Privacy policy
This Website is run by Patient. Patient is a brand name of Egton Medical Information Systems Limited (“we” or “Patient”), a company registered in England with company number 02117205 with registered offices at Fulford Grange, Micklefield Lane, Rawdon, Leeds, LS19 6BA.
Patient is committed to protecting and respecting your privacy.
In this policy:
Scope of policy
This notice - together with our terms of use as set out at Terms and conditions - sets out what we do with your personal data and what we do to keep it secure. It also explains where and how we collect your personal data, as well as outlining your rights over any personal data we hold about you and applies to your use of the PATIENT.INFO website (and all related services and features, collectively, the “Website”).
For the avoidance of doubt, use of the PATIENT ACCESS service (or of any services accessible through it, including, the Patient Access App) is subject to a separate privacy policy (and terms of use) accessible at patientaccess.com.
Scope of privacy notice
This notice sets out the basis on which we may process any personal data we collect from you, or that you provide to us. Please read the following terms carefully to understand our views and practices regarding personal data and how we will treat it.
This notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. ‘Processing’ for the purposes of this notice covers a very broad range of activities, including using, transferring, storing and even deleting data.
Please read the following terms carefully to understand our views and practices regarding your personal data and how we will treat it.
For the avoidance of doubt, any services we might provide or otherwise interacting with us, you consent to the collection, use and transfer of the relevant data and your information under the terms of this Privacy Policy (and the Terms of Use).
Personal data we may collect in relation to you
We may collect and process the following data about you:
Information you give us:
You may give us information about yourself by filling in forms on the Website, using our services or by corresponding with us (for example, by email or via social media). This includes information you submit via the Website when subscribing to our newsletter or via our social media sites. The information you give us may include your name, address, age (or age-range), gender, postcode, country, email address, phone numbers and any feedback you might provide.
If you contact us, we may keep a record of that correspondence.
Information provided when submitting or updating a request for support or contacting our support teams.
Information collected as a result of any monitoring which may take place. We may monitor (which may include recording) certain interactions between us in order to comply with any legal obligations, to detect fraud or criminal activity as well as for training purposes.
Information about any visit to our Website. Each time you visit the Website we will automatically collect the following information:
technical information, including the type of device used, operating system, browser type, and screen resolution; and
details of the resources accessed.
Cookies
We use cookies to distinguish you from other users of the Website. This helps us to provide you with a good experience when you visit the Website and also helps us to improve our Website. For detailed information on the cookies we use and the purposes for which we use them, please see our cookie policy patient.info/cookies.
Uses made of this information
We may use information we collect about you:
To administer your account
We have removed the ability to register accounts with the Website. If you have previously registered an account then we will be taking steps to delete that data once the relevant internal administrative steps have been taken in relation to that functionality.
To provide you with information, products or services that you request from us
We will use your contact details in order to provide you with information relevant to materials or services which you have asked us to provide to you.
To respond to your enquiries and send you administrative communications
We will respond to enquiries and occasionally email you with administrative communications, for example to tell you about an update to the Terms of Use.
To obtain your feedback on our sites and our offerings
We will occasionally ask for feedback on our sites and offerings in the forms of surveys and polls which you may choose to complete to help us improve our service.
To send you email newsletters
If you complete any of the newsletter subscription forms accessible via the Website, we will collect personal data such as your name and email address for the purpose of distributing our daily, weekly, monthly or ad hoc newsletters. These newsletters may be personalised based on your health interests or previous Website activity. You can choose to unsubscribe from these types of email by clicking the 'Unsubscribe' link from the email we send to you or by emailing us at enquiries@patient.info with your request. You may be asked to confirm your registration by clicking a confirmation link sent to the email address provided.
To send you information regarding our products and services and carefully selected offers from our partners
We may contact you from time to time with information regarding our products and services and carefully selected messages from partners who have products, services or offers that may be of interest to you. These messages may be targeted based on demographic or interest data which you have provided or which we have collected to make sure the offer is as relevant to you as possible. Please note that any partner messages which you receive will be sent by us (or on our behalf). We will not provide your details to any third party for their own marketing purposes and we will never sell your details to anyone else for them to be included in any marketing lists or databases. You can choose to unsubscribe from these types of communications by clicking the 'Unsubscribe' link from the communication we send to you or by emailing us at enquiries@patient.info with your request. We will not contact you for any marketing purposes by phone or by post.
To statistically analyse user behaviour and activity
We will monitor visitor interest and behaviour to help us to understand general usage of the Website and to help us improve the services we provide. We may also use this information to tailor the view of the Website or emails you receive to provide you with what we believe to be more relevant information. We may conduct market research and statistical analysis either ourselves or through an agency acting on our behalf.
For security and safety purposes
We will monitor Website activity in order to help protect our users from security threats and to detect if users are trying to misuse any element of the Website or to use them in an unauthorised manner. We may also use your contact information in order to alert you to any relevant security issues or safety concerns of which we are aware.
To invite you to join user research panels
From time to time there may be an opportunity to get involved with various user research panels. Some research opportunities will be advertised on the Website to all users. We may also email you invitations regarding specific research opportunities that we believe may be of interest to you. You can choose to unsubscribe from these types of email by clicking the 'Unsubscribe' link from the email we send to you or by emailing us at enquiries@patient.info with your request. Each research opportunity will be subject to particular terms dependent on the scope of the project and the information to be collected and so if you did want to become involved with a particular opportunity then we will provide you with the necessary details at the relevant time which would include details as to how the data you submit is to be processed. We will ensure that any data which is collected in connection with any research opportunity is processed in compliance with any applicable laws, this privacy policy and any particular terms detailed in respect of the relevant project.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Basis on which we process your personal data
Like most businesses we may rely on a range of legal basis in order to ensure that our use your personal data is lawful, including:
Where it is needed to provide you with our products or services, such as:
Updating your records, contacting you about the relevant product or service (where appropriate).
Sharing your personal data with service providers in order to deliver the relevant product or service.
Activities relevant to managing the relevant product or service including any enquiries you may make regarding the product or service, your application to receive the relevant product or service, and the administration and management of accounts.
Where it is in our legitimate interests to do so (provided this is not overridden by considerations regarding your rights and interests), such as:
Managing the products and services, updating your records, contacting you about the relevant product or service (where appropriate).
Performing and/or testing the performance of, our products, services and internal processes.
Following guidance and recommended best practice of government and regulatory bodies.
Managing and auditing our business operations.
Monitoring and to keeping records of our communications with you.
Undertaking market research and analysis and developing statistics.
For direct marketing communication purposes to help us to offer you relevant products and services (this includes the use of cookies or similar technologies to collect and store information when you interact with the Website in order that we can provide you with more relevant advertisements).
Note that where we require consent for direct marketing purposes (for example to send you electronic communications), we will ask for this consent separately and clearly:
Complying with any relevant legal and/or regulatory obligations.
To comply with our legal obligations
With your (explicit) consent (though with the exception of some direct marketing communications it is not likely that We would be relying upon this ground).
Opting out of email communications
Subject to the points below relating to service, security and safety communications you have the right at any time to opt out from receiving email communications from us by following the instructions to unsubscribe included in any communication which we send to you by email or by emailing us at enquiries@patient.info with your request.
Please note that we may need, from time to time, to contact you via email in order to highlight important changes to the Website, to our services, our terms of use or this privacy notice or for security or safety purposes. We have a legitimate interest in processing your personal data for these purposes (as we cannot provide certain services without having the ability to communicate with you in this way).
If you do not wish for us to contact you about such matters, please follow the instructions to unsubscribe included in any communication which we send to you by email or email us at enquiries@patient.info with your request.
Disclosure of your information
We may disclose your personal information to third parties in order to:
Enforce or apply the Terms of Use and other agreements or to investigate potential breaches of the same.
Protect the rights, property or safety of Patient, our customers, or others.
If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
If it is to a third party performing services on our behalf (and who may only use such information to provide services that we have requested and not for any other purpose), for example, third party companies that provide analytical services so that we can better understand our users and so tailor the services that we provide.
In connection with a potential sale or transfer of part or all of our business. In such circumstances we may share information with prospective purchasers (for example as part of a controlled due diligence exercise).
If we reorganise our business as we may need to transfer information about you to another member of our group of companies so that we could continue to provide services to you.
How and where we store your personal data
The personal data that we collect from you will be processed (which may include, where relevant, storing it) in accordance with our obligations under the relevant laws which set out our obligations as someone that has personal data within our possession and control (typically referred to as a ‘data controller’).
We will retain a record of your personal data in accordance with relevant law and the following criteria:
Where we have a reasonable business need to do so, for example, in order to manage our relationship with you.
where we are providing products and/or services to you and then for as long as someone could bring a claim against us in respect of those products or services.
in line with any legal and regulatory requirements or guidance in respect of retention periods.
