Privacy Policy
Duty to Care may hold some information about you. This document outlines how that information is used, with whom we may share that information with and how we keep it secure. This notice does not provide exhaustive detail. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to support@dutytocare.info We keep our Privacy Notice under regular review. This Privacy Notice was last reviewed in March 2020.
WHAT WE DO
We set up this initiative in order to provide a fast response option for NHS staff looking for wellbeing support. We are doing this through the vehicle of a company limited by guarantee (our application is pending with Companies House, we hope to have this approved before the end of March). Duty To Care will be an online resource for NHS workers to go to for instant help and support when they need it most. They will be able to book one-on-one online sessions and they will find advice from experts on how to manage their mental health independently on a day to day level.
HOW WE OBTAIN YOUR PERSONAL DATA
Information provided by you
You may provide us with personal data in any of the following ways:
By contacting us through this website
By registering as an NHS worker
By registering your interest to participate as a therapist
Through email, over the telephone or by post
This may include the following information:
Basic details such as name, address and contact information
Details of contact we have had with you such as referrals and appointment requests and attendance records
Health information including your previous medical history, dietary, lifestyle, supplement and medicine details
We use this information in order to provide you with our services. This means that the legal basis of our holding your personal data is for legitimate interest.
HOW WE USE YOUR PERSONAL DATA
We act as a data controller for use of your personal data to provide direct healthcare.
We undertake at all times to protect your personal data, including any health and contact details, in a manner which is consistent with our duty of professional confidence and the requirements of the General Data Protection Regulation (GDPR) concerning data protection. We will also take appropriate security measures to protect your personal data when in storage in our offices.
Also where there is a legal requirement such as a formal court order. We may use your data for marketing purposes such as newsletters but this would be subject to you giving us your express consent. Also where there is a legal requirement such as a formal court order.
DO YOU SHARE MY INFORMATION WITH OTHER ORGANISATIONS?
We will keep information about you confidential. We will only disclose your information with other third parties with your express consent, with the exception of the following categories of third parties:
Any contractors and advisors that provide a service to us or act as our agents on the understanding that they keep the information confidential
Anyone to whom we may transfer our rights and duties under any agreement we have with you
Any legal or crime prevention agencies and/or to satisfy any regulatory request if we have a duty to do so or if the law allows us to do so
WHAT ARE YOUR RIGHTS?
Every individual has the right to see, amend, delete or have a copy of data held that can identify you, with some exceptions, where the rights of other individuals might be infringed. You do not need to give a reason to see your data.
If you want to access your data you must make a subject access request in writing to support@dutytocare.info
Under special circumstances, some information may be withheld. We shall respond within 20 working days from the point of receiving the request and all necessary information from you. Our response will include the details of the personal data we hold on you including:
Sources from which we acquired the information
The purposes of processing the information
Persons or entities with whom we are sharing the information
You have the right, subject to exemptions, to ask to:
Have your information deleted
Have your information corrected or updated where it is no longer accurate
Ask us to stop processing information about you where we are not required to do so by law
Receive a copy of your personal data, which you have provided to us, in a structured, commonly used and machine readable format and have the right to transmit that data to another controller, without hindrance from us.
Object at any time to the processing of personal data concerning you
We do not carry out any automated processing, which may lead to automated decisions based on your personal data.
If you would like to invoke any of the above rights, please contact the Data Controller at Duty to Care or email support@dutytocare.info.
WHAT SAFEGUARDS ARE IN PLACE TO ENSURE DATA THAT IDENTIFIES ME IS SECURE?
We only use information that may identify you, solely in accordance with General Data Protection Regulation (GDPR). This requires us to process personal data only if there is a legitimate basis for doing so and requires that any data processing must be fair and lawful.
Within the health sector, we also have to follow the common law duty of confidence, which means that where identifiable information about you has been given in confidence, it should be treated as confidential and only shared for the purpose of providing direct healthcare with your express permission. We will protect your information. We will inform you of how your information will be used. We will allow you to decide if and how your information can be shared.
We also ensure the information we hold about you is kept in secure locations. We restrict access to information to authorised personnel only and we protect personal and confidential information held on equipment such as laptops with encryption (which masks data so that unauthorised users cannot identify you or make sense of any data about you).
WEBSITE TECHNICAL DETAILS
Our website is hosted on the squarespace.com platform. This website uses cookies and similar technologies, which are small files or pieces of text that download to a device when a visitor accesses a website or app. For information about viewing the cookies that squarespace.com might use on your device, visit About the cookies Squarespace uses.
These functional and required cookies are always used, which allow Squarespace, our hosting platform, to securely serve this website to you.
These analytics and performance cookies are used on this site, as described below, only when you acknowledge our cookie banner. We use analytics cookies to view site traffic, activity, and other data.
In line with common practices, we may use website analytics software to track our website impact. Google Analytics is a website analytics service which measures traffic to our website and visitors' general details. By collecting these statistics, a website can make their visitors' experience better e.g. which pages they visit and when, where they are approximately located. Data might also be analysed to determine where, a user lands first or whether they are coming via a specific referral from another website.
Our website and host collect personal data to power our site analytics, including:
Information about your browser, network, and device
Web pages you visited prior to coming to this website
Your IP address
This information may also include details about your use of this website, including:
Clicks made
Internal links visited and patterns of use
Pages visited
Scrolling
Searches
Timestamps
We share this information with Squarespace, our website analytics provider, to learn about site traffic and activity and how best to serve our customers.
If you consent accordingly, we may send you marketing emails. You can unsubscribe from these at any time by clicking the unsubscribe link at the bottom of the email. We share your contact information with Squarespace, our email marketing provider, so they can send these emails on our behalf.
In compliance with EU legislation, the following lists the use of cookies on this web site:
|
Name |
Type |
Duration |
Purpose |
|
Crumb |
Cookie |
Session |
Prevents cross-site request forgery (CSRF). CSRF is an attack vector that tricks a browser into taking unwanted action in an application when someone’s logged in. |
|
RecentRedirect |
Cookie |
30 minutes |
Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO. |
|
CART |
Cookie |
2 weeks |
Shows when a visitor adds a product to their cart |
|
hasCart |
Cookie |
2 weeks |
Tells Squarespace that the visitor has a cart |
|
Locked |
Cookie |
Session |
Prevents the password-protected screen from displaying if a visitor enters the correct site-wide password. |
|
SiteUserInfo |
Cookie |
3 years |
Identifies a visitor who logs into a customer account |
|
SiteUserSecureAuthToken |
Cookie |
3 years |
Authenticates a visitor who logs into a customer account |
|
Commerce-checkout-state |
Sessionstorage |
Session |
Stores state of checkout while the visitor is completing their order in PayPal |
|
squarespace-popup-overlay |
Localstorage |
Persistent |
Prevents the Promotional Pop-Up from displaying if a visitor dismisses it |
|
squarespace-announcement-bar |
Localstorage |
Persistent |
Prevents the Announcement Bar from displaying if a visitor dismisses it |
|
ss_sd |
Cookie |
Session |
Ensures that visitors on the Squarespace 5 platform remain authenticated during their sessions. |
|
Test |
Cookie |
Session |
Investigates if the browser supports cookies and prevents errors. |
|
squarespace-likes |
Localstorage |
Persistent |
Shows when you've already "liked" a blog post. |
|
CHECKOUT_WEBSITE |
Cookie |
Session |
Identifies the correct site for checkout when Checkout on Your Domain is disabled. |
Remembers if a visitor agreed to placing Analytics cookies on their browser if a site is restricting the placement of cookies
If you want to delete or block any cookies, please refer to the help and support area on your internet browser for instructions on how to locate the file or directory that stores cookies. Information on deleting or controlling cookies is also available at www.aboutcookie.org
Please note that deleting cookies or disabling future cookies or tracking technologies may prevent you from accessing certain areas or features of our website and other websites that you may visit, or may otherwise adversely affect your user experience.
Please note that these cookie services are provided by a third party.
We use standard email software to send and receive emails. If you send personal information to use via email, this may be unencrypted and will be stored in our email system whilst we need access to it. We may monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
Please note that email correspondence may constitute part of the health records we hold about you.
CONTACT
If you have a concern or question regarding the use of your personal data then please contact us by emailing support@dutytocare.info and we will do our best to help you.
In the case on any complaint you might wish to make, if your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioner’s Office (ICO).
