Privacy Notice for Priory UK No1 Limited
This Privacy Notice is effective from 1 September 2021 and is applicable to all companies under Priory Group UK No1 Limited trading as ‘Priory Group of Companies’.
We will update this Privacy Notice from time-to-time. When we do change the notice (in a significant way), we will post an update on our website.
Priory takes data protection and confidentiality very seriously. This privacy notice covers:
- What a Privacy Notice is
- What information we will collect and store about you
- How we collect your personal information
- For what purpose we will use your personal information
- What happens if you fail to provide personal information
- How changes of purpose will be managed
- Why we might share your personal information with third parties
- What type of third party service providers process your personal information
- How we may share your personal information with third parties
- How long we will use your information
- How we store your personal information
- Protection of your personal information
- Accuracy of personal information
- When might we transfer your information overseas
- Access to personal information
- Automated decisions
- Data portability
- Additional rights
Privacy questions
If you have any questions or concerns about this Privacy Notice or how we process your information, or if you would like to make a complaint about a possible data breach, please contact us:
Email: [email protected]
Postal address:
Group Data Protection Officer
Priory
5th Floor, 80 Hammersmith Road
London
W14 8UD
We take data security extremely seriously and all such communications are examined and replies issued where appropriate as soon as possible. If you are unsatisfied with the reply you receive, you may refer your complaint to the Information Commissioner’s Office (ico.org.uk)
What is a Privacy Notice?
Priory is a 'data controller'. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you regarding how we hold and use your personal information.
PRIVACY NOTICE FOR PATIENTS AND RESIDENTS UNDER THE CARE OF PRIORY GROUP UK NO 1 LIMITED
This notice applies to our service users, including patients and residents, under the care of the Priory Group. We may update this notice at any time but if we do so, we will provide you with an updated version of this notice available on our website as soon as reasonably practical. It is important that you read and retain this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information and what your rights are under data protection legislation.
We may collect, store and use the following categories of personal information about you:
- Personal contact details such as name, title, address, telephone numbers, personal email addresses and contact preferences
- Date of birth
- Marital status and dependants
- Next of kin and emergency contact details
- National insurance number and NHS number
- Bank or credit card details or other payment information
- Identification information contained within your passport and/or driving licence or proof of address
- Online identifiers or social media identifiers
- Information about your status, nationality and residency
We may also collect, use and share ‘aggregated data’ such as statistical data for any purpose. Aggregated data could be derived from your personal information but is not considered personal information in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your ‘usage data’ to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information which will be used in accordance with this Privacy Notice.
We may also handle the following special categories of sensitive personal information:
- Information about your race or ethnicity, religious, philosophical and moral beliefs, sexual life, sexual orientation and political opinions
- Trade union membership
- Information about your physical and mental health, including any medical conditions
- Identification information containing biometric data, such as a passport
1. How we collect your personal information
We may collect personal information directly provided by you or your legal representative at any time you are in contact with the Priory and we may collect, store and use your personal information during your time in our care. We may also collect your personal information from third parties such as the NHS, commissioning authorities or through your private medical insurer (and for funding and/or payment for services received).
2. For what purpose we will use your personal information
In most cases, we will use your personal information to provide you with health, social care or treatment or to manage our health services or social care services. In rare cases, we may need to use your personal information to protect your (or someone else’s) interests or if it is in the public interest for us to do so.
Priory and its affiliates may share this personal information with each other but will always use it in accordance with this Privacy Notice. We may also combine it with other information to provide and improve our services.
We will only use your personal information when the law allows us to. We will use your personal information in the following circumstances:
- Where you have provided us with your consent
- Where we need to comply with a legal obligation
- Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests
We may also use your personal information in the following situations, which are likely to be rare:
- Where we need to protect your interests (or someone else’s interests)
- Where it is needed in the public interest or for official purposes
Some of the above grounds may overlap and there may be several grounds that justify our use of your information.
