At Patient Connect, we are committed to protecting your privacy.
This Privacy Notice provides important information about how Patient Connect ("we") handle personal data, including information about how we store and handle personal data and keep it safe.
Please read this Privacy Notice carefully and contact our Data Protection Officer if you have any questions about our privacy practices or your personal data choices.
When do we collect personal data?
What personal data do we collect?
1. We may collect your name, organisation, role, email address and phone number.
2. Our servers, logs and other technologies may automatically collect certain information to help us administer, protect and improve our services, analyse usage, improve your user experience or in relation to a programme we are running e.g. IP address, details of your visits to our websites, technical information about your internet connection and browser as well as the country and telephone code where your computer is located, web pages you viewed during your visit and search terms entered. We may collect your social media username if you contact us through social media.
Explaining the legal bases we rely on
The law on data protection sets out a number of different reasons for which a company may collect and process personal data, as set out below:
In certain situations, we can collect and process your personal data with your consent: e.g. when you tick a box to receive a reply to an enquiry.
2. Contractual obligations
We require personal data to comply with our contractual obligations.
3. Legitimate interest We may require your personal data to pursue legitimate interests in a way in which might reasonably be expected as part of running our business and in a way which does not impact on your rights, freedom or interests e.g. we may contact you to send you personalised information about our services that we think may be of interest to you.
How and why we use personal data
Do we share personal data?
We sometimes share personal data with trusted third parties. In such cases we apply the following policy:
We will only share your data with third parties for their own purposes in specific circumstances e.g. with your consent, for prevention of fraud or where required by law or regulatory or government body upon a valid request to do so.
Our commitment to data security
To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the personal data we collect. We take steps to ensure that personal data is processed according to this Privacy Notice and the requirements of applicable law wherever personal data is located. We have networks, databases, servers, systems and support located at our offices. We may collaborate with third parties such as web hosting and cloud hosting services for back-ups and with suppliers.
Do we transfer your personal data outside of the EEA?
We do not routinely transfer data outside the European Economic Area (EEA). If we transfer personal data outside of the EEA we take measures to ensure that the personal data receives the same level of protection as if it were being processed inside the EEA e.g. we may use approved contractual clauses and/or other measures designed to ensure that recipients of personal data protect it.
How we protect personal data?
We use appropriate technologies and procedures to protect personal data. Our information security policy is reviewed regularly and updated as necessary to meet both our business needs and regulatory requirements. We have measures in place to protect against accidental loss or unauthorised access, use, destruction or disclosure of data. We have a business continuity and disaster recovery plan. We place restrictions on access to personal data. We implement appropriate measures and controls to store and transfer data securely. We conduct privacy impact assessments in accordance with legal requirements where we consider appropriate. We provide data protection training to employees. We take steps to ensure that our contractors and business partners operate in accordance with data protection laws and contractual conditions and we carry out partner due diligence.
How long do we keep personal data?
We only retain personal data for as long as we reasonably require it for the purpose for which it was collected. When we no longer need personal data we will anonymise it or securely delete it.
Your rights to access and correct your personal data
At Patient Connect we respect your rights in respect of your personal data. You have the right to request:
If you would like to exercise any of these rights please contact our DPO at the address below. We may ask you for proof of your identity and further information about your request so that we can verify your identity and locate your data.
Whenever you have given us your consent to use your personal data you have the right to change your mind and withdraw that consent.
If we are processing your personal data on the basis of our legitimate consent you can ask us to stop for reasons connected to your situation. In such cases we will stop processing your personal data unless we believe that we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your information for direct marketing and we will comply with your request. Please write to us at the address below. If we send you any email you can click on the unsubscribe link in the email.
If you are unhappy with how we manage your personal information you have the right to complain to the Information Commissioners Office at www.ico.org.uk/concerns.
Third party websites
Our websites may contain links to third party websites. Please review the privacy policies of other websites carefully as we are not responsible for the practices of any third-party websites you may visit.
Our commitment to children's privacy
Protecting the privacy of the very young is especially important. For that reason, we do not intend to handle information from our websites from those we know are under 16 years of age.
Notification of changes
We keep our Privacy Notice under regular review and we will place any updates on this web page.
This Privacy Notice was last updated on 25 May 2018.
How to contact us
If you have any questions regarding this Privacy Notice or would like more information on our privacy practices, please contact our Data Protection Officer by: