Welcome to the new website of Pool Medical Centre

Privacy Notice

Patient Link respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you visit our website and tell you about your privacy rights and how the law protects you.

This privacy notice is provided in a layered format so you can click through to the specific areas set out below. Please also use the Glossary to understand the meaning of some of the terms used in this privacy notice.

IMPORTANT INFORMATION AND WHO WE ARE

THE DATA WE COLLECT ABOUT YOU

HOW IS YOUR PERSONAL DATA COLLECTED?

HOW WE USE YOUR PERSONAL DATA?

DISCLOSURES OF YOUR PERSONAL DATA

DATA SECURITY

DATA RETENTION

YOUR LEGAL RIGHTS

Purpose Of This Privacy Notice

This privacy notice aims to give you information on how Patient Link collects and processes your personal data through your use of the surgery website. Any data relating to a child needs to be provided by their legal guardian. It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.

Changes To The Privacy Notice And Your Duty To Inform Us Of Changes

This version was last updated in March 2021.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Third-Party Links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

The Data We Collect About You

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together, as follows:

Identity Data includes name, gender, date of birth, address, telephone number, email, NHS number.

Contact Data includes email address and telephone numbers.

Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

Special Categories of Data includes sensitive medical details such as symptoms, conditions, biometrics, family history, medication and any other health data you provide to us by filling the form on the website.

Usage Data includes information about how you use our website, products and services.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

If You Fail To Provide Personal Data

Where we need to collect personal data for the information to be forwarded via the practice website to the GP practice you have chosen and you fail to provide that data when requested, we may not be able to send the information to the GP practice. This does not affect your ability and freedom to visit your medical practitioner.

How Is Your Personal Data Collected?

You may give us your Identity, Contact and Special Categories of Data by filling in forms or by Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookie policy for further details.

How We Use Your Personal Data?

We collect the personal data that you may volunteer while using our services. We do not collect information about our visitors from other sources, such as public records or bodies, or private organisations. We do not collect or use personal data for any purpose other than that indicated below:

To send you confirmation of requests that you have made to us.

To send you information when you request it.

We intend to protect the quality and integrity of your personally identifiable information and we have implemented appropriate technical and organisational measures to do so. We ensure that your personal data will not be disclosed to State institutions and authorities except if required by law or other regulation.

Data Security

We are committed to protecting your privacy and will only use information collected lawfully in accordance with:

• Data Protection Act 2018

• The General Data Protection Regulations 2016

• Human Rights Act 1998

• Common Law Duty of Confidentiality

• Health and Social Care Act 2012

• NHS Codes of Confidentiality, Information Security and Records Management

• Information: To Share or Not to Share Review

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Data Retention

How Long Will You Use My Personal Data For?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. Please click on the links below to find out more about these rights:

Request access to your personal data

Request correction of your personal data

Request erasure of your personal data

Object to processing of your personal data

Request restriction of processing your personal data

Request transfer of your personal data

Right to object