The situations in which we will use your personal information include:
- Provide services to you
- Facilitate settling of any applicable fees
- Facilitate communications between your care providers
- Helping us develop, operate, deliver, and improve the quality of the care we provide or, more generally, the type of services that we offer
- Sending important notices to you or to those acting on your behalf, such as updates to your care and/or treatment plans or changes to our terms, conditions and policies. (Because this information is important to your interaction with Priory, you may not opt out of receiving these communications)
- For security and health and safety purposes, such as use of our CCTV systems
- For internal purposes such as auditing, data analysis, and research to improve our services and our communication with you
- To test our computer systems to improve our services to you, such as the software we use to store your health, social and care records to improve our services. If you do not wish for your information to be used for these purposes, you can let us know
We process sensitive personal information for the following purposes:
- To provide you with physical or mental health care, social care or treatment
- Safeguarding reasons
- For legal reasons, for example, to comply with health and safety obligations or to respond to requests for information from the police
We will not sell, share or give information to third parties for marketing purposes.
3. What happens if you fail to provide personal information
The personal information we collect is stored in a variety of paper and electronic forms. Regardless, we have appropriate and adequate technical and administrative processes in place to make sure that all your information is kept secure.
4. How changes of purpose will be managed
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will publish an updated Privacy Notice on our website.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5. Why might we share your personal information with third parties
We will share your personal information with third parties where required by law, where it is necessary to be able to provide you with the health, social care or treatment you require, to protect your interests (or someone else’s interests) or where we have another legitimate interest in doing so.
6. What type of third parties service providers’ process your personal information
'Third parties' includes third party service providers (including IT software providers), commissioning authorities (such as your GP, local authorities, provider trusts, local systems or private medical insurances) and other entities within Priory.
Third party service providers: Priory engages third party service providers to provide certain services to the business. These often support our IT software or systems (including online payment providers). In order for them to provide their services, we need to allow them to process personal data necessary for their tasks. When we use third party service providers to process personal data on our behalf, we require them to commit to compliance with relevant data protection legislation.
Commissioning authorities: if our services are commissioned for you by third parties (your GP, local authorities, provider trusts, local systems, private medical insurers etc.) we may be required to provide some information about you to them including your name and contact details such as: postal address, telephone number, email address and physical or mental health history for the purposes outlined above.
7. How we may share your personal information with third parties
We may also share your personal data with other third parties.
Sale or restructuring. We may need to share your personal information if a sale or restructuring of all or part of Priory occurs. In this situation we will, so far as possible, share anonymised data with the other parties before the transaction completes. Once the transaction is completed, we will share your personal data with the other parties if and to the extent required under the terms of the transaction.
Request from a regulator or otherwise to comply with the law. We may also share your personal information: (i) with a regulator; (ii) to comply with the law; or (iii) in other circumstances when we are legally permitted to do so. This may include making returns to HMRC and disclosures to any other regulatory bodies which have authority over Priory or our professional advisers (such as lawyers, auditors, immigration advisers etc.), disclosures to stock exchange regulators, disclosures to shareholders such as directors' remuneration reporting requirements and to such third parties as we reasonably consider necessary in order to prevent crime.
8. How long we will use your information
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal information are available in our retention policy which is available on the Priory intranet.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer an employee, worker or contractor of the company we will retain and securely destroy your personal information in accordance with our retention policy, applicable laws and regulations.
9. How we store your personal information
The personal information we collect is stored in a variety of paper and electronic forms. Regardless, we have appropriate and adequate technical and administrative processes in place to make sure that all your information is kept secure.
10. Protection of your personal information
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those of our employees, workers or contractors and other third parties who need to access it to provide services to you. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the data protection team at [email protected].
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
11. Accuracy of personal information
Priory makes it easy for you to keep your personal information accurate, complete, and up to date. If any of your information changes please let us know so that we can update our records.
12. When might we transfer your information overseas
We may transfer the personal information we collect about you to countries within the European Economic Area (EEA). There are adequacy regulations in respect of these countries. This means that the countries to which we transfer your data are deemed to provide an adequate level of protection for your personal information.
