North East Essex, Ipswich and East Suffolk and West Suffolk Clinical Commissioning Groups (CCGs) are working together to run this website. Our aim is to improve access for patients with Type 1 and Type 2 diabetes to education courses. Attending a course is an essential part of diabetes care.
We are committed to protecting your privacy and security. This policy explains how and why we use your personal data, to ensure you remain informed and in control of your information.
The privacy and security of your data is guaranteed. We will never pass your personal data to anyone else.
2. WHAT INFORMATION WE COLLECT
Personal data you provide
We collect the details provided by you on the website enquiry form and information we learn about you from your use of our service and your visits to our web site. This may include:
- personal details (name, date of birth, email, address, telephone etc.)
- details of your interests and preferences e.g. for diabetes courses
We may collect additional information for example when giving us feedback or completing forms.
We also monitor customer traffic patterns and site use which enables us to improve the service we provide.
Information from third parties
We may collect information from social media where you have given us permission to do so, or if you post on one of our social media pages.
3. HOW WE USE INFORMATION
We only ever use your personal data with your consent, or where it is necessary in order to:
- make arrangements for your participation in diabetes courses
- comply with a legal duty;
- protect your vital interests;
- for our own (or a third party’s) lawful interests, provided your rights don’t override the these.
In any event, we’ll only use your information for the purpose or purposes it was collected for (or else for closely related purposes).
Please note that there may be instances where it may be necessary for us to communicate with you, in any event, for administrative or operational reasons relating to our service.
We use personal data for administrative or operational purposes. This includes:
- maintaining databases of people who enquire about diabetes courses via this website
- helping us respect your choices and preferences (e.g. if you ask not to receive further communications, we’ll keep a record of this).
4. DISCLOSING AND SHARING DATA
We will never sell your personal data.
Occasionally, where we partner with other organisations, we may also share information with them (for example, if you register to attend an event being jointly organised by us and another organisation). We will only share information when necessary and we will make sure to notify you first.
From 25 May 2018, we will ask people to “opt-in” for most communications. This includes all our marketing communications.
This means you’ll have the choice as to whether you want to receive these messages and be able to select how you want to receive them (post, phone, email).
You can decide not to receive communications or change how we contact you at any time.
What does ‘marketing’ mean?
Marketing includes news and information about:
- our diabetes courses
- our events and activities;
- services we provide
When you receive a communication, we may collect information about you, respond to or interact with that communication, and this may affect how we communicate with you in future.
6. HOW WE PROTECT DATA
North East Essex, Ipswich & East Suffolk and West Suffolk CCGs employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to, or use or disclosure of your personal information.
Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which personnel are required to follow when handling personal data.
Where we store information
Some of our systems use Microsoft products. As a US company, it may be that using their products result in personal data being transferred to or accessible from the US. However, we will allow this as we are certain personal data will still be adequately protected (as Microsoft is certified under the USA’s Privacy Shield scheme).
How long we store information
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).
We continually review what information we hold and delete what is no longer required. We never store payment card information.
8. KEEPING YOU IN CONTROL
We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
- the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as subject access request);
- the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);
- the right to have inaccurate data rectified;
- the right to object to your data being used for marketing or profiling; and
- where technically feasible, you have the right to personal data you have provided to us which we process automatically on the basis of your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you would like further information on your rights or wish to exercise them, please refer to the Information Commissioner’s Office website at www.ico.org.uk.
You can complain directly by contacting us.
If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
The table below explains the cookies we use and why.
Cookie name Cookie provider Expires after Description of cookie
Google Analytics 2 years This keeps track of the number of times a visitor has been to the site, when their first visit was, and when their last visit occurred.
Google Analytics 30 minutes This cookie helps calculate how long a visit takes by collecting a timestamp of the exact moment in time when a visitor enters the site.
Google Analytics End of session This cookie helps calculate how long a visit takes by collecting a timestamp of the exact moment in time when a visitor leaves the site. It stays for 30 minutes for another pageview to happen, and if it doesn’t, it expires.
Google Analytics End of session This keeps track of where the visitor came from, what search engine was used, what link was clicked on, what keywords used, and where in the world the site was accessed from.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
11. CONTACT INFORMATION
North East Essex Clinical Commissioning Group
Severalls Business Park
Ipswich and East Suffolk Clinical Commissioning Group
8 Russell Road
West Suffolk Clinical Commissioning Group
West Suffolk House
Bury St Edmunds