What information do we collect from you?
Personal data, or personal information, means any information about an individual from which that person can be identified.
We will collect and process the following data about you:
- Information you give us. This is information about you that you give us by filling in forms on our site or at our events or by corresponding with us by phone, email or otherwise. The information you give us may include your name, job title/function, organisation, business sector, address, email address and phone number. Please let us know if any of this information changes so we can keep our records up to date. We also ask attendees to let us know their reasons for attending our events.
- Information we collect from your use of our site. With regard to each of your visits to our site:
- we will automatically collect technical information, such as the Internet protocol (IP) address used to connect your device to the Internet, whereabouts you connected to our service, your internet service provider (ISP), and what type of device you are using to access our service;
- Information we collect when we speak to you by telephone. We will automatically collect the following information:
- the phone number used to call us;
- a recording of all outbound calls (for training purposes and to investigate complaints).
- Information we receive from other sources. We obtain information from third parties about individual’s professional details, usually obtained from the provision of a business card. This basic professional information is used to identify individuals who may be interested in attending our events based on their job title and business sector.
Why do we collect this information?
We process your personal information for the following reasons:
- Pursuant to a contract in order to:
- process information at your request to take steps to enter into a contract;
- provide you with our services;
- maintain business and service continuity;
- send service communications so that you receive a full and functional service and so we can perform our obligations to you. These may be sent by email or post or, if the circumstances require it, we may contact you by phone. These will include notifications about changes to our events or services; and
- On the basis of your consent:
- Where we rely on your consent for processing this will be brought to your attention when the information is collected from you;
- If we contact you with direct marketing communications on the basis of your consent to us doing so, you have the right to withdraw consent at any time. See the What are your rights? section below for more information.
- In our legitimate interests of providing the best service and improving and growing our business we will process information in order to:
- provide you with a personalised service;
- improve our products and services;
- keep our site and systems safe and secure;
- understand our customer base and purchasing trends;
- defend against or exercise legal claims and investigate complaints; and
- understand the effectiveness of our marketing.
We will carry out analytics to improve our products and services as set out above.
We will share information with our clients in our and their legitimate interests of improving our businesses for the purposes set out above.
You have the right to object to processing carried out for our legitimate interests. See the What are your rights? section below for more information.
- To comply with legal requirements relating to:
- the provision of products and services;
- data protection;
- health and safety;
- anti-money laundering;
- fraud investigations;
- assisting law enforcement; and
- any other legal obligations placed on us from time to time.
How long do we keep hold of your information?
- We will keep information about you for a maximum of 6 years after the end of our relationship with you unless we are required to remove such data from our records.
- Telephone records. We will keep these up to 6 months from the time the recording was made unless the recording is required in relation to a complaint, in which case the recording will be kept for up to 6 months from the conclusion of the complaint.
Who might we share your information with?
For the purposes set out in the ‘Why do we collect this information?’ section above, we will share your personal information with:
- the following categories of third parties, some of whom we appoint to provide services, including:
- business partners, subsidiaries, suppliers and sub-contractors for the performance of any contract we enter into with you (e.g. healthcare related organisations);
- analytics and search engine providers that assist us in the improvement and optimisation of our site;
- customer survey providers in order to receive feedback and improve our services.
- marketing sub-contractors who help us to plan, target, design and deliver invitations and other marketing and carry out analytics on our marketing activities
Additionally, we will disclose your personal information to the relevant third party:
- In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
- If we are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets.
How is your data stored and kept secure?
At The Healthcare Partnership, we take your safety and security very seriously and we are committed to protecting your personal and financial information. All information kept by us is stored on our secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our service, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We do not transfer your data outside the European Economic Area (“EEA”). If in future we do need to transfer your data outside the EEA, we will only do so if adequate protection measures are in place in compliance with data protection legislation.
What are your rights?
Where processing of your personal data is based on consent, you can withdraw that consent at any time.
You have the following rights. You can exercise these rights at any time by contacting us at Brightwire House, 114a Church Road, Hove, East Sussex BN3 2EB or data@the-HCP.com.
You have the right:
- to ask us not to process your personal data for marketing purposes;
- to ask us not to process your personal data where it is processed on the basis of legitimate interests provided that there are no compelling reasons for that processing;
- to request from us access to personal information held about you;
- to ask for the information we hold about you to be rectified if it is inaccurate or incomplete;
- to ask for data to be erased provided that the personal data is no longer necessary for the purposes for which it was collected, you withdraw consent (if the legal basis for processing is consent), you exercise your right to object, set out below, and there are no overriding legitimate ground for processing, the data is unlawfully processed, the data needs to be erased to comply with a legal obligation;
- to ask for the processing of that information to be restricted if the accuracy of that data is contested, the processing is unlawful, the personal data is no longer necessary for the purposes for which it was collected or you exercise your right to object (pending verification of whether there are legitimate grounds for processing);
- to ask for data portability if the processing is carried out by automated means and the legal basis for processing is consent or contract.
Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us using the contact details above. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK, at any time. The ICO’s contact details are available here: https://ico.org.uk/concerns/.
For the purpose of data protection legislation, the data controller is The Healthcare Partnership, Brightwire House, 114a Church Road, Hove, East Sussex BN3 2EB. Our data protection officer is Duane Lacey (“DPO”). If you have any queries, complaints or requests please contact our DPO at data@the-HCP.com or 03300 526526.