Introduction

This is a privacy notice for Connexus Medical Appointments Ltd.

Connexus Medical Appointments Ltd ("we, us") takes the protection of personal data very seriously. As a result we have put in place many technical and organisational measures to ensure that any personal data we obtain from you or a third party on your behalf is processed and maintained in accordance of the General Data Protection Regulation 2016 (GDPR).

This statement provides you a clear explanation of when, why and how we collect and use your information which may relate to you ("personal data").

Connexus Medical Appointments Ltd is a Data Controller, which means that we determine the purpose and the means of processing and is registered directly with the Information Commissioners Office (ICO) registration number :- Z3293705.

Connexus Medical Appointments is also a Data Processor, who process data on behalf of a Data Controller.

Security of Personal Data

Security of personal data is our priority, we protect this information by maintaining physical, electronic and procedural safeguards that meet or exceed applicable law.

We train our employees' in the handling of Personal information. When we use other companies to provide services to us, we also require them to protect the confidentiality of the personal information that they receive to a similar or increased level.

Collecting Personal Data

Prospective Business Partners/Business Partners.

We may collect, or be provided with and process information about you, your personnel through various means including:-

In the course of carrying out work for you (or your business).
Via our website- Contact Us, Live Chat, Diary Management (CORE)
By email or electronic correspondence.
By Telephone
Networking (e.g. meetings, conferences, customer events either hosted or attended by us).

This may include, your name and title, contact information including email address and postal address, content of the enquiry submitted either by telephone or via electronic means including websites.

Prospective Clients and Clients

We may be passed your personal data via a business partner to arrange medical services on your behalf.

This may include your full name, address, contact details, sensitive/special categories of personal data including medical history/ reports.

How we use your information

Prospective Business Partners/ Business Partners

We will use your data to manage our relationship with you, including sending marketing material and inviting you to events. To complete our contractual obligations to you and to comply with legal and regulatory obligations.

Prospective Clients and Clients

We may use the personal data we hold about you in the following ways:

  • For the purposes of arranging medical appointments with medical experts and obtaining such medical reporting either from the medical expert and your General Practitioner.
  • For research or statistical purposes – this is for our legitimate interests: for us to analyse historic activity, to improve our ratings and to help predict future business impact. To further our commercial interests, to enhance our product offering and to develop new systems and processes.

Legal basis for processing.

We will rely on the following legal basis for processing your personal data:-

Performance of Contract.
Legitimate Interest
Compliance with Legal obligation to which we are subject:
Where processing of sensitive/special category is necessary.

Sensitive Data

Such information could include but not limited to retrieving/obtaining your medical records. The provision of such data is conditional for us to be able to provide the third party or insurer with requested reports/records for them to process a claim. Whilst you can withdraw your consent for us to process such data, this may result in us not being able to continue to provide requested information to carry on with the processing of any claims. Where such data is provided to us, it will only be used for the purposes set out above, and will be treated securely and in line with this notice.

Sharing your information

We may disclose your personal/sensitive information to any of our staff, third parties involved in providing/obtaining medical appointments and reports or to service providers who perform services on our behalf where it is reasonable to do so. (If consent is necessary to facilitate this sharing we will ensure it is obtained prior to processing).

These include:-

  • Insurers.
  • Solicitors/Legal Advisors
  • Medical Experts/General Practitioners (GP's)/Consultants/Rehabilitation Providers
  • Regulatory Authorities and Law Enforcement Agencies around the world.
  • Service Providers- Who help manage our IT and back office systems.
  • External Auditors

We may be legally obliged to disclose your personal information to the extent that we are required to by law in connection with any ongoing prospective legal proceedings in order to establish, exercise or defend any legal rights (including providing information to others for the purpose of fraud prevention and reducing risk).

We may also disclose your personal information:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If the company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • To protect the rights, or safety of our customers or others.

Cookies

What are Cookies?

Cookies are small files saved to the user's computer's hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.

What do we use Cookies for?

We may store cookies on your device for a period of time which contains information regarding your interactions with our website. For example, we will set a cookie once you have agreed to our cookie policy to prevent the notification displaying again.

Additionally, we may use third party software to better understand your preferences and behaviour while on our website in order to personalise your experience and understand current trends.

This software may include (but is not limited to):

  • Google Analytics / doubleclick.net / Google / Google Tag Manager - Privacy policy
  • Feefo - Privacy policy
  • Mouseflow - Privacy policy

All efforts have been made to ensure that the aforementioned services and links are accurate at the time of writing.

Should users wish to deny the use and saving of cookies from this website onto their computers hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.

You can find further information on cookies on the link below https://ico.org.uk/for-the-public/online/cookies/.

How long we keep your data

Your data will not be retained for longer than is necessary, and will be managed in accordance with our data retention policy. In most cases the retention period will be for a period of six (6) years following the completion of any contract between us, or closure of claim, unless we are required to retain the data for a longer period due to business, legal or regulatory requirements within our business.

Your rights

You have certain rights relating to your information that we process:-

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erase
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights in relation to automated decision making and profiling.

Upon receipt of such request, we will, after confirming identity, provide all relevant data we may hold to you in the most practical format unless otherwise stipulated and reasonably possible within 30 days. We will not charge you to do so, however we may charge you for duplicate copies should this be part of your request.

If you feel we have not dealt with your request satisfactory you do have the ultimate recourse to refer your complaint to the ICO (Information Commissioner Officer). You can find out more details by visiting https://ico.org.uk.

Data Protection Queries

For any Data Protection queries please email cmadataprotection@connexus.co.uk and our Compliance team will respond accordingly.

Updated October 2018.