Website Privacy Policy
We are Center Healthcare Limited, a private incorporated company in England and Wales. Our company number is 13967362 and our registered address is Amelia House, Crescent Road, Worthing, West Sussex, United Kingdom, BN11 1QR.
At Center Healthcare we are committed to ensuring that your privacy is protected. We will continue to comply with the provisions of the Data Protection Act (“DPA”) until 25 May 2018, after which we will comply with the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) unless and until the GDPR is no longer directly applicable in the UK, together with any national implementing laws, regulations and secondary legislation as amended or updated from time to time in the UK, and any successor legislation to the GDPR and the DPA (together “Data Protection Legislation”). We are the data controller of data you pass to us pursuant to this policy.
This Privacy Policy, together with our website terms and conditions and cookie policy sets out how we collect personal information from you and how the personal information you provide will be processed by us. By visiting our website at https://centerhc.com you are accepting and consenting to the practices described in this Privacy Policy. If you do not consent, please do not submit any personal data to us.
What information does Center Healthcare hold and how will we use it?
Information you give Center Healthcare: You may give us information about you by completing enquiry forms on the website or by requesting via the website that we send you marketing information. The information you give us may include your name, email address, address/location and phone number.
We will retain this information while we are corresponding with you or providing services to you or to a Service User you represent. We will retain this information for 8 years following cessation of services in line with the records management code of practice for Health and Social Care.
Information Center Healthcare collects about you:
Center Healthcare may collect the following information from you when you visit the website:
Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from the website (including date and time), products you viewed or searched for, page response times, website errors, length of visits to certain pages, page interaction information, methods used to browse away from the page and any phone number used to call our helpline. We retain this information for 3 years after we stop corresponding with you.
Information we receive from other sources: This includes information we receive about you when you use other websites operated by us or other services we provide. This information may include your name, email address, postal address and phone number. We will retain this information for 8 years following cessation of services in line with the records management code of practice for Health and Social Care.
Cookies
The Website uses cookies to distinguish you from other users of the website.
Use Made of the Information
Center Healthcare may use the information we receive and/or collect about you to:
- Fulfil our obligations under any contract we have entered into with you or with a Service User you represent, and to provide you or the relevant Service User with information or services you or the Service User has requested.
- Send you newsletters and marketing information if you have consented to us doing so.
- Notify you of products and services we feel may interest you, or permit third parties to do so if you have provided the appropriate consent
- Monitor website usage and provide statistics to third parties for the purposes of improving and developing the website and the services we provide via the website.
- Center Healthcare processes personal information for certain legitimate business purposes, which include some or all the following:
- Where the processing enables Center Healthcare to enhance, modify, personalise or otherwise improve the website, its services or communications.
- To identify and prevent fraud.
- To enhance the security of Center Healthcare’s network and information systems.
- To better understand how people interact with Center Healthcare’s websites.
- To administer the website and carry out data analysis, troubleshooting and testing; and
- To determine the effectiveness of promotional campaigns and advertising.
If we obtain consent from you to do so, we may provide your personal details to third parties so that they can contact you directly in respect of services in which you may be interested.
Where we are processing personal data we have obtained via the website on the basis of having obtained consent from you, you have the right to withdraw your consent to the processing of your personal data at any time. If you would like to withdraw your consent or prefer not to receive any of the above-mentioned information (or if you only want to receive certain information from us) please let us know by contacting us via [email protected]. Please bear in mind that if you object, this may affect our ability to carry out the tasks above for your benefit.
We will not share, sell or distribute any of the information you provide to us (other than as set out in this policy) without your prior consent, unless required to do so by law.
Third Party Sites
Our website may contain links to third party websites. They are provided for your convenience only and we do not check, endorse, approve or agree with such third-party websites nor the products and/or services offered and sold on them. We have no responsibility for the content, product and/or services of the linked websites. Please ensure that you review all terms and conditions of website use and the Privacy Policy of any such third-party websites before use and before you submit any personal data to those websites.
How Safe is your information?
Protecting your security and privacy is important to us and we make every effort to secure your information and maintain your confidentiality in accordance with the terms of the Data Protection Legislation. The website is protected by various levels of security technology, which are designed to protect your information from any unauthorised or unlawful access, processing, accidental loss, destruction and damage.
We will do our best to protect your personal data but the transmission of information via the Internet is not completely secure. Any such transmission is therefore at your own risk.
