GDPR compliance

 

Complying with the new EU General Data Protection Regulation (GDPR)

 

GDPR comes into effect on 25th May 2018 and changes UK data privacy law to give you more control over how your data is used, how you are contacted, as well as better protection for your personal data.

 

We have updated our Privacy Notice to reflect these changes (effective from 25 May 2018). We won't be changing the way we use your personal information, but the new notice now provides you with additional details such as:

 

  • Your increased rights in relation to the information we hold about you
  • How we keep your personal information secure
  • The types of personal information we collect about you and how we use it
  • The legal grounds for how we use your information

 

We will now ask you how you would like to be contacted and as a NHS Creative client, you'll choose how you would like to receive updates from us on features, products and offers. There are no additional changes to our terms and conditions.

 

5 things you need to know about GDPR

 

  1. Technological advances have meant the amount of personal data being generated is rapidly increasing, which is why the law needed to be updated to better protect people. All companies now have to review how they manage all personal data.
  2. It will give you more control over your personal data and how it is used. You'll have greater visibility and control over the personal data organisations hold about you. This means you can have greater confidence that information about you is accurate, up-to date and properly managed.
  3. You can choose who contacts you, and how - organisations now need to ask for your consent so they can contact you about offers, products or services they think you'll find useful or interesting. To comply with GDPR, these requests need to be clear and straightforward.
  4. You can also change your mind at any time - under the new rules, it should be easier to update your preferences on what you want to receive and how.
  5. Your data will be better protected - organisations holding personal data now need to have the right processes in place to protect it and not put it at risk or face hefty fines.

 

 

NHS Creative Privacy Policy

 

Your personal information: How we collect it, use it and protect it.

 

This website has been designed to provide our online clients with clearly presented information that is in not in any way misleading. Because your privacy is important to us, we have produced and follow the policies below:

 

Protecting your privacy

 

NHS Creative (including our present host organisation, Isle of Wight NHS Trust) is committed to protecting and respecting your privacy, and your information will be held and handled by us according to this Policy.

 

All personal data held in the UK by NHS Creative will be governed by the UK Data Protection Act 1998 until 25th May 2018, when this will be replaced by the EU General Data Protection Regulation (GDPR).

 

For the purpose of the General Data Protection Regulation ("GDPR"), we are the data controller in respect of information collected on our website.

 

This Policy (and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

 

Information we may collect from you

 

We may collect and process the following data about you:

 

Information you give us:

 

  • Information about yourself including your full name, title and postal address, contact information including email address.
  • We will not collect your personal information without your prior knowledge or permission.
  • Information that you provide when you visit our website, make an enquiry on our website or request our services.
  • If you email or contact us, we may keep a record of the correspondence or keep your message, emails address and contact information to respond to your request.
  • We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
  • We will only ask you to provide information about yourself when necessary for a specified purpose. For example, entering a Competition or providing us with your Comments.

 

Information we collect about you:

 

  • Each time you visit our website we may automatically collect the following information:
  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
  • Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products or services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

 

Where we store your personal data

 

Your details and any confidential information we receive from you will all be regarded as confidential. It is held on secure dedicated and closed servers and only used within a closed LaN.

 

The data that we collect from you will not be transferred to, and stored at, any destinations outside the European Economic Area ("EEA"). It will also only be processed by staff operating inside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of our services to you or the processing of your payment details. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

 

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security safeguards (both electronically and physically) to try to prevent unauthorised access or disclosure.

 

Uses made of your information

 

We use information held about you in the following ways:

 

Information you give to us will be used by us:

 

  • To provide you with information or products and services that you request from us or determine which communications about us may be of interest to you.
  • By opting-in to receive marketing information by email or in the post, you agree to our using your personal information to tell you about new features, services, and products from NHS Creative that we believe may be of interest to you.

 

  • If at any time you wish to opt-out of receiving such information, you may do so by emailing creative@nhscreative.org requesting to be removed from our mailing lists.
  • To carry out our obligations arising from any contracts entered into between you and us.
  • To notify you about changes to our service or contact you where necessary if (for instance) you have requested information regarding the services that we provide or have made a specific enquiry.
  • To administer, support, improve and develop our business or contact you for your views on our services.
  • To ensure that content from our website is presented in the most effective manner for you and for your computer/device.

 

Information we collect about you will be used by us:

 

  • To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
  • To improve our website and ensure that content is presented in the most effective manner for you and your computer.
  • To improve the products and services we provide.
  • To allow you to participate in interactive features of our services, when you choose to do so.

 

As part of our efforts to keep our website safe and secure; we may also use your information to provide you with promotional information about services which may be of interest to you and we may contact you about these by electronic means, post or telephone.

 

If you are an existing client, we will usually contact you by electronic means (e-mail or SMS, rather than post and again according to any preferences you've selected) with information about services similar to those previously provided to you.

 

If you do not want us to use your data in this way, then please email us at creative@nhscreative.org requesting to inform us.

 

Disclosure of your information

 

We may also disclose your personal information to:

 

  • Suppliers and sub-contractors for the performance of any contract we enter into with them or you.
  • Analytics and search engine providers that assist us in the improvement and optimisation of our Website.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, enforce our website terms of use, or terms of business and other agreements; or to protect the rights, property, or safety of NHS Creative, our host NHS Trust, our clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

 

However, we will otherwise never lease, distribute or sell your personal information to any third parties in any circumstance.

 

Links from our website

 

Our website may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies even if you access them using links from our website. Please check these policies before you submit any personal data to these websites.

 

Access to your information

 

You may request access to information held about you. This is normally a free service, unless this process proves to be unduly difficult and takes more time when a fee may be payable to cover the administration costs.

 

Changes to our Privacy Policy

 

This Policy will be reviewed and updated in line with any changes in the relevant legislation and technology in use with the latest version published here on this page. Notices of related changes may be placed on other related/ prominent pages on our website. Your continued use of our website will signify that you agree to any such changes.

 

If you have any questions, comments or concerns about this Policy, please email or write to us at:

 

NHS Creative

The Annexe

Ashurst Hospital

Lyndhurst Road

Ashurst

Hampshire

SO40 7AR

 

Email: enquiries@nhscreative.org

Telephone: 0845 463 8868

 

We will then try our best to investigate your issue and resolve it promptly for you.

NHS Creative logo

Love or hate them, emojis are here to stay!

17/07/2018 by Mikaela Price

And today, 17 July 2018 is @WorldEmojiDay – the fifth annual global celebration of emojis! Since they started...

from the blog

© 2018.

A design and marketing service hosted by the Isle of Wight NHS Trust

Farewell to our fax machine

16/07/2018 by Steve Hubbard

A very big prize in a world of miniatures

The offices of NHS Creative has received its last fax. That familiar ‘BEEP!’ after the scrolling of the paper...