant legislation and is consistent with Stroke Foundation’s Values and policies.

 

Opt-out or Withdrawal of Consent 

An individual can opt-out of communications or withdraw their Consent to Stroke Recovery Network handling their Personal Information by contacting Stroke Recovery Network by email: contact@strokerecoverynetwork.org

 

Collecting your personal information via Stroke recovery network websites 

Stroke Recovery Network uses technology such as ‘cookies’ to gather Personal Information. We do this for two reasons, to ensure our online resources are easier to use and so that we can understand the needs of our users better. When you visit a Stroke Recovery Network site on your device, you may be sent a file containing unique information based on your use of our sites (this is called a cookie). This allows our sites to recognise your device and whether you have visited our site before. Information that is collected by us may be your IP address, ISP (internet service provider), web browser used (e.g. chrome, internet explorer), operating system used and which of our website pages you visited.  

The information we gather also allows us to better track traffic and engagement. We use the Google Analytics service to gather this information. This provides us an insight into our websites in areas such as demographics, interests, impressions, remarketing, and reporting. With this research and insight we are able to continuously improve our services and understand where there is a need for further resources to be developed for our community. We may also use third party cookies (such as Facebook pixels), so that we can better measure our performance and target sponsored and unsponsored content to you on those third-party platforms. We also use links in our emails to track open and click-through rates. This helps us learn and ensures we improve the quality of services, programs and resources. We use the Google Analytics service to gather this information.  

By using our websites and viewing our emails, you are consenting to this information being gathered by Google Analytics. It is important to note that this information does not identify individual users. If you do not wish to receive cookies, you can go to the settings section of your browser and set this to not receive cookies. You can also opt out from Facebook advertising by going to “Why am I seeing this?” on a specific Stroke Recovery Network Facebook ad, selecting “Options” and then selecting “Hide all ads from this advertiser.” 

 

Data Security & Handling 

Stroke Recovery Network undertakes all reasonable steps to protect Personal Information from loss and unauthorized misuse, access, interference, modification or disclosure, including storing data within the United States. 

Stroke Recovery Network takes all reasonable steps to securely destroy or permanently de-identify Personal Information for which there is no ongoing business, regulatory, contractual or legal requirement. 

Stroke Recovery Network retains data consistent with Stroke Recovery Network’s business, legal and regulatory purposes.  

Stroke Recovery Network maintains Data Retention and Data Breach Management Procedures in support of this Policy. 

 

Use & Disclosure 

Use 

Stroke Recovery Network will use the Personal Information it collects to: 

• Contact its donors, consumers and Stakeholders; 
• Comply with legislative and regulatory requirements; 
• Identify donors, consumers and Stakeholders when they request information, change their details or have queries; 
• Empower the stroke and wider community through sharing stories, lived experiences and images; 
• Ensure the continuous improvement of Stroke Recovery Network’s business, workforce and services; 
• Customise advertising and marketing content. 

Stroke Recovery Network will use the Personal Information it collects for the original purpose for which it was disclosed, a directly related purpose with Consent or as required or permitted by law. 

Disclosure 

The organization may disclose Personal Information it holds where there is a legal obligation to do so, including a lawful duty of care. 

There are ‘special’ situations which allow the use or disclosure of Personal Information, for example, where Stroke Recovery Network reasonably believes 

• the use or disclosure is necessary to lessen or prevent a serious threat to life, health or safety of an individual or to public health or safety, or 
• an individual may have engaged in unlawful behaviour or serious misconduct that relates to Stroke Recovery Network’s activities. 

In such circumstances, Stroke Recovery Network is obligated to disclose the Personal Information and take appropriate action. 

Disclosure to Third Parties 

Stroke Recovery Network may disclose Personal Information to the following Third Parties where there is a business need to do so: 

• To related entities; 
• To Contractors, Consultants and other service providers appointed by us; including but not limited to website and data hosting providers, technology service providers and advertising and promotional agencies; 
• To our professional advisers, including but not limited to accountants, insurers, lawyers and auditors; 
• To an attorney, financial advisor, accountant or medical practitioner who certifies in writing on letterhead that he/she acts for an individual and makes a specific request for specific information, with evidence of the appointing instrument provided; 
• Otherwise with Consent or as required or permitted by law. 

Prior to disclosing Personal Information to Third Parties, Stroke Recovery Network will agree upon confidentiality terms binding such Third Parties to the same or greater level as provided for in this Policy. 

 

Access & Correction 

Stroke Recovery Network will take all reasonable steps to ensure the Personal Information it collects is accurate, complete, up to date and relevant, having regard to the use or disclosure of the Personal Information it holds.  

Individuals may gain access to their Personal Information held by Stroke Recovery Network if it is reasonable and practical to do so.   

Stroke Recovery Network will respond to an access request within a reasonable period, 14 days for simple requests and not exceeding 30 calendar days for all requests. Should an access request be refused, Stroke Recovery Network will provide the requestor with a written notice, including information on how to dispute a refusal. 

An individual can request to correct Personal Information held by Stroke Recovery Network. Stroke
Recovery Network will respond to the request within a reasonable period of time. 

Employees will be trained in organizational procedure on how to respond to requests for access to personal information. 

 

Feedback

Stroke Recovery Network welcomes feedback on this Policy which may be provided through Stroke Foundation’s Contact Us page.  

 

Stroke Experiences are the lived experiences, images and digital recordings of the people in our stroke community. Sharing the experiences of people in our stroke community is an important part of what we do. 

Stroke Recovery Network understands that mismanaging communications can harm both the people we strive to support, as well as our organization. We also recognise the opportunity for sharing experiences to empower Contributors, as well as those who hear it.  

Consent 

• Stroke Recovery Network seeks to establish Express Consent wherever possible for the collection and use of Stroke Experiences. 
• The terms of Consent provide a three-year timeframe for which Consent is given, as we understand that circumstances change and information should not be used indefinitely. Renewing Consent aims to ensure the currency and accuracy of experiences and/or photographs and provides an opportunity to our Contributors to share new experiences. 
• Stroke Recovery Network’s digital library collection and review process requires that Consent is recorded for Stroke Experiences. 

Communication 

Stroke Recovery Network’s engagement with Contributors will include, where relevant, discussion of the opportunities and risks associated with sharing Stroke Experiences and examples of how that content might be used or published. 

Stroke Recovery Network is proactive in communicating with Contributors about the publication of their Stroke Experiences, even with established Consent. This means that Stroke Foundation will take all reasonable steps to engage with Contributors prior to publication and provide them with access to all published material.