Website Privacy & Cookies
We recognise the privacy and security of personal information is of great importance to our clients, their families and friends, our workers and others such as our commissioners, GPs and all those involved in looking after the welfare of our clients.
We have provided this privacy notice to set out why we need to collect personal information relating to our clients, families, friends and representatives, how we use it and how we protect it.
1. How do we collect information about you?
1.1 We collect information about you when you enquire about our care services, use our website, and become a client of ours. We also collect information when you voluntarily complete customer surveys or provide feedback about our services.
2. What types of information do we collect from you?
Personal data or personal information can be any information about an individual from which that person can be identified. We may collect, use, store and transfer different types of personal data about you which we have grouped together as follows:
2.1 When you enquire about our care services:
- Personal information including your name, address, telephone numbers and email address.
2.2 When you use our website:
- Any personal details you knowingly provide us with through forms or email, such as your name, address, telephone numbers and email address. We use the information that you provide so we can respond to your requests and communicate with you.
- Your preferences and use of email updates, recorded by emails we send you (if you select to receive email updates).
- Your IP Address: this is a string of numbers unique to your computer that is recorded by our web server when you request any page or component on the website. This information is used to measure your usage of the website.
2.3 Where you are the client and are receiving care services:
- Personal details including your title, full name, maiden name, marital status, date of birth, gender, contact details including address (billing address or correspondence address), telephone numbers, email addresses, contact details for next of kin, your GP and other allied health professionals.
- Financial information including bank account information to enable payment of services.
- Transaction data including details of payments from you for the services we have provided.
- Information about your life, including social history, health and wellbeing, treatment and care. This may also include information about your marital status, ethnicity and sexual orientation and details of medical treatments.
- Notes and reports about your health and care provision including case assessments and medication provided.
- Compliments, complaints, accidents and incidents information.
- Contributions to client questionnaires and surveys.
2.4 Where you are the relative, next of kin, attorney or deputy to one of our clients:
- Personal details including title, full name, relationship to the client, contact details including address, telephone numbers, email addresses.
3. What information do we get from other sources?
3.1 We work closely with NHS Clinical Commissioning Groups (CCGs), local and health authorities, medical professionals and regulators to deliver our care services. We will receive information from them regarding your health and care including admission details, care records and medical records.
3.2 We also work with other companies who provide professional services, advertising and marketing services
4. Lawful basis for processing
4.1 We use the following lawful basis condition for processing your data as a client:
- Article 6(1)(b) “…processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract…”
- Article 6(1)(e) “…processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.”
- Article 9(2)(h) “…processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to above”.
5. How we use the information about you
- We process your personal data to manage the services we provide you, to carry out our obligations arising from any contracts entered into between us and you, to provide you with information or services you have requested and to process payments and refunds.
- Your care record will contain detailed information about your health and well-being including illnesses, medical appointments and treatments. It will also contain details of your attorney, deputies, your close family and next of kin. We will share these with medical and allied health professionals who have a legal and legitimate need to use the information to support the care provided to you.
- We share information within the Superior Healthcare to provide necessary administrative and managerial support.
- We use either personal or anonymised data to review the performance of our care services as part of our continuing work to improve our services and meet the needs of our clients.
- We may use your details to contact you about any changes to our care services.
- We may use your personal data to send you marketing information describing services that you may be interested in where you have consented to receive this beforehand. You may opt out of receiving this information at any time.
- We share information with NHS Clinical Commissioning Groups (CCGs), local and health authorities, medical professionals and regulators regarding client’s health and care including admission details, care records and medical records.
5.2 We are required from time to time to provide specific information about you without you or your representative’s consent. This may include:
- Reporting health or safety issues including infectious diseases.
- Where there is a legal or statutory requirement, court order or public authority instructs us to do so.
- Supporting police investigations, professional conduct hearings and safeguarding investigations in the public interest.
5.3 In exceptional circumstances, we may be required to share information without your or your representative’s consent. Circumstances may include:
- Where a serious crime or fraud has been committed.
- If there is a serious risk to the public, client or employees.
- Where there is a need to protect children or vulnerable adults who are not able to decide if their personal data should be shared.
