Newson Health Limited
About this Privacy Notice
Newson Health understands that you care about your personal privacy and we take our responsibilities under data protection law, including the EU General Data Protection Regulation (GDPR) seriously.
When you visit our website, become one of our patients or a member of staff or provide services to us, we may collect information about you. This Privacy Notice provides you with some basic information about how we use your personal information and your legal rights and options. If you would like more detail, please click on one of the links at the foot of this document that is most relevant to you.
Please take the time to read this information carefully and if you have any questions about it please contact the Practice Manager.
Children’s Privacy: Our services are not aimed at children. In the limited circumstances where we may collect and use personal information about children we will comply with relevant law and guidelines.
Who is responsible for your personal data?
Newson Health Limited is responsible for your personal data. It is a limited liability company incorporated in England & Wales, registered number 11106782. For the purposes of data protection law, the controller of your personal data is Newson Health Limited.
How to Contact Us
Our Practice Manager helps Newson Health Limited meet its obligations under data protection law.
If you have any questions about this Privacy Notice or the way in which your personal data is handled by us, please contact The Practice Manager using the contact details below:
The Practice Manager
Winton House, Church Street, Stratford-Upon-Avon, Warwickshire, CV37 6HB
Our Telephone Number: +44 (0) 1789 595004
Email address: email@example.com
Security of your personal data
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. If you would like more specific information about our security measures please contact us.
In addition, we restrict access to your personal data to those employees, agents, contractors and third party service providers, that have a legitimate requirement to be able to access your information. In any event, we have taken the necessary measures to ensure that these other parties handle your information securely and only on our instructions.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
International Transfers of your Personal Data
Some of our service providers are located outside the European Economic Area (EEA) and in order to use their services we need to transfer your personal data outsider the EEA.
Whenever we transfer your personal data outside the EEA, we take appropriate safeguards to ensure that your personal data is adequately protected. We achieve this by deploying one or more of the following safeguards:
- We may transfer your personal data to countries outside the EEA that the European Commission has deemed, provide an adequate level of protection for personal data; or
- Where we use certain third party service providers, we may ensure that our contract for delivery of those services, incorporates specific contractual obligations which have been approved by the European Commission (or other relevant authority) as providing an adequate level of protection for your personal data; or
- Where we use service providers that require the transfer of your personal data to the United States, we may require the service provider to be a member of the EU-US Privacy Shield (or other similar mechanism) which requires them to protect your personal data to a standard that is acceptable to the European Commission or similar body;
- We may, in certain circumstances such as where none of the above safeguards are available, transfer your personal data with your explicit consent.
If you would like more information about the potential transfer of your personal data outside the EEA and the mechanism, we deploy to ensure it is adequately protected, please contact The Practice Manager using the contact details above.
How Long do we Keep your Personal Data for?
We store the listed categories of your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting obligations, or as necessary to resolve disputes.
To determine the appropriate retention period for your personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes we process your personal data for and whether we can achieve those purposes through other means, and applicable legal requirements.
By law, we are required to retain basic information about our customers such as contact details, identity, financial and transaction data for six years after they cease being our customers for tax purposes.
In some circumstances, you have the legal right to ask us to delete your personal data. More information about this right can be found above in the section called “Your Legal Rights”.
Automated Decision Making and Profiling
Newson Health does not use your personal data for automated decision making or profiling purposes.
Automated decision-making is the process of making a decision which produces significant legal effects for an individual and where that decision is made solely by automated means without a human being involved at all.
Profiling means the analysis of certain characteristics of an individual’s personality, behaviour, interests and habits to find out more about their preferences or to make predictions about their behaviour and/ or to make decisions about them.
Your Legal Rights
You have various rights with respect to our use of your personal data: You may exercise these rights at any time by contacting our Practice Manager and without adversely affecting your medical care. We may ask for proof of identity such as a copy of your passport or similar document.
These are your legal rights:
Right of Access: You have the legal right to access your personal data together with other information about how we use your information. This information will usually be provided free of charge and within one calendar month. To help keep your information secure, you may be asked to give us for proof of your identity. We may also need further information from you to help us locate the information you require. Please be aware that your right of access can be legally restricted or refused in certain circumstances. For example, we may be legally permitted to refuse all or part of your request if it would necessitate sharing information with you that identifies someone else, or if we are legally prevented from disclosing such information.
- Accuracy: It is extremely important that the information that we hold relating to you is accurate, current and complete. This requirement applies to all of the personal information we hold about you including contact details, medical and health information. If any of your personal information has changed please tell us, using any of the contact methods set out above. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
- Objecting: In certain circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data. If you would like us to stop using your personal data, please email us at firstname.lastname@example.org.
- Right to withdraw consent: If we are processing your personal data on the basis of your consent, you have the right to fully or partly withdraw your consent. For example, we only send you direct marketing if you have consented.
- Porting: In certain circumstances, you have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.
- Erasure: In certain circumstances, you have the right to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data have been unlawfully processed.
- Complaints: If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority, or to seek a remedy through the courts.
If you fail to provide your personal data
Where we need to collect personal data by law or in order to process your instructions or perform a contract we have with you and you fail to provide that data when requested, we may not be able to carry out your instructions or perform the contract we have or are trying to enter into with you. In this case, we may have to cancel our engagement or contract you have with us, but we will notify you if this is the case at the time.
Changes to our Privacy Notice
We will update and change this Notice from time to time to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Notice.
Want more detail?
In order to help you quickly and easily understand how Newson Health collects and uses your personal data, we have created a series of further Privacy Notices that are tailored to specifically reflect the relationship you have with us. Please click on the relevant link below to find out more about how your personal data is collected and used by us.