AutumnCare endeavours to handle personal information in accordance with the GDPR 2016/67 Regulations, including subsequent amendments.
Our Privacy Commitment
We (AutumnCare) will endeavour to handle your personal informationin accordance with the GDPR 2016/67 Regulations, including all subsequent amendments.
This policy is applicable to all AutumnCare personnel and any third party with regard to the use of AutumnCare self hosting and cloud hosting in the UK.
What type of personal information is collected?
Personal information may include without limitation:
- Contact information: your name, email address you nominate, any other identifying information you provide such as phone number or job role
- Non clinical data survey responses, such as market research
Whose personal information do we collect?
We collect personal information from people who are connected to our operations and activities.
This includes employees, customer representatives, business partners, recipients of support services, health professionals, suppliers, volunteers and service providers.
How do we collect your personal information?
Where possible, we will collect your personal information directly from you. This may be in person, on the telephone, or online (e.g. when you request a product demonstration or send a product support ticket).
We also obtain personal information from third parties such as contractors, vendors, health professionals and suppliers.
In accordance with the GDPR regulations, if we collect personal data about you from a third party and if it is unclear that you have consented to the disclosure of your personal data to us, we will take reaosnable steps to contact you and ensure that you are aware of the circumstances surrounding the ocllection and purposes for which we collected your personal data.
Why do we collect your personal information?
We may collect your personal information for a number of purposes, including:
- Marketing – to communicate with you about products, services, campaigns and events
- Support – to provide you with information and support services, and to evaluate and report on these services
- Other – communicating with you in relation to our operations, activities and objectives, to verify your identity, to improve and evaluate our services and to comply with relevant laws
Where we collect your personal information for a specific urpose not outlined above, we will provide you with a collection notice which explains the primary purpose and any related secondary purposes for which we are collecting your personal information.
Health information and other sensitive information
As part of administering our services, we manage the storage and presentation of health information collected by cloud hosted subscribers.
Website usage information, cookies and analytics
A cookie does not identify individuals personally, but it does identify computers.
You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance.
We may gather your IP address as part of our busines activities and to assist with any operational difficulites or support issues with our services.
This information does not identify you personally.
Opting out of direct marketing communications
Where we use your personal information to send you marketing and promotional information by post, email or telephone, we will provide you with an opportunity to opt-out of receiving such information.
By electing not to opt-out, we will assume we have your implied consent to receive similar information and communications in the future.
We will always ensure that our opt-out notices are clear, conspicious and easy to take up.
If you do not wish to receive direct marketing communications from us, please email us or phone +44 1625 322 400.
To whom does AutumnCare disclose your personal information?
We may need to disclose your personal information to others in order to carry out our activities.
Wherever we propose to disclose your personal information to a third party, we will provide you with a notice which explains the circumstances in which we might disclose your personal information.
Cross-border disclosure of your personal information
We use on premise and off-premise data hosting facilities and third party service providers to assist with providing our services.
In all cases, your personal information is stored at a destination within UK borders.
Personal information may also be processed by AutumnCare personnel operating outsite Australia for the purpose of delivering our services.
We take the necessary technical and administrative steps to ensure that all personnel comply with the GDPR.
Security of personal information
We take all reasonable steps to protect all of the personal information we hold from misuse, interference, loss, unauthorised access, modification or disclosure.
Your personal information will be stored on a password protected electronic database where access is controlled by user authentication and relevant permission sets.
Hard copy information is generally stored in our offices, which are secured to prevent access by unauthorised people. All paper that contains personal information no longer needed is shredded before being disposed of.
Access to your personal information
We will, upon your request, and subject to applicable privacy laws, provide you with access to your personal information that is held by us.
However, we request that you identify, as clearly as possible, the type (s) of information requested.
We will deal with your request to provide access to your personal information within 15 working days amd you agree we may charge you reasonable costs incurred in supplying you with access to this information.
The privacy laws state we are not required to grant access in certain circumstances, such as where:
- Access would have an unreasonable impact on the privacy of other individuals
- Access would pose a serious and imminent threat to the life or health of any individual
- The requst is frivolous or vexatious
- Access would be unlawful, or
- Access may prejudice commerical negotiations, legal proceedings, enforcement activities or appropriate action being taken in respect of a suspected unlawful activity or serious misconduct
If we refuse to grant you access to your personal information, we will provide you with reasons for that decision (unless it is unreasonable to do so).
In the unlikely event of personal data having been exposed in a data breach and if this breach is likely to affect individual’s privacy, we abide by the GDPR and will inform all relevant parties with undue delay.
Updating your personal information
You may ask us to update, correct or delete the personal information we hold about you at any time.
We will take reasonable steps to verify your identity before granting access or making any corrections to or deletion of your information.
We also have obligations to take reasonable steps to correct the personal information we hold when we are satisfied that is is inaccurate, out of date, incomplete, irrelevant or misleading for the purpose for which it is held.
If you require access to to or wish to update your personal information please email us or phone +44 1625 322 400.
We endeavour to respond to complaints and queries within 15 working days of their receipt.
If you are dissatisfied with our response, you may refer the matter to the ICO.
If you do not provide some or all of the personal data requested, we may not be able to offer you services or provide you with information about our products, events, programs and projects.
0800 009 2121
Sign up to receive invitations to upcoming events as well as clinical and product updates.