At Maplehurst Nursing Home we collect a small amount of data from customers and people (referred to as 'Data Subjects' in this document) who have demonstrated a legitimate interest in our products and services and who have shown an intent to purchase or find out more information about what Maplehurst Nursing Home provides as a business.
Maintaining the security of your data is of paramount importance to us and we are committed to respecting your privacy rights.
We take your privacy seriously and will only use your information lawfully to keep you informed, process your order, manage your account and to provide the products and services you have requested from us. We don't ever share your personal data with third parties for financial gain or otherwise.
This notice provides you with information about:
- How we use your data
- What personal data we collect
- Who we share your data with
- How we ensure your privacy is maintained; and
- Your rights relating to your personal data
- Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the General Data Protection Regulation (EU Regulation 2016/679, when applicable, the “GDPR”), and the EU Data Protection Directive (Directive 95/46/EC), the data controller is the Privacy Administrator, Maplehurst Nursing Home, 53 Oathall Rd, Haywards Heath, West Sussex, RH16 3EL.
These data subjects are defined as:
- Existing customers across all our markets
- Prospective customers across all our markets
- Past customers across all our markets
- End users who have signed up to our newsletter via the website, who we have met at exhibitions and events, or who have entered specific competitions or expressed interest in Maplehurst Nursing Home
- Key influencers who have expressed interest in our products or service, similar to our end users
- Current employees who need to be kept informed about Maplehurst Nursing Home’s external marketing
- Former employees who have expressed interest in keeping informed about Maplehurst Nursing Home
- Media contacts
- Sponsorship, partnership and trade association contacts
Collecting the following data enables Maplehurst Nursing Home to administrate sales contracts with customers, in addition to keeping all ‘data subjects’ informed of the news and developments taking place at the company through targeted and relevant marketing communications.
Our communications are time-sensitive and we ensure that our product news & special offer mailshots are occasional (approximately once per month) and not over-whelming.
Data we collect from you
Although the precise details of the personal information collected will vary according to the specific purpose for which we are collecting the information, we may collect and process the following data about you:
- Information that you provide by filling in forms on our social media pages or on our website. This includes information provided at the time of registering to use our website, subscribing to our service, posting material or requesting further services. We may also ask you for information when you report a problem with our website.
- If you contact us by phone, email or otherwise and is provided voluntarily, we may keep a record of that correspondence.
- Please note that we may record and monitor telephone conversations that we have with you. The sole purpose of any recording is for training and quality control purposes. Under the GDPR any personal or confidential information disclosed shall not be made available to any third party (unless required by law to do so) or used for marketing purposes. Recorded conversations are deleted within three months after the recording was made.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of transactions you carry out through our website and of the fulfilment of your orders.
- Details of your visits to our website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
- We may also collect behavioural and browsing data from you for the purposes of offering you a tailored or personalised online experience.
- We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users' browsing actions and patterns, and does not identify any individual. We collect some of this information using Cookies, see below and our cookies policy at here. We may also collect any personal information which you allow to be shared that is part of your public profile on a third party social network.
- We obtain certain personal information about you from sources outside our business which may include our group of companies (further defined below). We may receive your personal information from other sources, such as: public databases, our supplier partners, referrals from health organisations, joint marketing partners; social media platforms; from people with whom you are friends or otherwise connected on social media platforms, as well as from other third parties. For example, this other personal data helps us to:
- provide the relevant services in an accurate manner;
- review and improve the accuracy of the data we hold; and
- improve and measure the effectiveness of our marketing communications
What data do we collect and store for e-marketing purposes for all data subjects?
We may collect and process the following data about you:
- First name and surname
- Company name (if applicable)
- Email address
You have the right to opt in to receive our marketing communications, and you will have exercised this right by signing up to our newsletter, requesting information or entering into a business sales contract with Maplehurst Nursing Home.
What data do we collect and store for business contract purposes e.g. customers, prospective customers and suppliers?
- First name and surname
- Company name
- Company status
- VAT number
- Registered office number
- Email address
- Registered business address or (if a sole trader) a proprietor’s home address
- Telephone numbers, fax numbers and mobile numbers
- Credit requirements and limit if applicable
- Payment terms requirement
For our customers: We do not hold bank and payment details anywhere on record. If payment details are taken, e.g. credit card payments, these are administrated using our secure card payment system immediately without the need for logging the details anywhere.