Disclosure of your Information
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006. We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter with them or you
- Third parties who may wish to contact you in respect of services or products they offer or sell which may be of interest to you, provided we receive your consent to such disclosure; and/or advertisers and advertising networks that require the data to select and serve relevant adverts to you and analytics and search engine providers that assist us in the improvement and optimisation of the website
Please note we may need to disclose your personal information where we:
- Sell any or all our business or assets or we buy another business or assets in which case we may disclose your personal data to the prospective buyer or seller
- Are under a legal duty to comply with any legal obligation or to enforce or apply our terms and conditions; or
- Need to disclose it to protect our rights, property or the safety of our customers or others, including the exchange of information with other companies, organisations and/or governmental bodies for the purposes of fraud protection and credit risk reduction.
Please note we may need to disclose your personal information where we:
- Sell any or all our business or assets or we buy another business or assets in which case we may disclose your personal data to the prospective buyer or seller
- Are under a legal duty to comply with any legal obligation or to enforce or apply our terms and conditions; or
- Need to disclose it to protect our rights, property or the safety of our customers or others, including the exchange of information with other companies, organisations and/or governmental bodies for the purposes of fraud protection and credit risk reduction.
Your Rights in Respect of your Data
If any of the information you provide to us via the website changes, please let us know as soon as possible so that we can make the necessary changes to the information we hold for you on our database. If you wish to make any changes to your information, please contact us at [email protected].
If you wish to access or rectify the information we hold about you, or request that such information be transmitted directly to another data controller, please contact us at [email protected] or call us on 0333 789 3333. We shall process your request to access your information within one month of receipt, or we’ll let you know within that timeframe if we need more information from you. We will process your request free of charge.
To request that your information is deleted or if you wish to restrict or object to the processing of your information, please contact us at [email protected] or call us on 0333 789 3333.
If you have any complaints about our use of your personal data, please contact us. You also have the right to complain to the relevant supervisory authority in your jurisdiction. In the UK, the supervisory authority is the Information Commissioner’s Office. Contact details for the ICO can be found at https://ico.org.uk/.
If you have any further queries or comments on our Privacy Policy, you can contact us by emailing [email protected]. We also welcome your views about our website and our Privacy Policy.
Fair Processing Notice – External
When Center Healthcare processes your personal data we are required to comply with the Data Protection Act 2018 (“DPA”) and the General Data Protection Regulation 2016 (“GDPR”) (the DPA and GDPR are together referred to as the “Data Protection Legislation”).
Your personal data includes all the information we hold that identifies you or is about you, for example, your name, email address, postal address, date of birth, location data and in some cases opinions that we document about you; as well as special categories of data, including but not limited to, medical and health records, information about your religious beliefs, ethnic origin, race and sexual orientation.
Everything we do with your personal data counts as processing it – including collecting, storing, amending, transferring and deleting it. We are therefore required to comply with the Data Protection Legislation to make sure that your information is properly protected and used appropriately.
This fair processing notice provides information about the personal data we process, why we process it and how we process it.
Our responsibilities
Center Healthcare is the data controller of the personal data you provide. We have appointed Christian Silwimba as Data Protection Officer and he will have day to day responsibility for ensuring that we comply with the Data Protection Legislation and for dealing with any requests we receive from individuals exercising their rights under the Data Protection Legislation.
Why do we process your personal data?
We process your personal data in order to provide you with the services you have requested, to fulfil the contract we have entered into with you and/or to receive services or goods from you. We may also process your personal data to respond to any queries or comments you submit to us and to correspond with you on a day to day basis.
We may need personal data from you to be able to provide services to you, to meet our legal obligations, to enter into a contract with you and/or to provide you with all the information you need. If we do not receive the personal data from you, we may be unable to fulfil our obligations to you.
We process most of your information on the grounds of consent from you, legitimate interests such as performance of a contract we have entered into with you, protection of the vital interests of a Data Subject or, in the case of special categories of data, processing for the provision of health or social care or treatment or the management of health or social care systems or services
If we obtain consent from you to the processing of your personal data, you can withdraw your consent at any time. This won’t affect the lawfulness of any processing we carried out prior to you withdrawing your consent.
Who will receive your personal data?
We only transfer your personal data to the extent we need to. Recipients of your personal data include:
Your carer’s or potential carer’s.
Local authorities.
Integrated Care Boards
NHS Trusts
Suppliers of medical equipment. (eg. PPE)
We don’t transfer your personal data outside of the EEA.
