Privacy Notice



Privacy Notice

At Patient Connect, we are committed to protecting your privacy.

This Privacy Notice provides important information about how Patient Connect ("we") handle personal data, including information about how we store and handle personal data and keep it safe.

Please read this Privacy Notice carefully and contact our Data Protection Officer if you have any questions about our privacy practices or your personal data choices.

When do we collect personal data?

  • when you visit our websites;
  • when you contact us directly with a query or complaint;
  • when you engage with us on social media;
  • when you use our services or download any of our software;
  • when you ask us to send you information about a product or service;
  • when you choose to complete a survey we are running;
  • when you have given a third-party permission to share information they hold about you with us; and
  • we may collect data from publicly available sources when you have given consent to share information or where information is made public by matter of law.

  • What personal data do we collect?

    1. We may collect your name, organisation, role, email address and phone number.

    2. Our servers, logs and other technologies may automatically collect certain information to help us administer, protect and improve our services, analyse usage, improve your user experience or in relation to a programme we are running e.g. IP address, details of your visits to our websites, technical information about your internet connection and browser as well as the country and telephone code where your computer is located, web pages you viewed during your visit and search terms entered. We may collect your social media username if you contact us through social media.

    Explaining the legal bases we rely on

    The law on data protection sets out a number of different reasons for which a company may collect and process personal data, as set out below:

    1. Consent
    In certain situations, we can collect and process your personal data with your consent: e.g. when you tick a box to receive a reply to an enquiry.

    2. Contractual obligations
    We require personal data to comply with our contractual obligations.

    3. Legitimate interest We may require your personal data to pursue legitimate interests in a way in which might reasonably be expected as part of running our business and in a way which does not impact on your rights, freedom or interests e.g. we may contact you to send you personalised information about our services that we think may be of interest to you.

    How and why we use personal data

  • with your consent we will use your personal data to keep you informed by email, web or telephone about our products and services and to enable you to receive updates. You are free to opt out of hearing from us by any of these channels at any time;
  • to send you relevant personalised communications about our products, programs or services that we believe may be of interest to you. You are free to opt out of hearing from us at any time;
  • to respond to your enquiries, requests or complaints. Handling personal data you sent to us enables us to respond to you. We may keep a record of our communications with you to inform future communications with us and demonstrate how we communicated with you. We do this on the basis of our contractual obligations to you and legal obligations and our legitimate interest;
  • to enable you to participate in our surveys or questionnaires, based on your consent at the time;
  • to send you communications required by law or which are necessary to inform you about changes to the services we provide you. These service messages will not include any promotional content and do not require prior consent when sent by email or text message. If we do not use your personal data for these purposes we would not be able to comply with our legal obligations;
  • to protect our business from fraud and illegal activities. We may monitor browsing activity to quickly identify and resolve problems and protect the integrity of our websites. We'll do this as part of our legitimate interest;
  • to develop, test and improve the services we provide. We'll do this on the basis of our legitimate interests; and
  • to comply with our contractual or legal obligations to share data with law enforcement.

  • Do we share personal data?

    We sometimes share personal data with trusted third parties. In such cases we apply the following policy:

  • we provide only information needed to perform specific services e.g. to correct technical problems or malfunctions and to protect the security and integrity of our websites or other business systems;
  • the trusted third party may only use your data for the exact purpose in our contract with them;
  • we work closely with them to ensure that your privacy is protected at all times; and
  • if we stop using their services any of your data held by them will be deleted.
  • We will only share your data with third parties for their own purposes in specific circumstances e.g. with your consent, for prevention of fraud or where required by law or regulatory or government body upon a valid request to do so.

    Our commitment to data security

    To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the personal data we collect. We take steps to ensure that personal data is processed according to this Privacy Notice and the requirements of applicable law wherever personal data is located. We have networks, databases, servers, systems and support located at our offices. We may collaborate with third parties such as web hosting and cloud hosting services for back-ups and with suppliers.

    Do we transfer your personal data outside of the EEA?

    We do not routinely transfer data outside the European Economic Area (EEA). If we transfer personal data outside of the EEA we take measures to ensure that the personal data receives the same level of protection as if it were being processed inside the EEA e.g. we may use approved contractual clauses and/or other measures designed to ensure that recipients of personal data protect it.

    How we protect personal data?

    We use appropriate technologies and procedures to protect personal data. Our information security policy is reviewed regularly and updated as necessary to meet both our business needs and regulatory requirements. We have measures in place to protect against accidental loss or unauthorised access, use, destruction or disclosure of data. We have a business continuity and disaster recovery plan. We place restrictions on access to personal data. We implement appropriate measures and controls to store and transfer data securely. We conduct privacy impact assessments in accordance with legal requirements where we consider appropriate. We provide data protection training to employees. We take steps to ensure that our contractors and business partners operate in accordance with data protection laws and contractual conditions and we carry out partner due diligence.

    How long do we keep personal data?

    We only retain personal data for as long as we reasonably require it for the purpose for which it was collected. When we no longer need personal data we will anonymise it or securely delete it.

    Your rights to access and correct your personal data

    At Patient Connect we respect your rights in respect of your personal data. You have the right to request:

  • access to the personal data we hold about you, free of charge in most cases;
  • correction of personal data when incorrect, out of date or incomplete;
  • that we stop using your personal data for direct marketing;
  • that we stop any consent-based processing of personal data after you withdraw your consent; and
  • review of any decision made based solely on the automatic processing of your data.
  • If you would like to exercise any of these rights please contact our DPO at the address below. We may ask you for proof of your identity and further information about your request so that we can verify your identity and locate your data.

    Whenever you have given us your consent to use your personal data you have the right to change your mind and withdraw that consent.

    If we are processing your personal data on the basis of our legitimate consent you can ask us to stop for reasons connected to your situation. In such cases we will stop processing your personal data unless we believe that we have a legitimate overriding reason to continue processing your personal data.

    You have the right to stop the use of your information for direct marketing and we will comply with your request. Please write to us at the address below. If we send you any email you can click on the unsubscribe link in the email.

    If you are unhappy with how we manage your personal information you have the right to complain to the Information Commissioners Office at www.ico.org.uk/concerns.

    Cookies

    We may use cookies on our websites to a) allow visitors to the websites to personalize their experience by accessing information about our products and services that is most relevant to their areas of interest; b) track a user session within our websites; and c) prevent duplication in participation in surveys. You can manage cookies in your browser settings and always have the choice to change these settings by accepting, rejecting or deleting cookies.

    Third party websites

    Our websites may contain links to third party websites. Please review the privacy policies of other websites carefully as we are not responsible for the practices of any third-party websites you may visit.

    Our commitment to children's privacy

    Protecting the privacy of the very young is especially important. For that reason, we do not intend to handle information from our websites from those we know are under 16 years of age.

    Notification of changes

    We keep our Privacy Notice under regular review and we will place any updates on this web page.

    This Privacy Notice was last updated on 25 May 2018.

    How to contact us

    If you have any questions regarding this Privacy Notice or would like more information on our privacy practices, please contact our Data Protection Officer by:

  • emailing us on dpo@patientconnect.co.uk
  • writing to us at Data Protection Officer, Parallel House, 32 London Road, Guildford, GU1 2AB; or
  • calling us on +44 1483 419381
  • Contact Us


    First Name:


    Surname:



    Enquiry:

    Organisation:


    Role:



    Email:



    Phone number:




    I have read the Privacy Notice .
    By clicking Submit, I consent to my data being processed in line with the Privacy Notice.