We may transfer personal information we collect about you to the United States of America or other parts of the world outside the UK where there has not been an adequacy decision. This means that these countries are not deemed to provide an adequate level of protection for your personal information. We will transfer your personal data to those countries in limited circumstances that include when a third party supplier (such as IT software supplier) has operations (or provides IT software support for example) in such a country and can only deliver their service to Priory by transferring your personal data to that country or because their IT infrastructure is structured in such a way that data is stored in those countries.
To ensure that your personal information does receive an adequate level of protection we put in place the following appropriate measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects UK law on data protection: data protection agreements, technical and organisational measures, standard contractual clauses and binding corporate rules (where applicable). If you require further information about this or these protective measures, you can request more information from the data protection team at [email protected].
13. Access to personal information
You are entitled to see what personal information we hold about you at any time. This Privacy Notice outlines the information we hold about you and why. If you wish to access your personal information, please contact us at [email protected].
We are not required to process any request for access which is frivolous or vexatious, jeopardizes or otherwise affects the privacy of others, are impractical, or for which access is not otherwise required by law. We will let you know in writing if any of these circumstances apply to your request.
14. Automated decisions
Automated decision making takes place when an electronic system uses personal information to make a decision without human intervention.
You will not be subject to decisions that will have a significant impact on you based solely on automated decision making, unless we have a lawful basis for doing so and we have notified you.
We do not envisage that any decisions will be taken about you using automated means, however, we will notify you in writing if this position changes.
15. Data portability
You may have a right to data portability under the UK General Data Protection Regulation (GDPR).
The right to data portability allows you to obtain and reuse a copy of your personal data for:
- Your own purposes
- For us to send the information to a new provider on your behalf (where technically feasible)
It allows you to move data, copy data and transfer data.
The right to data portability ensures that it is done in a safe and secure way without affecting its usability. However, it will only apply to information concerning you which you have provided to us and where it is held electronically (so does not include paper records).
This may include data such as:
- Username
- Email address
- Website or search usage history
- Traffic and location data
You can make a data portability request verbally or in writing when we are processing your information:
- By automated means and rely on your consent to use your personal data
- When we use your data as part of a contract you have with us
We will ensure that we provide your information in a ‘structured’, ‘commonly used’ and ‘machine-readable’ format.
You can find further information on the Information Commissioner’s Office website: https://ico.org.uk/your-data-matters/your-right-to-data-portability/
If you would like to make a data portability request please email [email protected]. Please note that as part of the process we may be required to verify your identity.
We will aim to respond to your request within a month but may respond within a further 2 months if the request is complex or we have received a number of requests from you.
16. Additional rights
You may also have the right to:
- Object to processing of personal data that is likely to cause, or is causing, damage or distress
- Prevent processing for the purposes of direct marketing
- Object to decisions being taken by automated means
- In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed
- Data portability
If you believe you have any of these additional rights or you wish to exercise them, please let us know.
PRIVACY NOTICE FOR PRIORY COLLEAGUES AND CANDIDATES
This notice applies to current and former employees, workers and contractors and candidates applying for employment. This notice does not form part of any contract of employment or other contract to provide services. We may update this notice at any time but if we do so, we will provide you with an updated copy of this notice as soon as reasonably practical. It is important that you read and retain this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information and what your rights are under data protection legislation.