For our suppliers: In addition to the above information we hold bank and payment details. These are held securely with accounting and banking systems, with access strictly limited to relevant accounts payable staff only.
In order to fulfil our obligations when engaging in a business transaction, we require the above details, and by entering into a business contract with us, you have shown legitimate interest in receiving our communications. If at any point, you do not want to receive our communications, please get in touch using the details stated further down on this page.
Other uses made of your data
We use information held about you in the following ways:
- To ensure that content from our website is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To enhance your experience whilst using our website.
- To notify you about changes to our service.
- If you are an existing patient, we will only contact you by electronic means with information about services that we offer.
- If you are a new patient, we will contact you by electronic means if you have consented to this.
- We may use your personal information to contact you if there is any urgent safety issue to communicate to you where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any personal harm to you. It is in your vital interests for us to use your personal information in this way.
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Where do we store your data?
We store the above data for all 'data subjects' within our secure cloud-hosted server environment protected with antivirus and firewall software systems in the following databases:
- Secure password protected email system (Office365)
- Secure password protected website content management system (BarkWeb)
- Secure password protected email software system (BarkWeb)
How do we use your data?
Unless you ask us not to, we use the above data to send out monthly and quarterly news and product development updates to enable you as one of our valued stakeholders to be kept informed about the news, events, projects, partnerships and product developments that take place regularly at Maplehurst Nursing Home.
We are the sole owners of the information collected. Only Maplehurst Nursing Home staff have access to information that you voluntarily give us via email or other direct contact with you. We will not sell or rent this information to any third parties. We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organisation, other than as necessary to fulfil your request.
Legal basis for processing your personal data
The personal data that you provide to us in order to purchase services and other personal data generated for transactional agreements is processed as it is necessary for the performance of a contract with you.
All other personal data is processed for our legitimate interests (as set out below) and to comply with our legal obligations.
In general, we only rely on consent:
- to send direct marketing communications to patients via email or text message
- to contact (and allow for selected third parties to contact) new patients by electronic means.
You have the right to withdraw your consent at any time.
Our legitimate interests
The normal legal basis for processing patient data, is that it is necessary for our legitimate interests including:
- selling and supplying services to our patients
- protecting patients, employees and other individuals and maintaining their safety, health and welfare
- promoting, marketing and advertising our products and services
- sending promotional communications which are relevant and tailored to individual patients
- understanding our patients’ behaviour, activities, preferences, and needs
- complying with our legal and regulatory obligations
- preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies
- handling patient contacts, queries, complaints or disputes
- managing insurance claims by patients
- protecting us and our employees and patients, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to us
- effectively handling any legal claims or regulatory enforcement actions taken against us
- fulfilling our duties to our patients, colleagues, shareholders and other stakeholders.
What are your rights?
You can unsubscribe to any of Maplehurst Nursing Home’s email marketing mailshots at any time by either contacting the main point of contact (as shown below) or by clicking the opt out / unsubscribe button on the email marketing mailshots you receive. The unsubscribe button will usually be located at the header or footer of the mailshot.
All data subjects have the right to be erased from Maplehurst Nursing Home’s databases, unless minimum statutory data retention regulations state otherwise.
How long do we store your data?
We will store your data for marketing purposes until you inform us that you no longer want us to be contacting you in this way.
- If you are an existing customer, yet do not want to receive Maplehurst Nursing Home’s marketing emails, please contact us using the details shown at the end of this document.
- If you are an existing customer, we will store your Sales Account data until you ask us to erase your data records on file.
- Business transaction data is held for statutory minimum terms.
In accordance with the GDPR, you will be entitled to request from us:
- The personally identifiable information that we have collected from you, how it is used and with whom it may be shared.
- The choices that are available to you regarding the use of your data.
- The security procedures in place to protect the misuse of your information.
- How you can correct any inaccuracies in the information we hold.
Any changes we may make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by email.
Who is the main point of contact regarding the use and storage of data?
If you have any questions about how we use your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by any of the following means:
53 Oathall Rd
West Sussex, RH16 3EL
You can also use the webform request below:
You have the right to make a complaint at any time to the local data protection supervisory authority which, for the UK, is the Information Commissioner's Office (ICO) found at www.ico.org.uk. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.