Intus Healthcare Limited (“the Company” / “we”) is committed to protecting the privacy and security of your personal information. This privacy notice describes how we collect and use personal information in accordance with the General Data Protection Regulation (“the GDPR”). The Company is a “data controller”. This means we are responsible for deciding how we hold and use personal information about you.
THE DPA AND GDPR MAY 2018
We and this website comply with the DPA (Data Protection Act 1998) and with the GDPR (General Data Protection Regulation) which comes into effect from May 2018. We will update this policy accordingly after the completion of the UK’s exit from the European Union.
THE TYPES OF PERSONAL INFORMATION WE COLLECT
We collect information provided to us, such as name, address(es), phone number, email address, payment information (if appropriate) and any other information that you choose to provide to us. In order to safeguard the privacy rights of our patients, we always ask for this set of information with each contact we make. It is very important that when accessing our patient records, we are certain we are looking at the correct file so that, we are only discussing private information with a patient or their representative who has the right to know.
HOW WE USE PERSONAL INFORMATION
We use your information in accordance with the data protection principles. We will comply with data protection law. This says that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
- Relevant to the purposes we have told you about and limited only to those purposes
- Accurate and kept up to date
- Kept only as long as necessary for the purposes we have told you about
- Kept securely
USE AND DISCLOSURE OF PERSONAL INFORMATION
We may use and disclose Personal Information for the following purposes:
To send you informational and promotional content in accordance with your marketing preferences that you have provided to us. For example, you may purchase a CPAP mask which has an expected lifespan of nine months. The information is used to generate an email to notify you that it may need replacing when nearing the end of its lifespan. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
To communicate with our members about their account and provide customer support.
To provide, support, and improve the services we offer. This includes our use of the data that our Subscribers provide us in order to enable our Subscribers to use the services.
To provide suggestions to you. This includes adding features that compare what you are searching for and give you options to look at other areas of the website.
To process orders and provide agreed goods and services to you, this may include third party providers for us to process payments that are due to us in order to process sales or provide services on our behalf.
To monitor and/or record telephone conversations to or from you in order to offer you additional security, resolve complaints, improve our service standards and for staff training purposes.
Any Government department, public body, or other third party where we believe in good faith we are legally obliged to do so.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
We have employed the services of two leading secure transaction and security providers, Opayo and PayPal, to ensure that our security remains as rigid as possible. Card details are never stored by Intus Healthcare Ltd.
For more information about our card payment services, see here to read what Opayo themselves have to say about their security. To read PayPal’s information about the security of transactions completed with their services, please click here. Google has information about their Google Checkout payment service available here.
YOUR RIGHTS AND CHOICES
We want you to be in control of how your personal information is used by us. You can do this in the following ways:
- You can request a copy of the information we hold about you
- You can tell us about any changes to your personal information which we hold
- You can ask us to amend any of the personal information we hold about you to ensure it is correct and accurate
- In certain situations, you can ask us to erase the personal information we hold about you or request changes to the way we use your information
During the order process, you will need to give consent for us to use this personal information as detailed. You may withdraw your consent at any time. Where we process your personal information based on legitimate interest or the public interest, you have a right to object at any time to the use of your personal information. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact [email protected] in the first instance. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
SOCIAL MEDIA POLICY AND USAGE
We adopt a Social Media Policy to ensure our business, and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify the authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
EMAIL MAILING LIST AND MARKETING MESSAGES
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages. The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
WHAT ARE COOKIES?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
WEBSITE VISITOR TRACKING
This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
ADVERTS AND SPONSORED LINKS
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
DOWNLOADS AND MEDIA FILES
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third-party anti-virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third-party anti-virus software or similar applications.
HOW TO CONTACT US
Users contacting this us through this website or other associated websites do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.
CHANGES TO OUR PRIVACY STATEMENT
We continually review our practices and will update this policy from time to time.
EXTERNAL WEBSITE LINKS AND THIRD PARTIES
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text/ banner/image links to other websites).
Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should, therefore, note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
DATA PROTECTION COMPLIANCE