6. How we store, process and protect your data
6.1 We take the privacy and security of your personal data very seriously. We ensure we handle your data with the highest level of care by having clear internal policies and procedures, physical security to our premises and IT security technologies to prevent the unauthorised access, damage and loss of your data.
6.2 The personal data that we collect from you is only stored inside the European Economic Area (EEA), therefore ensuring we achieve the maximum privacy and security in line with UK Data Protection Laws.
6.3 Credit card payments are processed securely via our third party payment processing partner, who we have vetted and who has agreed to provide a level of data protection no less than ours.
7. How long will we hold your personal data?
7.1 We will only keep your information for as long as necessary to fulfil the purposes we collected it for, including satisfying any legal, contractual or reporting requirements. How long we keep the data for is determined by law and is largely determined by necessity. Once your information is no longer required it will be securely destroyed.
7.2 You can ask us to delete your data where retaining it is no longer necessary.
7.3 Whilst at all times compliant with legislation and acting reasonably, we reserve the right to judge what information we must continue to hold to be able to fulfil our legal and contractual obligations to you.
7.4 We may anonymise your personal data (so that you can no longer be identified) for research and analysis purposes in which case we may use this information indefinitely without further notice to you.
7.5 Where we process data based solely on your consent, you have the right to withdraw that consent at any time.
8. Automated decision making
8.1 An automated decision is one that is made with no human involvement.
8.2 You have the right not to be subject to decisions made solely on automated data processing if the decisions have legal impact or significantly affects you.
9. Rights of access, correction, erasure, restriction and portability
9.1 You have the following rights under the GDPR:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to ask to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it.
- Object to processing of your personal information on grounds relating to your particular situation where we are relying on a legitimate interest (or those of a third party) or where processing is necessary for the performance of a task carried out in the public interest as the lawful basis for processing.
- Request the restriction of processing of your personal information on the following grounds:
- you contest the accuracy of the personal data for a period enabling us to verify the accuracy;
- the processing is unlawful and you oppose the erasure of the personal data and requests restriction instead;
- we no longer need the personal data for the original purposes of the processing, but the data is required by you for the establishment, exercise or defence of legal claims.
- Request the transfer of your personal information to another party, also known as portability.
9.2 Please contact our Data Protection Officer in writing (contact details below) if you would like to exercise any of your rights under the GDPR.
9.3 To help us deal with your request as efficiently as possible, you will need to include:
- Your current name and address
- Proof of identity (a copy of your driving licence, passport or two different utility bills that display your name and address)
- As much detail as possible regarding your request so that we can identify any information we may hold about you, this may need to include your previous name and address, date of birth and what the Superior Healthcare Group services you received.
10.1 We would like to send you information about the services we provide which may be of interest to you. You have a right at any time to request that we stop contacting you for marketing purposes.
10.2 If you have recently contacted us regarding our services or are an existing customer or client, we may contact you to ask for your consent to continue sending you marketing information. If you no longer wish to be contacted for marketing purposes, please contact us at firstname.lastname@example.org.
11.1 When you visit our website, it sends small files to your computer called cookies. These cannot be used to identify you personally but can make the website work more efficiently for you by improving the time required to access pages and reducing the number of times you need to enter information. Cookies also enable us to understand how people are using the website so they can improve the online experience they provide.
11.2 Some cookies are deleted when you close down your browser. These are known as session cookies. Others remain on your device until they expire or you delete them from your cache. These are known as persistent cookies and enable us to remember things about you as a returning visitor. This website uses session and persistent cookies.
11.3 If you want to restrict or block the cookies we set, you can do this through your browser settings. The ‘help’ function within your browser should tell you how.
11.4 To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit cookies.insites.com. Alternatively, you can search the internet for other independent information on cookies.
12. Contact us
If you have any questions regarding our privacy notices, wish to contact our Data Protection Officer, or wish to exercise any of your rights under GDPR, please contact us at the address below.
Jo Rychlik, Head of HR
Superior Healthcare Group Ltd
5 8 Estuary View Business Park
Tel: 01227 771133
We will always do our best to assist you to exercise your rights and give you any information you request and have the right to receive. However, if you ever feel you need to pursue a data privacy complaint further, you have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
The contact details of the ICO are as follows:
- Helpline: 0303 123 1113
- Website: https://ico.org.uk/concerns/