How long will we keep your personal data?
We will retain your personal data for 8 years following cessation of services in line with the records management code of practice for Health and Social Care. We retain your information for this period in case any issues arise or in case you have any queries. Your information will be kept securely at all times. Following the end of the 8 year period, your files and personal data we hold about you will be permanently deleted or destroyed. If we are required to obtain your consent to process your personal data, any information we use for this purpose will be kept until you withdraw your consent, unless we are entitled to retain the personal data on the basis of other grounds set out in the Data Protection Legislation.
What are your rights?
You benefit from a number of rights in respect of the personal data we hold about you. We have summarised the rights which may be available to you below, depending on the grounds on which we process your data. More information is available from the Information Commissioner’s Office website (https://ico.org.uk/for-organisations/guide-to-the-general- data-protection-regulation-gdpr/individual-rights/). These rights apply for the period in which we process your data.
Access to your data
You have the right to ask us to confirm that we process your personal data, as well as having the right to request access to/copies of your personal data. You can also ask us to provide a range of information, although most of that information corresponds to the information set out in this fair processing notice.
We will provide the information free of charge unless your request is manifestly unfounded or excessive or repetitive, in which case we are entitled to charge a reasonable fee. We may also charge you if you request more than one copy of the same information.
We will provide the information you request as soon as possible and in any event within one month of receiving your request. If we need more information to comply with your request, we will let you know.
Rectification of your data
If you believe personal data we hold about you is inaccurate or incomplete, you can ask us to rectify that information. We will comply with your request within one month of receiving it unless we don’t feel it is appropriate, in which case we will let you know why. We will also let you know if we need more time to comply with your request.
Right to be forgotten
In some circumstances, you have the right to ask us to delete personal data we hold about you. This right is available to you:
- Where we no longer need your personal data for the purpose for which we collected it
- Where we have collected your personal data on the grounds of consent and you withdraw that consent
- Where you object to the processing and we don’t have any overriding legitimate interests to continue processing the data
- Where we have unlawfully processed your personal data (i.e. we have failed to comply with GDPR); and
- Where the personal data has to be deleted to comply with a legal obligation
- There are certain scenarios in which we are entitled to refuse to comply with a request. If any of those apply, we will let you know.
Right to restrict processing
In some circumstances, you are entitled to ask us to suppress processing of your personal data. This means we will stop actively processing your personal data but we don’t have to delete it. This right is available to you:
- If you believe the personal data we hold isn’t accurate – we will cease processing it until we can verify its accuracy
- If you have objected to us processing the data – we will cease processing it until we have determined whether our legitimate interests override your objection
- If the processing is unlawful; or
- If we no longer need the data but you would like us to keep it because you need it to establish, exercise or defend a legal claim
Data portability
You have the right to ask us to provide your personal data in a structured, commonly used and machine-readable format so that you are able to transmit the personal data to another data controller. This right only applies to personal data you provide to us:
- Where processing is based on your consent or for performance of a contract (i.e. the right does not apply if we process your personal data on the grounds of legitimate interests); and
- Where we carry out the processing by automated means
- We will respond to your request as soon as possible and in any event within one month from the date we receive it. If we need more time, we will let you know.
Right to object
You are entitled to object to us processing your personal data:
- If the processing is based on legitimate interests or performance of a task in the public interest or exercise of official authority
- For direct marketing purposes (including profiling); and/or
- For the purposes of scientific or historical research and statistics
- In order to object, you must have grounds for doing so based on your particular situation. We will stop processing your data unless we can demonstrate that there are compelling legitimate grounds which override your interests, rights and freedoms or the processing is for the establishment, exercise or defence of legal claims.
Automated decision making
Automated decision making means making a decision solely by automated means without any human involvement. This would include, for example, an online credit reference check that makes a decision based on information you input without any human involvement. It would also include the use of an automated clocking-in system that automatically issues a warning if a person is late a certain number of times (without any input from HR, for example).
We don’t carry out any automated decision making using your personal data.
Your right to complain about our processing
If you think we have processed your personal data unlawfully or that we have not complied with GDPR, you can report your concerns to the supervisory authority in your jurisdiction. The supervisory authority in the UK is the Information Commissioner’s Office (“ICO”). You can call the ICO on 0303 123 1113 or get in touch via other means, as set out on the ICO website: https://ico.org.uk/concerns/.