Compliance Policies

1. Who We Are

BloodText is a blood donor engagement platform for Caribbean blood banks, operated by EIM Communications LLC, a company registered in Wyoming, USA. The platform serves blood banks and their donors across the OECS region.

For privacy matters, contact us at terms@eimcomms.com.

2. Website Visitors

When you visit BloodText.org or BloodBankVC.org, we collect anonymous, aggregated data about how the site is used, such as page views and general traffic patterns. This is done using Cloudflare Web Analytics, which does not use cookies and does not track you as an individual across sessions or across other websites.

We do not collect your IP address, device fingerprint, or any personally identifiable information simply because you visited the website.

3. Registered Donors

If you are a blood donor registered with a participating blood bank, and you have consented to receive communications via BloodText, we hold the following personal data about you:

• Full name
• Date of birth
• Sex
• Citizenship
• Blood type
• Mobile telephone number
• Email address (if provided)
• Dates on which donations are made

4. How We Use Your Data

We use your personal data solely to deliver post-donation communications on behalf of your blood bank, to keep you informed about when you can next donate, and to provide information relevant to your blood donation journey.

We do not use your data for any commercial purpose. We do not sell, rent, or share your personal data with any third party, including any corporate sponsor of the BloodText platform. Any sponsorship arrangement is governed by a strict data boundary: sponsors receive only aggregate, anonymised statistics and have no access to individual donor data.

5. How Your Data is Stored

Donor data is stored on secure cloud database servers located in the European Union, operated by Supabase. These servers operate in compliance with the EU General Data Protection Regulation (GDPR), one of the most rigorous data protection frameworks in the world. This storage arrangement is deliberate and provides a level of protection that meets or exceeds applicable local requirements.

6. Your Rights

As a registered donor, you have the following rights in relation to your personal data:

• The right to know what data we hold about you;
• The right to correct inaccurate data;
• The right to withdraw your consent and stop receiving BloodText communications at any time;
• The right to request deletion of your data from the BloodText system.

To exercise any of these rights, contact us at terms@eimcomms.com or visit your blood bank in person.

7. Opting Out

You may stop receiving BloodText communications at any time by emailing terms@eimcomms.com or visiting your blood bank in person.

All opt-out requests will be actioned within 72 hours of receipt.

8. Data Breach

In the event of a confirmed breach of donor personal data, EIM will notify affected donors within 72 hours and will inform relevant authorities as required by applicable law. A documented data breach response procedure is maintained by EIM.

9. Changes to This Policy

We may update this policy from time to time. Any material changes will be posted on BloodText.org and BloodBankVC.org with a revised effective date. Continued use of the platform after a change constitutes acceptance of the updated policy.

10. Contact

For any questions about this policy or about how your data is handled, contact us at terms@eimcomms.com.

1. About These Sites

BloodText.org and BloodBankVC.org are informational websites operated by EIM in support of blood donation initiatives across the Caribbean. The sites are provided as a public service and are free to use.

2. Use of the Sites

You may use these sites for personal, non-commercial purposes. You agree not to:

• Use the sites for any unlawful purpose
• Attempt to gain unauthorised access to any part of the sites or their underlying systems
• Use automated tools to scrape, copy, or extract content from the sites
• Transmit any harmful, offensive, or disruptive content via any contact or submission mechanism on the sites

3. Content and Accuracy

EIM makes reasonable efforts to ensure the information on these sites is accurate and up to date. However, health-related information on the sites is provided for general guidance only and does not constitute medical advice. Always consult a qualified health professional for advice specific to your circumstances.

EIM reserves the right to update, modify, or remove content at any time without notice.

4. Intellectual Property

All content on BloodText.org and BloodBankVC.org, including text, graphics, logos, and design, is the property of EIM Communications LLC or its content partners and is protected by applicable intellectual property laws. You may not reproduce, distribute, or republish any content from these sites without prior written permission from EIM.