As noted above, sometimes we use other organisations to process your personal information on our behalf, for example, in relation to the feedback surveys on our Website. We may use service providers to help us run the Website or services available on the Website, some of whom may be based outside the UK or EEA. However, it is our responsibility to ensure that if we use any such service provider then we will ensure that we have the necessary safeguards in place. We may also independently audit these service providers to ensure that they meet our standards.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of any data transmitted to the Website; any transmission that you make is therefore made at your own risk. However, once we have received your data, we will use strict procedures and security features to try to prevent any unauthorised or unlawful access to the same and all information you provide to us is held at our offices, (where relevant) those of other members of our group of companies, third party agencies, service providers, representatives and agents as described above. We also hold your personal data in secure data centres in the UK with all reasonable technological and operational measures put in place to safeguard it from unauthorised access.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Website or services, you are responsible for keeping this password confidential. We ask you not to share your password information with anyone.
Third party sites and links
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers or other third parties (for example, we include links below to the site of the Information Commissioner’s Office).
If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them will have their own privacy notices, policies and terms of use and that we do not accept any responsibility or liability for the same (and how they may be applied) or for any personal data that may be collected through those third party websites or services, such as contact and location data. Please check the relevant third party terms, notices and policies before you provide any personal data to those websites or use their services.
Children
We are committed to protecting the privacy of children. The Website is not designed or intended to attract or be used by children. In particular, we do not collect any personal data in relation to any individual that we know is under the age of 13.
Your rights
You have a number of important legal rights regarding the manner in which personal data relating to you is used. You can find more information about your rights on the Information Commissioner’s Office website.
We have outlined below the key rights which we believe may be relevant to your use of the Website and our services.
If you would like to exercise any of these rights then please contact us using the contact information provided below. Please note that you may be asked to provide us with reasonable proof of your identity so that we can be sure that we are discussing or providing your personal data with or to you (or if someone is making a request on your behalf, that they have the authority to do so).
Access to information
You have the right to access certain information held about you so that you can be aware of, and verify the lawfulness of, the processing we undertake.
You can exercise your right of access by making what is generally referred to as a 'subject access request'.
We will review each request which we receive and if we agree that we are obliged to provide personal data to you then we will (subject to certain limited exceptions provided under the relevant law) amongst other things: (i) describe it to you; (ii) tell you why we are holding it; (iii) tell you who it could be disclosed to; and (iv) let you have a copy of it (this may include providing an electronic copy).
Right to have information corrected
If you identify that any personal data that we hold about you is wrong, inaccurate or out of date then you may ask us to correct or update it. Please contact us via the details provided below and we will review each request and respond accordingly.
Right of erasure and the right to stop or limit our processing of your personal data
The right of erasure is also known as the ‘right to be forgotten’. You have the right to ask us to stop or to erase data we hold about you. Alternatively, you can ask us to limit any processing we are undertaking in respect of your personal data. These rights arise if we no longer have a valid reason to do so or if we have held it for too long.
These are not absolute rights but every request we receive will be considered carefully and we will respond accordingly (providing grounds for any decision we make).
Right to withdraw consent
You are free to withdraw any consent which you have given to us in relation to our use of your personal data at any time. Please note that not all uses which we make of your personal data require your consent (for example, if we need to use that information in order to provide a service you have requested then we do not need your consent in order to do so).
Right to object
You have the right to object to the processing of your personal data at any time. This effectively allows you to stop or prevent the processing of your personal data. An objection may be in relation to all of the personal data we hold (as a controller) about you or only to certain information. It may also only relate to a particular purpose we are processing the data for. Save in relation to direct marketing communications (where you have the right to tell us to stop sending you such materials at any time) this is not an absolute right but every request we receive will be considered carefully and we will respond accordingly (providing grounds for any decision we make).
Right to complain
If you are unhappy about the way in which we have processed your personal data then you have a right to raise the issue or to lodge a complaint with the Information Commissioner’s Office.
Changes to our privacy notice
We will keep this privacy notice under regular review and we may update this privacy notice from time to time (for example, to reflect changes we might make to our services or to reflect changes in the law or best practice). Any changes we may make to our privacy notice in the future will be posted on this page. We encourage you to visit this page periodically so that you are aware of any changes which have been made.
This version of the privacy notice is effective as from 8 April 2024.
Contact Details
If you have any comments or concerns regarding our privacy notice, or the manner in which we handle your personal data or if you would like to exercise any of the rights outline above then please do feel free to contact us by one of the following means:
By post: Data Protection Officer, Fulford Grange, Micklefield Lane, Rawdon, Leeds, LS19 6BA.
By email: privacy@emishealth.com.
and we will consider your comments and respond accordingly.