1. What information we will collect, store and use about you
We will collect, store and use the following categories of personal information about you:
- Personal contact details such as name, title, address, telephone numbers and personal email addresses
- Date of birth
- Marital status and dependants
- Next of kin and emergency contact information
- National insurance number
- Bank account details, payroll records and tax status information
- Salary, annual leave, pension and benefits information
- Records/results of any pre-employment checks (including credit and fraud checks)
- Start date and, if different, the date of your continuous employment
- Leaving data and your reason for leaving
- Location of employment or workplace
- Attendance records or timesheets
- Copy of passport and driving licence
- Employee personal relationships with anyone else working for the company
- Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process)
- Employment records (including job titles, work history, working hours, holidays, training records and professional memberships)
- Employment and management records will include disciplinary and grievance records, flexible working requests, performance records, appraisals and training records, holiday and attendance records, terms and conditions of employment
- Compensation history
- Performance information
- Disciplinary and grievance information
- CCTV footage, audio CCTV recordings (in limited circumstances) and other information obtained through electronic means such as swipe card records
- Information about your use of our information and communications systems
- Results of HMRC employment status check, details of your interest in and connection with intermediary through which your services are supplied
We may also collect, store and use the following sensitive special categories of personal information:
- Information about your race or ethnicity, religious beliefs, sexual orientation and political opinions
- Trade union membership
- Information about your physical and mental health, including any medical condition, health and sickness records including:
- Pre-employment medical screening tests
- Where you leave employment and under any share plan operated by a group company the reason for leaving is determined to be ill-health, injury or disability, the records relating to that decision
- Details of any absences (other than holidays) from work including time on statutory paternal leave and sick leave
- Any health information in relation to a claim made under the a health insurance scheme
- Where you leave employment and the reason for leaving is related to your health, information about that condition needed for pension and health insurance purposes
- Genetic information (where applicable)
- Biometric records for the purposes of time recording attendance at sites
- Information about criminal convictions and offences
2. How we collect your personal information
We collect personal information about candidates, employees, workers and contractors through the application and recruitment process, either directly from candidates or sometimes from an employment agency or background check provider. We may sometimes collect additional information from third parties including former employers, credit reference agencies or other background check agencies such as immigration consultants, or the Disclosure and Barring Service.
We may also collect personal information from the trustees or managers of pension arrangements operated by a group company.
We will collect additional personal information in the course of job-related activities throughout the period of you working for us.
3. For what purpose we will use your personal information
We will only use your personal information when the law allows us to. Mostly to comply, we will use your personal information in the following circumstances:
- Where we need to determine how appropriate your application is for employment
- Where we need to perform the contract we have entered into with you
- Where we need to comply with a legal obligation
- Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests
We may also use your personal information in the following situations, which are likely to be rare:
- Where we need to protect your interests (or someone else’s interests)
- Where it is needed in the public interest or for official purposes
The situations in which we will use your personal information include:
- Making a decision about your recruitment or appointment (for example CV, application form)
- Checking you are legally entitled to work in the UK
- Paying you and, if you are an employee or deemed an employee for tax purposes, deducting tax and national insurance contributions
- Providing the following benefits to you: salary, pensions, insurance and benefits administration (including pensions)
- Enrolling you in a pension arrangement in accordance with our statutory automatic enrolment duties
- Liaising with the trustees or managers of a pension arrangement operated by a group company, your pension provider and any other provider of employee benefits
- Administering the contract we have entered into with you
HR, business management, planning purposes - Making decisions about salary reviews or compensation
Conducting inductions, appraisals or performance reviews, handling disciplinary and grievance matters, performance management, career planning, training, promotion, secondments, etc. - Dealing with legal disputes involving you, or other employees, workers and contractors, including accident at work
- Managing disability, sickness or other types of leave, e.g. maternity leave, paternity leave
- Ascertaining your fitness to work
- To facilitate settling of expenses staff have incurred in the course of the business in accordance with their employment contracts
To facilitate communications between employees and members within the business - Internal record keeping purposes to enable us to maintain an audit trail in respect of approvals of decisions, voting and any internal surveys
- Managing and safeguarding our management, IT and communications systems
- Security reasons
- Complying with health and safety obligations
- To prevent fraud
- Performing workforce analysis, project management and planning
- Education, training and quality purposes
- Equal opportunities monitoring
- Legal reasons e.g. complying with employment and health and safety obligations, ensuring you are legally entitled to work in the UK, establishing or defending legal claims, for record keeping purposes (including, without limitation to keep pension records or records for tax purposes), to defend our legal rights etc.
