Our Privacy Commitment
What type of personal data is collected?
Personal data may include without limitation:
- Contact information: your name, email address you nominate and any other identifying information you provide, such as phone number or role
- Non-clinical data survey responses: such as market
Whose personal data do we collect?
We collect personal data from people who are connected to our operations and activities – including employees, customer representatives, and business partners, recipients of support services, health professionals, suppliers, volunteers and service providers.
How do we collect your personal data?
Where possible, we will collect your personal data directly from you. This may be in person, on the telephone, or online (for example, request for a product demonstration or sending a product support ticket).
We also obtain personal data from third parties such as contractors, vendors, health professionals and suppliers. In accordance with the GDPR regulations if we collect personal data about you from a third party and if it is unclear that you have consented to the disclosure of your personal data to us, we will take reasonable steps to contact you and ensure that you are aware of the circumstances surrounding the collection and purposes for which we collected your personal data.
Why do we collect your personal data?
We may collect your personal data for a number of purposes, including:
- Marketing: to communicate with you about products, services, campaigns and events
- Support: to provide you with information and support services, and to evaluate and report on these services
- Other: communicating with you in relation to our operations, activities and objectives, to verify your identity, to improve and evaluate our services and to comply with relevant
Where we collect your personal data for a specific purpose not outlined above, we will provide you with a collection notice which explains the primary purpose and any related secondary purposes for which we are collecting your personal data.
Health information and other sensitive information
As part of administering our services and in our role as a data processor, we manage the storage and presentation of health information collected by Harmony subscribers.
Website usage information, cookies and analytics
A cookie does not identify individuals personally, but it does identify computers. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance.
We may gather your IP address as part of our business activities and to assist with any operational difficulties or support issues with our services. This information does not identify you personally.
Opting out of direct marketing communications
We know how frustrating it can be to receive unwanted marketing information and we therefore always strive to make sure that our marketing activity is relevant to you.
Will only send you marketing and promotional information by post, email or telephone where there consent or a legitimate basis for doing so.
Where we use your personal data to send you marketing and promotional information by post, email or telephone, we will always provide you with an opportunity to opt-out of receiving such information.
If you do not wish to receive direct marketing communications from us, please contact us at AutumnCare UK, Tel: + 441625322400 or email: firstname.lastname@example.org.
To whom does AutumnCare disclose your personal data?
We may need to disclose your personal data to others in order to carry out our activities.
Wherever we propose to disclose your personal data to a third party, we will provide you with a notice which explains the circumstances in which we might disclose your personal data.
Cross-border disclosures of your personal data
We use on premise and off-premise data hosting facilities and third party service providers to assist with providing our services. In all cases, your personal data is stored at a destination within UK borders.
Personal data may also be processed by AutumnCare personnel operating outside the UK for the purpose of delivering our services. We take the necessary technical and administrative steps to ensure that all personnel comply with the GDPR.
Security of personal data
We take all reasonable steps to protect all of the personal data we hold from misuse, interference, loss, unauthorised access, modification or disclosure. Your personal data will be stored in a password-protected electronic database where access is controlled by user authentication and relevant permission set.
Hard copy information is generally stored in our offices, which are secured to prevent access by unauthorised people. All paper that contains personal data no longer needed is shredded before being disposed of.
Access to your personal data
We will, upon your request, and subject to applicable privacy laws, provide you with access to your personal data that is held by us. However, we request that you identify, as clearly as possible, the type(s) of information requested. We will deal with your request to provide access to your personal data within 15 working days and you agree we may charge you reasonable costs incurred in supplying you with access to this information.
The privacy laws state that we are not required to grant access in certain circumstances such as where:
- access would have an unreasonable impact on the privacy of other individuals
- access would pose a serious and imminent threat to the life or health of any individual
- the request is frivolous or vexatious
- access would be unlawful, or
- access may prejudice commercial negotiations, legal proceedings, enforcement activities or appropriate action being taken in respect of a suspected unlawful activity or serious misconduct.
If we refuse to grant you access to your personal data, we will provide you with reasons for that decision (unless it is unreasonable to do so).
In the unlikely event of personal data having been exposed in a data breach and if this breach is
likely to affect individual’s privacy we abide by the GDPR and will inform relevant parties with undue delay.
Updating your personal data
You may ask us to update, correct or delete the personal data we hold about you at any time. We will take reasonable steps to verify your identity before granting access or making any corrections to or deletion of your information. We also have obligations to take reasonable steps to correct personal data we hold when we are satisfied that it is inaccurate, out-of-date, incomplete, irrelevant or misleading for the purpose for which it is held.
If you require access to or wish to update your personal data, please contact us at AutumnCare UK, Tel: + 441625322400 or email: email@example.com.
We endeavour to respond to complaints and queries within 15 working days of their receipt.
If you are dissatisfied with our response, you may refer the matter to the ICO.
If you do not provide some or all of the personal data requested, we may not be able to offer you services or provide you with information about our products, events, programs and projects.