Your privacy is important to Us. The Centre for Health are committed to keeping Your information secure and processing all data in accordance with UK Domestic Data Protection law, UK GDPR. We are registered with the UK Information Commissioner’s Office (ICO) as a data controller under registration number ZB349577.
This document sets out how The Centre for Health complies with these laws. This information may be updated at any time.
The Centre for Health collect and retain the data of personal individuals by virtue of an enquiry, consultation and/or registration. The Centre for Health are the Data Controller in respect of the data subject’s personal information.
When you first create an account with The Centre for Health the Personal Data that you input will be processed:
- To enquire and provide you with access to Our services and health consultations
- To service Your account through the services We provide and when you visit Our Website.
- To manage and administer the service provided including collecting payment
- If you request information or assistance from Us.
- To Market Our products and services to you, where We have consent to do so.
The Centre for Health collects and processes the following personal data: basic contact information: name, address, email, contact number and, due to the nature of the sensitive service We provide, if you choose to engage in a Health Service, We may also collect sensitive personal data and special categories of data.
When you visit Our Website www.thecentreforhealth.co.uk Our cookie app will allow you to choose whether to accept or decline. No personal data will be collected simply by browsing Our site.
When you register to Use Our Health Service or make an enquiry about Our services you may pass Your data to Us by email, via Our contact form on Our Website, via a message to Our Facebook page. Whenever We process Your data to contact you based upon Our lawful basis to do so, including consent, We will always include an unsubscribe link.
When you engage The Centre for Health to provide any of Our services Your data will be processed on the basis that you have contracted with Us to provide you with a Digital Vehicle Check.
You are under no obligation to provide information to Us, but We may not be able to provide services you are requesting, and We may therefore choose not to provide services you are seeking.
When you provide Us with Your personal information, We Use Your information to:
- Provide Health Services in relation to contraception
- Provide and service Your contractual relationship with Us.
- Process billing and payments
- Comply with legal obligations for the prevention of financial crime and money laundering.
- Update you on Our Services, News and any Special Offers where we have consent to do so.
We will process Your information to meet Our contractual obligations to You, where We have a legitimate interest to do so and, where We are permitted by law or to comply with applicable laws and regulation. The following sets out the Lawful basis’s We rely upon:
- Providing Our service to you including all internal processing required to fulfil Our obligation to provide the service you have requested.
- To service and administer Your matter including billing and payments.
- To provide you with any information on the services that you have requested.
- To confirm, update and improve Our Customer records in compliance to Data Protection Legislation.
- For the prevention of financial crime and money laundering to prevent crime, fraud and money laundering
- Where We are obliged to disclose information by reason of any law, regulation, or court Order.
- For training purposes and to improve Our service to you
- For auditing purposes by accounting or regulatory authorities
- To transfer information to any entity which may acquire rights in Us
- To inform you of products and services that may be of interest to you, where you have chosen to be made aware of this.
- For any other purpose to which you agree i.e: the display of a testimonial
We will retain Your personal information in accordance with applicable laws. We will take reasonable steps to purge, destroy or anonymise personal information We no longer need for the purposes We have set out above.
Our retention periods are:
|TYPE OF PERSONAL INFORMATION||RETENTION PERIOD|
|General personal data which includes Your normal personal data and personal identity.||For the duration of time that Your account is in Use or at rest in between Use and for 3 years after the end of Our relationship with you.|
|Mobile phone contact data||6 months after the end of Our relationship with you.|
|Where applicable Customer Due Diligence Material which includes screening prior to and during the provision of Our service.||2 years after the end of Our business relationship with you, or the end of Your matter which ever comes later|
|Call recordings only if applicable||1 year|
|Accounts and billing information||6 years after the end of Your relationship with Us|
The Centre for Health will never share Your data with any third party for Direct Marketing. Where necessary or required We share information:
- When disclosure is in the public interest, to prevent a miscarriage of justice or where there is a legal duty, for example a Court Order.
- When the information concerns risk of harm to the Customer, or risk of harm to another adult or a child. We will discuss such a proposed disclosure with You unless We believe that to do so could increase the level of risk to You or to someone else.
- Under certain circumstances required by law and only where identification and security checks have been subject to Our due diligence
- Regulatory authorities to comply with Our legal obligations.
In situations where it is necessary for data to be transferred between parties whether UK, EU or Worldwide We maintain optimum security protocols and have policy in place to continually monitor and safeguard all data.
On a day-to-day basis We keep Your data secure ensuring:
- All Our systems are password protected and has an installed firewall, malware and anti-virus protection to prevent others gaining access to Our systems.
- Email systems are secured with a password.
- Access to the analytics on the Website are secured with a strong password.
- Personal information is minimised in phone and email communication.
- The Centre for Health will never Use open or unsecure Wi-Fi networks to send any personal data.
- In secure online cloud storage systems.
- On a password protected laptop (which no other person/professional has Use of)
- In a paper file
- In mobile phones and email systems
We also Use Google Analytics to help Us understand how Our Customers Use Our Website. You can read more about how Google Uses Your Personal Information here: https://www.google.com/intl/en/policies/privacy/.
You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
If We engage in advertising Our Website may include pixels that help Us to assess how effective Our adverts are. Pixels do not collect individual data.
You have the right to request copies of Your personal information without charge and provided within 30 days of Your request. This request is referred to a SAR ‘Subject Access Request’ and, where We are unable to meet Our obligation to provide you with copies within 30-days We will write to you to advise this and to indicate when Your request will be fulfilled. A SAR will provide you with the actual data We hold.
If you think any of the personal information, We hold about you is inaccurate, you may request it is corrected or erased. You also have a right, in certain circumstances, to object to Our processing of Your personal information, to require Us to stop processing Your personal information and/or to withdraw Your agreement to processing based on ‘consent’, but this does not apply where We have other legal justifications to continue processing Your data or an overriding legitimate interest.
You may request to have Your data erased however this is not always possible and, if this is the case We will write to you to provide you with the details as to why Your data cannot be erased at that time.
In relation to all of these rights and on any other matter relating to Data Protection you may email David.firstname.lastname@example.org . David Ritchie is the Data Controller and Data Processor for The Centre for Health and also provides the role of Data Administrator. The Centre for Health do not process data or monitor data subjects continuously.
We recognize that data subject who are EU citizens may wish to use Our service. We respect the privacy of all Our Customers and, as the UK GDPR is derived from EU GDPR 2016 Our data protection extends the necessary compliance to safeguard all data relating to EU citizens.
If you have a complaint about how We have handled Your personal information you may contact Us Using the details above and We will investigate Your complaint.
If you are unhappy with any aspect of Our investigation into Your complaint you have the right to complain to the Information Commissioner’s Office, details of how to complain are available at www.ico.org.uk