- To ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution
- To test our computer systems to improve our services to you i.e. when there are changes to the National Minimum Wage or Living Wage. If you do not wish for your information to be used for these purposes, you can let us know
Some of the above grounds may overlap and there may be several grounds that justify our use of your information.
We process sensitive personal information for the following purposes:
- For security purposes and to assist with time recording at various premises by using biometric measurement data
- Managing sickness absence, providing reasonable adjustments in the workplace and administering benefits
- For legal reasons e.g. to comply with employment and health and safety obligations
We will use information about your gender, race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting.
We will use trade union membership information to pay trade union premiums, register the status of a protected employee and to comply with employment law obligations.
4. What happens if you fail to provide personal information
If you fail to provide certain information when requested, we may not be able to offer you employment or we may not be able to perform the contract we have entered into with you (such as paying you or providing a benefit), or we may be prevented from complying with any legal obligations (such as to ensure the health and safety of our workers).
5. How changes of purpose will be managed
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will publish an updated Privacy Notice on our website.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
6. Why we might share your personal information with third parties
We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you, which may include during our pre-employment checks, including right to work and the disclosure and barring service; or where we have another legitimate interest in doing so.
7. What type of third party service providers process your personal information
'Third parties' includes third party service providers (including contractors and designated agents) and other entities within our group and their employees, representatives, strategic investors and their respective advisers.
Priory engages these third parties to provide certain services to the business. In order for them to provide their services, we need to allow them to process personal data necessary for their tasks. When we use third parties to process personal data on our behalf, we require them to commit to compliance with relevant data protection legislation.
The following activities are carried out by third party service providers: payroll, pension administration, benefits provision and administration, IT services, management and data storage and intranet services, occupational health/other benefits, digital right to work checks and the disclosure and barring service.
8. How we may share your personal information with third parties
We may share your personal information with other third parties
Sale or restructuring. We may need to share your personal information if a sale or restructuring of all or part of the Priory occurs. In this situation we will, so far as possible, share anonymised data with the other parties before the transaction completes. Once the transaction is completed, we will share your personal data with the other parties if and to the extent required under the terms of the transaction.
Request from a regulator or otherwise to comply with the law. We may also share your personal information: (i) with a regulator; (ii) to comply with the law; or (iii) in other circumstances when we are legally permitted to do so. This may include making returns to HMRC and disclosures to any other regulatory bodies which have authority over the Priory or its group, our professional advisers (such as lawyers, auditors, immigration advisers etc.), disclosures to stock exchange regulators, disclosures to shareholders such as directors' remuneration reporting requirements and to such third parties as we reasonably consider necessary in order to prevent crime.
9. How long we will use your information
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal information are available in our retention policy which is available on the Priory intranet or from our People Team or Recruitment Manager.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer an employee, worker or contractor of the company we will retain and securely destroy your personal information in accordance with our retention policy, applicable laws and regulations.
10. How we store your personal information
The personal information we collect is stored in a variety of paper and electronic forms. Regardless, we have appropriate and adequate technical and administrative processes in place to make sure that all your information is kept secure.
11. Protection of your personal information
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the data protection team at [email protected].
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
12. Accuracy of personal information
Priory makes it easy for you to keep your personal information accurate, complete, and up to date. If any of your information changes please let us know so that we can update our records.
13. When might we transfer your information overseas
We will transfer the personal information we collect about you to countries within the European Economic Area (EEA). There are adequacy regulations in respect of these countries. This means that the countries to which we transfer your data are deemed to provide an adequate level of protection for your personal information.
We may transfer personal information we collect about you to the United States of America or other parts of the world outside the UK where there has not been an adequacy decision. This means that these countries are not deemed to provide an adequate level of protection for your personal information. We will transfer your personal data to those countries in limited circumstances that include when a third party supplier (such as IT software supplier) has operations (or provides IT software support for example) in such a country and can only deliver their service to Priory by transferring your personal data to that country or because their IT infrastructure is structured in such a way that data is stored in those countries.
