We are Data4Health Limited trading as Data4NHS, a company incorporated in England and Wales. Our company number 10928443 and our registered office is at Beechwood House, The Beechwood Estate, Elmete Lane, Leeds, LS8 2LQ (“Data4NHS” / “we”/ “our” / “us”). We are committed to ensuring that your privacy is protected. We will continue to comply with the provisions of the Data Protection Act 1998 (“DPA”) until 25 May 2018, after which we will comply with the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) unless and until the GDPR is no longer directly applicable in the UK, together with any national implementing laws, regulations and secondary legislation as amended or updated from time to time in the UK, and any successor legislation to the GDPR and the DPA (together “Data Protection Legislation”).
Data4NHS collects and hosts data relating to NHS personnel and their functions within the NHS. This data is uploaded to a database maintained by Data4NHS (the “Database”). Data4NHS is the data controller of the data.
Information that we collect
In running and maintaining our website and services we may collect and process the following data about you:
- Information we collect about you: We may collect the following information about you when you visit our Website:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug in types and versions, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from the Site (including date and time), products you viewed or searched for, page response times, Website errors, length of visits to certain pages, page interaction information, methods used to browse away from the page and any phone number used to call our customer services number.
We will not retain this information.
- Information you give us: You may give us information about you by completing enquiry forms on the Website or by corresponding with us by phone, email or otherwise. The information you give us may include your name, email address, address / location and phone number and includes information you provide to be uploaded to the Database. When you speak with a Data4NHS operative, we may record the conversation to ensure the security of any transaction discussed, to help us to review our quality of service and to assist in the training and development of the employees who take such calls. We will retain this information while we are corresponding with you. Please note that if your record is not used for 3 years, we will try and contact you to check your details and failing this delete it.
Data4NHS collects information in several ways, some information is gathered when you register on the Website or when contacted by an approved operator. We may ask for your email address, job title, place of work and professional interests. The more accurate this information is the better user experience you will have as it will allow us to customise your experience.
Use of your information
We may use the information we receive and/or collect about you to:
- fulfil our obligations under any contract we have entered into with you and to provide you with information, products and services you have requested;
- send you newsletters and marketing information if you have consented to us doing so and have opted in to the Data4NHS e-bulletin service;
- expand the information we hold on our Database, if you have agreed to register as a user of the Database and have opted in to the Data4NHS National Directory Service;
- notify you of other products and services we feel may interest you, or permit third parties to do so if you have consented to us doing so and have opted in to the Data4NHS e-bulletin service; and
We process personal information for certain legitimate business purposes, which include some or all of the following:
- where the processing enables us to enhance, modify, personalise or otherwise improve the Website, our services and communications for the benefit of our customers;
- to identify and prevent fraud;
- to enhance the security of our network and information systems;
- to better understand how people interact with our Website;
- administer the Website and carry out data analysis, troubleshooting and testing; and
- to determine the effectiveness of promotional campaigns and advertising.
If we obtain consent from you to do so, we may provide your personal details to third parties so that they can contact you directly in respect of services and/or products in which you may be interested. We never give your details to third parties to use your data to enable them to provide you with information regarding unrelated goods or services.
You have the right to withdraw your consent to the processing of your personal data at any time. If you would like to withdraw your consent, or prefer not to receive any of the above-mentioned information (or if you only want to receive certain information) from us please let us know by contacting us by emailing us at firstname.lastname@example.org. Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.
If you do not want us to contact you for marketing purposes, please let us know by clicking the “Unsubscribe” option in any email we send to you and providing the details requested or by contacting us by emailing us at email@example.com or via the following webpage https://directory.data4nhs.com/contact-us/ and we will take steps to ensure that this information is deleted as soon as reasonably practicable. If you wish to withdraw your consent to your information being included on the Database, please contact us by emailing us at firstname.lastname@example.org or via the following webpage https://directory.data4nhs.com/contact-us/.
Transfer of your personal data
Unfortunately, the sending of information via the internet is not totally secure and on occasion such information can be intercepted. We cannot guarantee the security of data that you choose to send us electronically. While we aim to protect your personal information, Data4NHS can neither ensure nor warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk
Disclosing your information
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006.
We may share your information with selected third parties including third parties who may wish to contact you in respect of services and/or products they offer or sell which may be of interest to you, provided we receive your consent to such disclosure.
- If we sell any or all of our business or assets or we buy another business or assets in which case we may disclose your personal data to the prospective buyer or seller;
- Where we are legally required by law to disclose your personal information; and/or
- If we need to disclose it to protect our rights, property or safety of our customers or others, including the exchange for information with other companies, organisations and/or governmental bodies for the purposes of fraud protection and credit risk reduction.
Third party links
The Website may contain links to third party websites, including websites via which you are able to purchase products and services. They are provided for your convenience only and we do not check, endorse, approve or agree with such third party websites nor the products and/or services offered and sold on them. We have no responsibility for the content, products and/or services of the linked websites.
How safe is your information?
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Protecting your security and privacy is important to us and we make every effort to secure your information and maintain your confidentiality in accordance with the terms of the Data Protection Legislation. The Website is protected by various levels of security technology, which are designed to protect your information from any unauthorised or unlawful access, processing, accidental loss, destruction and damage.
We will do our best to protect your personal data but the transmission of information via the Internet is not completely secure. Any such transmission is therefore at your own risk.
Your rights in respect of your data
If any of the information you provide to us changes, please let us know as soon as possible so that we can make the necessary changes to the information we hold for you on our database. If you wish to make any changes to your information, please contact us by emailing us at email@example.com or via the following webpage https://directory.data4nhs.com/contact-us/.
If you wish to see the information we hold on you, or request that such information be transmitted directly to another data controller, please contact us by emailing us at firstname.lastname@example.org or via the following webpage https://directory.data4nhs.com/contact-us/. We shall process your request to access your information and provide this information to you free of charge.
To request that your information is deleted or if you wish to restrict / object to the processing of your information, please contact us by emailing us at email@example.com or via the following webpage https://directory.data4nhs.com/contact-us/.
If you have any complaints about our use of your personal data, please contact us. You may also have the right to complain to the Information Commissioner’s Office at https://ico.org.uk/.