Baywater Healthcare privacy policy
The policy
Baywater Healthcare Limited (“the Company” / “we”) is committed to protecting the privacy and security of your personal information. This privacy notice describes how we collect and use personal information in accordance with the UK General Data Protection Regulation (“the GDPR”). The Company is a “data controller”. This means we are responsible for deciding how we hold and use personal information about you.
This privacy policy is for the website; www.baywater.co.uk and served by Baywater Healthcare, Wulvern House, Electra Way, Crewe, Cheshire, CW1 6GW and governs the privacy of its users who choose to use it. Baywater Healthcare is part of the Bastide Group. This policy explains how we comply with the UK GDPR (General Data Protection Regulation), the DPA (Data Protection Act) and the PECR (Privacy and Electronic Communications Regulations).
This policy explains areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the UK GDPR, DPA & PECR are adhered to. Additionally, it explains the use of cookies or software, advertising or commercial sponsorship from third parties and the download of any documents, files or software made available to you (if any) on this website. Further explanations may be provided for specific pages or features of this website to help you understand how we, this website and its third parties (if any) interact with you and your computer/device to serve it to you. Our contact information is provided if you have any questions.
The DPA and UK GDPR May 2018
We and this website comply with the UK GDPR (General Data Protection Regulations), which forms part of the data protection regime in the UK, together with the new Data Protection Act 2018 (DPA 2018).
The types of personal information we collect
We collect information provided to us, such as name, address, phone number, email address and date of birth, payment information (if appropriate) and any other information that you choose to provide to us. In order to safeguard the privacy rights of our patients, we always ask for this set of information with each contact we make. It is very important that when accessing our patient records, we are certain we are looking at the correct file so that we are only discussing private information with a patient or their representative who has the right to know.
How we use personal information
We use your information in accordance with the data protection principles. We will comply with data protection law. This says that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
- Relevant to the purposes we have told you about and limited only to those purposes
- Accurate and kept up to date
- Kept only as long as necessary for the purposes we have told you about
- Kept securely
Use and disclosure of personal information
We may use and disclose Personal Information for the following purposes:
To send you informational and promotional content in accordance with your marketing preferences that you have provided to us. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
To send you system alert messages. For example, we may inform you of temporary or permanent changes to our Services, such as planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Policy.
To communicate with our members about their account and provide customer support.
To provide, support, and improve the services we offer. This includes our use of the data that our Subscribers provide us in order to enable our Subscribers to use the services.
To provide suggestions to you. This includes adding features that compare what you are searching for and give you options to look at other areas of the website.
To process orders and provide agreed goods and services to you; this may include third party providers for us to process payments that are due to us in order to process sales or provide services on our behalf.
To monitor and/or record telephone conversations to or from you in order to offer you additional security, resolve complaints, improve our service standards and for staff training purposes.
Any Government department, public body, or other third party where we believe in good faith we are legally obliged to do so.
Data Retention
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, we may anonymise your personal information so that it can no longer be associated with you, in which case, we may use such information without further notice to you.
Your rights and choices
We want you to be in control of how your personal information is used by us. You can do this in the following ways:
- You can request a copy of the information we hold about you
- You can tell us about any changes to your personal information that we hold
- You can ask us to amend any of the personal information we hold about you to ensure it is correct and accurate
- In certain situations, you can ask us to erase the personal information we hold about you or request changes to the way we use your information
As a recipient of our service, you will have signed a consent form and agreed to us sharing your information with your hospital care team, your GP, the home care team, your electricity service provider/distributor for your area (we will share your details with your electricity distributor so they can inform you of any electricity outages) and other teams (e.g. NHS administration and the Fire and Rescue Service) as necessary.
You may withdraw your consent at any time. Where we process your personal information based on legitimate interest or the public interest, you have a right to object at any time to the use of your personal information. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact [email protected] in the first instance. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Data security
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Social media policy and usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms, users are advised to verify the authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
Email mailing list and marketing messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means, as detailed in the footer of sent marketing messages. The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
Our EMS (Email Marketing Service) provider is Mailchimp and you can read their privacy policy in the resources section.
Our use of cookies and other similar technologies
This website uses cookies to improve the user experience while visiting the website. As required by legislation, where applicable, this website uses a cookie control system, allowing the user to give explicit permission or to deny the use of /saving of cookies on their computer/device.
What are cookies?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server, to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computer’s hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
Cookies used on our site
Below is a list of the cookies used on our site, and their general purpose:
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
_ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_ga_VJ386FDBFV | 2 years | This cookie is installed by Google Analytics. |
_wpfuuid | 11 years | This cookie is used by the WPForms WordPress plugin. The cookie is used to allows the paid version of the plugin to connect entries by the same user and is used for some additional features like the Form Abandonment addon. |
CONSENT | 2 years | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. |
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category . |
cookielawinfo-checkbox-functional | 1 year | The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category . |
cookielawinfo-checkbox-others | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others". |
cookielawinfo-checkbox-performance | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance". |
CookieLawInfoConsent | 1 year | Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie. |
JSESSIONID | session | The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application. |
VISITOR_INFO1_LIVE | 5 months 27 days | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. |
vuid | 2 years | Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website. |
YSC | session | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt-remote-device-id | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Adverts and sponsored links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to who may have detailed privacy policies relating directly to the adverts they serve.
Clicking on any such adverts will send you to the advertiser’s website through a referral program, which may use cookies, and will track the number of referrals sent from this website. This may include the use of cookies which may, in turn, be saved on your computer’s hard drive. Users should, therefore, note that they click on sponsored external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Downloads and media files
Any downloadable documents, files or media made available, on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third-party anti-virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third-party anti-virus software or similar applications.
How to contact us
Users contacting this us through this website or other associated websites do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.
Changes to our privacy statement
We continually review our practices and will update this policy from time to time.
External website links and third parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text/ banner/image links to other websites, similar to; Church Cottage, Llawhadenor or www.celticinst.com.)
Shortened URLs; URL shortening is a technique used on the web to shorten URLs (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
We cannot guarantee or verify the contents of any externally-linked website, despite our best efforts. Users should, therefore, note that they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Service providers
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Analytics
We may use third-party Service Providers to monitor and analyse the use of our Service.
- Google Analytics – Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalise the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visit activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/
Behavioural remarketing
Baywater Healthcare Limited uses remarketing services to advertise on third party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimise and serve ads based on your past visits to our Service.
- Google AdWords – Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customise the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/
- Facebook – Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950 To opt-out from Facebook’s interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217 Facebook adheres to the Self-Regulatory Principles for Online Behavioural Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation
Payments
We may provide paid products and/or services within the service. In that case, we use third-party services for payment processing (e.g. payment processors).
We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
The payment processors we work with are:
- Stripe – Their Privacy Policy can be viewed at https://stripe.com/us/privacy
Data protection compliance
Please contact [email protected] if you have any questions about this privacy policy or how we handle your personal information. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at: [email protected]
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address is:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113