We are St Matthews Healthcare (Head Office), a company incorporated in England and Wales. Our company number is 04611507 and our registered address is Broomhill Holdenby Road, Spratton, Northamptonshire, NN6 8LD
(“St Matthews Healthcare ” / “we” / “our” / “us“). We are committed to ensuring that your privacy is protected. We comply with the UK General Data Protection Regulation (“UK GDPR”) unless and until the UK GDPR is no longer directly applicable in the UK. We also follow all national implementing laws, regulations and secondary legislation as amended or updated from time to time in the UK, and any successor legislation to the UK GDPR and the DPA (together “Data Protection Legislation”). We are the data controller of data you pass to us pursuant to this policy. Our Data Protection Officer can be contacted at email@example.com.
What information does St Matthews Healthcare (Head Office) hold and how will we use it?
Information you give St Matthews Healthcare: You may give us information about you by completing enquiry forms on the website or by requesting via the website that we send you marketing information, or the information you give us may include your name, email address, address/location and phone number.
We will retain this information while we are corresponding with you or providing services to you or to a Service User you represent. We will retain this information for the time periods stated in our documentation retention policy. Refer to the Records Management Code of Practice for Health and Social Care if required.
Information St Matthews Healthcare collects about you: St Matthews Healthcare may collect the following information from you when you visit the website:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from the website (including date and time), products you viewed or searched for, page response times, website errors, length of visits to certain pages, page interaction information, methods used to browse away from the page and any phone number used to call our helpline.
Information we receive from other sources: This includes information we receive about you when you use other websites operated by us or other services we provide. This information may include your name, email address, postal address and phone number. We will retain this information for duration stated in our documentation retention schedule
Your Rights in Respect of your Data
Our Legal basis for processing personal confidential data includes;-
UK GDPR “Lawfulness of processing” Article 6
1(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
1(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data,
UK GDPR “Processing of special categories of personal data” Article 9
2(b) processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment and social security and social protection law in so far as it is authorised by Union or Member State law or a collective agreement pursuant to Member State law providing for appropriate safeguards for the fundamental rights and the interests of the data subject;
2(h) processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3 of UK GDPR;
Use Made of the Information
We may use the information we receive and/or collect about you to:
- Fulfil our obligations under any contract that we have entered into with you or with a Service User that you represent, and to provide you or the relevant Service User with information or services that you or the Service User has requested
- Send you newsletters and marketing information if you have consented to us doing so
- Notify you of products and services that we feel may interest you, or permit third parties to do so if you have provided the appropriate consent
- Monitor website usage and provide statistics to third parties for the purposes of improving and developing the website and the services we provide via the website
St Matthews Healthcare processes personal information for certain legitimate business purposes, which include some or all the following:
- Where the processing enables St Matthews Healthcare to enhance, modify, personalise or otherwise improve the website, its services or communications
- To identify and prevent fraud
- To enhance the security of the network and information systems of St Matthews Healthcare
- To better understand how people interact with the websites of St Matthews Healthcare
- To administer the website and carry out data analysis, troubleshooting and testing; and
- To determine the effectiveness of promotional campaigns and advertising
If we obtain consent from you to do so, we may provide your personal details to third parties so that they can contact you directly in respect of services in which you may be interested.
Where we are processing personal data that we have obtained via the website on the basis of having obtained consent from you, you have the right to withdraw your consent to the processing of your personal data at any time. If you would like to withdraw your consent or prefer not to receive any of the above-mentioned information (or if you only want to receive certain information from us) please let us know by contacting us via the following webpage Contact. Please bear in mind that if you object, this may affect our ability to carry out the tasks above for your benefit.
If you wish to have your information removed from our database or if you do not want us to contact you for marketing purposes, please let us know by clicking the “Unsubscribe” option in any email we send to you and providing the details requested or by contacting us via the following webpage [insert webpage link] and we will take steps to ensure that this information is deleted as soon as reasonably practicable.
We will not share, sell or distribute any of the information you provide to us (other than as set out in this policy) without your prior consent, unless required to do so by law.
We may carry out automated decision-making using the personal data you provide to us. We do so to ensure we provide our clients with the best possible care available.
Third Party Sites
How Safe is your Information?
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Protecting your security and privacy is important to us and we make every effort to secure your information and maintain your confidentiality in accordance with the terms of the Data Protection Legislation. The website is protected by various levels of security technology, which are designed to protect your information from any unauthorised or unlawful access, processing, accidental loss, destruction, and damage.
We will do our best to protect your personal data but the transmission of information via the Internet is not completely secure. Any such transmission is therefore at your own risk.
Disclosure of your Information
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006. We may share your information with selected third parties including:
- Business partners, suppliers, and sub-contractors for the performance of any contract we enter with them or you
- Third parties who may wish to contact you in respect of services or products they offer or sell which may be of interest to you, provided we receive your consent to such disclosure; and/or advertisers and advertising networks that require the data to select and serve relevant adverts to you and analytics and search engine providers that assist us in the improvement and optimisation of the website
Please note, we may need to disclose your personal information where we:
- Sell any or all of our business or assets or we buy another business or assets in which case we may disclose your personal data to the prospective buyer or seller
- Are under a legal duty to comply with any legal obligation or to enforce or apply our terms and conditions; or
- Need to disclose it to protect our rights, property or the safety of our customers or others, including the exchange of information with other companies, organisations and/or governmental bodies for the purposes of fraud protection and credit risk reduction
Where we Store your Personal Data
Although we have left the EU, UK GDPR still requires the following: St Matthews Healthcare (Head Office) does not transfer personal data outside the EEA.
Your Rights in Respect of your Data
If any of the information you provide to us via the website changes, please let us know as soon as possible so that we can make the necessary changes to the information we hold for you on our database. If you wish to make any changes to your information, please contact us via the following webpage Contact
If you wish to access or rectify the information we hold about you, or request that such information be transmitted directly to another data controller, please contact us via the following webpage [insert webpage link]. We shall process your request to access your information within one month of receipt, or we will let you know within that timeframe if we need more information from you. We will process your request free of charge.
To request that your information is deleted or if you wish to restrict or object to the processing of your information, please contact us via the following webpage Contact.
If you have any complaints about our use of your personal data, please contact us. You also have the right to complain to the relevant supervisory authority in your jurisdiction. In the UK, the supervisory authority is the Information Commissioner’s Office. Contact details for the ICO can be found at https://ico.org.uk/.