To ensure that your personal information does receive an adequate level of protection we put in place the following appropriate measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects UK law on data protection: data protection agreements, technical and organisational measures, standard contractual clauses and binding corporate rules (where applicable). If you require further information about this or these protective measures, you can request more information from the data protection team at [email protected].
14. Access to personal information
You are entitled to see what personal information we hold about you at any time. This Privacy Notice outlines the information we hold about you and why. If you wish to access your personal information, please contact us at [email protected].
We are not required to process any request for access which is frivolous or vexatious, jeopardizes or otherwise affects the privacy of others, are impractical, or for which access is not otherwise required by law. We will let you know in writing if any of these circumstances apply to your request.
15. Automated decisions
Automated decision making takes place when an electronic system uses personal information to make a decision without human intervention.
You will not be subject to decisions that will have a significant impact on you based solely on automated decision making, unless we have a lawful basis for doing so and we have notified you.
We do not envisage that any decisions will be taken about you using automated means, however, we will notify you in writing if this position changes.
16. Data portability
You may have a right to data portability under the UK General Data Protection Regulation (GDPR).
The right to data portability allows you to obtain and reuse a copy of your personal data for:
- Your own purposes
- For us to send the information to a new provider on your behalf (where technically feasible)
It allows you to move data, copy data and transfer data.
The right to data portability ensures that it is done in a safe and secure way without affecting its usability. However, it will only apply to information concerning you which you have provided to us and where it is held electronically (so does not include paper records).
This may include data such as:
- Username
- Email address
- Website or search usage history
- Traffic and location data
You can make a data portability request verbally or in writing when we are processing your information:
- By automated means and rely on your consent to use your personal data
- When we use your data as part of a contract you have with us
We will ensure that we provide your information in a ‘structured’, ‘commonly used’ and ‘machine-readable’ format.
You can find further information on the Information Commissioner’s Office website: https://ico.org.uk/your-data-matters/your-right-to-data-portability/
If you would like to make a data portability request please email [email protected]. Please note that as part of the process we may be required to verify your identity.
We will aim to respond to your request within a month but may respond within a further 2 months if the request is complex or we have received a number of requests from you.
17. Additional rights
You may also have the right to:
- Object to processing of personal data that is likely to cause, or is causing, damage or distress
- Prevent processing for the purposes of direct marketing
- Object to decisions being taken by automated means
- In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed
- Data portability
If you believe you have any of these additional rights and you wish to exercise them, please let us know.
Private treatment terms and conditions
Please click he following link, which explains full details relating to your agreement to private treatment, covering registration, consent, and terms and conditions.
Cookies
1. How we use cookies
A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and are called first party cookies. We also use third party cookies – which are cookies from a domain different to the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes.
2. Strictly necessary cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
3. Performance cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
4. Functional cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
5. Advertising cookies
These cookies may be set through our site by third party advertising partners, including Google. If the cookie is set by a third party that also monitors traffic on other websites (such as an advertising provider), then this type of cookie may also track user movements across different websites to build a profile of online behaviour and show you relevant adverts on other sites. If you do not allow these cookies, you will experience less targeted advertising. For details of how Google uses associated data when a user provides cookie consent on a website, please click on the following link: Google’s Privacy & Terms
6. Cookie preferences
You can access the cookie preference centre where you can change your preferences by clicking the cookie settings link below.
Find out more
To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit https://tools.google.com/dlpage/gaoptout.
You can change the settings on your browser to prevent cookies being stored on your computer or mobile device without your explicit consent.
The following links detail how to manage cookies on popular web browsers:
For information relating to other browsers, visit the browser developer's website, where the 'help' section will normally provide details on how to manage the cookie settings.
Contacting us through social media
We use a third party provider, Sprout Social, to help us manage our social media output and interactions.
If you send us a private or direct message through social media, the message will be stored by Sprout Social for 3 months. It will not be shared with any other organisations.