5. External Links

These sites may contain links to third-party websites. EIM is not responsible for the content or privacy practices of any linked site. The inclusion of a link does not imply endorsement by EIM.

6. Limitation of Liability

EIM provides these sites on an 'as is' basis. To the fullest extent permitted by applicable law, EIM accepts no liability for any loss or damage arising from your use of the sites or reliance on any content contained within them.

7. Changes to These Terms

EIM may update these Terms of Use from time to time. Any changes will be posted on BloodText.org and BloodBankVC.org with a revised effective date. Continued use of the sites after a change constitutes acceptance of the updated terms.

8. Contact

For any questions about these terms, contact us at terms@eimcomms.com.

1. Purpose

This policy sets out how EIM Communications LLC (EIM) retains donor personal data held in the BloodText platform, and the process by which data is deleted, either on request or at the end of the defined retention period.

2. What Data This Policy Covers

This policy applies to all personal data held by BloodText in relation to registered blood donors, including:

• Name, date of birth, sex, and citizenship
• Blood type
• Mobile number and email address
• Donation dates and history

3. Retention Period

EIM retains donor personal data for a maximum of seven years from the date of the donor's last recorded donation or last confirmed engagement with a BloodText communication, whichever is the more recent.

The seven-year period reflects the dual purpose of the platform: ongoing engagement with active donors, and re-activation outreach to lapsed donors. Retaining data for this period allows the blood bank a meaningful window to attempt re-engagement before a donor record is retired.

4. End of Retention Period

When a donor record reaches seven years of inactivity, EIM will:

• Send the donor a final notification by SMS or email advising that their data will be permanently deleted within 30 days unless they respond;
• If the donor responds and wishes to remain on the platform, the retention period resets from the date of response;
• If no response is received within 30 days, the donor's personal data will be permanently deleted from the BloodText database.

Where contact details are no longer valid and the final notification cannot be delivered, the data will be deleted at the end of the 30-day window without further action.

5. Deletion on Request

Any donor may request deletion of their personal data from the BloodText system at any time, regardless of the retention period. Deletion requests may be submitted by:

• Emailing terms@eimcomms.com
• Visiting the blood bank in person

All deletion requests will be actioned within 72 hours of receipt. Once deleted, donor data cannot be recovered.

6. Deletion Process

When donor data is deleted, whether on request or at the end of the retention period, all personally identifiable information is permanently removed from the BloodText database. Aggregate, anonymised statistical records that do not identify any individual donor are not subject to deletion and may be retained indefinitely for reporting purposes.

7. Review

This policy will be reviewed annually or following any material change to the BloodText platform, applicable law, or the data storage arrangements.

8. Contact

For any questions about data retention or to submit a deletion request, contact us at terms@eimcomms.com.

1. Purpose

This procedure sets out how EIM Communications LLC (EIM), operator of the BloodText platform, will respond to any confirmed or suspected breach of donor personal data, in compliance with applicable laws of St Vincent and the Grenadines.

2. What Data is at Stake

BloodText holds donor names, dates of birth, blood types, mobile numbers, and email addresses. No financial data, identity documents, or sensitive medical records are held.

3. What Counts as a Breach

Any unauthorised access to, disclosure of, or loss of donor personal data, whether accidental or malicious.

4. Response Steps

1. The person who detects the breach reports it immediately to EIM management by email at terms@eimcomms.com. This mailbox is monitored by EIM management and creates an automatic record of the notification;
2. EIM management and the technical lead assess the scope and contain the breach as quickly as possible;
3. EIM notifies the affected blood bank within 24 hours;
4. If donor data has been accessed or exposed, EIM notifies affected donors within 72 hours, explaining what happened and what they should do. Where donor contact details are intact, notification will be delivered by SMS or email. Where direct contact is not possible, notification will be made via the Ministry of Health communications channels;
5. EIM notifies relevant authorities as required by applicable law.

5. Review

This procedure will be reviewed annually or following any confirmed breach.