Increasing Practice Profits
Increasing Practice Profits

Privacy Policy & Cookie Policy

PRIVACY NOTICE

 

To the extent that we process relevant personal information this Privacy Notice explains how we process personal data on individuals or GP practices who deal with or interact with our  business. We take privacy very seriously, and this document explains things you should know about what we do with personal data.

We Ash Lane  are the “data controller” (i.e. the legal entity which decides the means and purpose for the processing of your personal data). We are registered at Park Farm, Ash Lane, Oakhill, Radstock, BA3 5BQ.

LAWFULNESS OF PROCESSING

Under the UK Data Protection Act 2018 (GDPR), the lawful basis we rely on for us to process your personal information has to be stated. In our case depending on circumstance we rely on (‘Legitimate Interest’.)

  1. YOUR RIGHTS

Under the UK DPA 2018 you have the following rights over the way we process personal data relating to you.  We aim to comply without undue delay, and within 30 days at the latest, to subject access requests (SARs) or other information requirements relating to:

  • the right of rectification, including the right to ask for a copy of personal data we are processing about you and correction of inaccuracies (for which we may, if permitted by applicable law, require payment of a fee)
  • The right to be informed of how we are using your data and whom we have shared it with 
  • The right of erasure or right to be forgotten if we have no legal reason to retain your data
  • The right to restrict processing, including asking us to restrict, stop processing, or to delete your personal data, particularly relating to marketing or where consent is the legal basis. 
  • The right to data portability, including a request for a machine-readable copy of your personal data, held by us, which you can use with another provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer
  • The right to object to any profiling activities we may undertake and object to our legitimate interest if you so wish
  • Make a complaint to the data protection regulator if you feel we have not acted in accordance with the regulation. 

 

  1. INFORMATION WE COLLECT

The information we collect very much depends on how you interact with us:

  • Information provided voluntarily by you i.e. name address, email address, phone number, company name, role title.
  • Information that you provide when you communicate with us by any means e.g. email address, phone number, contact name
  • When you supply services to us, the contact details for contracts and payment details
  • Potential employees or applicants plus full-time employees provide a range of information depending on the role and point in the application process. 

.

  1. Legal Basis for processing

We are required to detail in our privacy notice the legal basis for data processing. We in the main rely on ‘legitimate Interest’ as the legal basis for the processing of data in the following areas:

The collection of contact details of our customers and prospective customers (predominantly GP Practices).

 

  1. Disclosure

We may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies within the UK); in connection with any legal proceedings or prospective legal proceedings; and to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention, or other illegal activities; tax evasion; illegally working; visa violations, child support etc.).

  1. Marketing and Web Site Cookies

Our web site may deploy and use cookies to enhance your browsing activities and allows us to gather statistical information about our visitors. However, the regulations require us to obtain consent for any marketing activities we carry out and in addition any cookies we deploy other than those essential to the operation of the web site. Please see our separate cookie notice for details on how we comply with these requirements. In regard to marketing activities we will only send emails or newsletters or invitations to events if we have your valid consent.

 

  1. Mergers and Acquisitions.

If we are involved in a merger or structural re-organisation, the information we hold may be included as part of that merger or re-organisation, in which case you will be notified via email and/or a prominent notice on the Website (when operational) of any changes in ownership or use of your information, as to any choices you may have regarding that information.

 

  1. THIRD PARTY SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. Where we require you or recommend you use these third party service providers, such as payment gateways and other payment transaction processors, we irrespective of the fact, that they have their own privacy policies, are responsible for their use of your information.

Where we just provide access to third-party organisations, we recommend that you read their privacy policies, so you can understand the manner in which your personal information will be handled by these providers who are responsible for safeguarding your information.

 

 

 

  1. SECURITY

To protect your personal information, we take, in our opinion, all necessary precautions to comply with the requirements of the DPA 2018 to ensure that personal data is not inadvertently or maliciously disclosed, altered or destroyed. When we use an external processor for Data services, we will have taken such steps to ensure, so far as we are able under contract, that the processor shall implement appropriate technical and organisational measures in accordance with DPA stipulated terms surrounding GDPR Article 32 (1).

 

  1. RETENTION PERIODS

We will hold your personal information on our systems for as long as is necessary for the relevant purpose, or as otherwise described in this privacy policy. The retention of data concerned with financial transactions and contracts are 7 years after transaction date or contract termination. Similarly, for employment data retention period is 7 years after termination of contract.

 

  1. CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy notice at any time, if our business processes change or we have a change in processing activities we will update this notice, accordingly, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

  1. Questions & Contact Information

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information to contact us info@ashlane.co.uk.

 

 

 

 

COOKIE POLICY

 

We may use cookies to ensure you can interact with all features of our website as described below.

 

Essential Website Cookies

Always Active

These cookies are strictly necessary to provide you with services available through our websites and to use some of its features, such as access to secure areas. Because these cookies are strictly necessary to deliver the websites, you cannot refuse them without impacting how our websites function. 

Print | Sitemap

Web ViewMobile View

Logout | Edit page