This information sets out the privacy notice for both Independent Healthcare Providers Network and NHS Confederation members, and non-members. Please see the links below for each notice:
GDPR and privacy notice for NHS Confederation members
GDPR and privacy notice for non-members
Protecting your data: The NHS Confederation privacy statement
Protecting your privacy is very important to us. So that you can feel in control of your personal information, we want to be clear with you about the information we collect and how it is used.
In order to provide you with our full range of services and benefits, we sometimes need to collect information about you. This Privacy Notice explains the following:
- Who we are
- What data we collect
- How we use your personal data
- Our reasons for using your data
- Transferring data outside the EEA
- How long we will keep your data
- How we protect your data
- Who we share your data with
- Your rights
- Accessing your data
- Lodging a complaint
- Changes to this policy
1. Who we are:
The Independent Healthcare Providers Network is part of the NHS Confederation.
The NHS Confederation is a charity and membership organisation, which includes NHS Employers, NHS Clinical Commissioners, the Mental Health Network, the Independent Healthcare Providers Network, the Welsh NHS Confederation and Northern Ireland Confederation. We operate a trading subsidiary, The NHS Confederation (Services) Company Limited, together they form the NHS Confederation group. Hereafter, the term NHS Confederation is used to describe all the different elements of the group listed above.
This privacy policy explains how we use any personal information we collect about you when you contact us by phone, email, letter, complete online forms, attend any of our events or when you use any of our websites listed below:
The NHS Confederation’s registered office is: Floor 15, Portland House, Bressenden Place, London
SW1E 5BH and we are a registered Charity in England and Wales under number 1090329 and company number 04358614. We are registered on the Information Commissioner’s Office and act as the data controller. Our designated Data Protection Lead can be contacted via the following methods;
Email: [email protected]
Tel: 0207 799 6666
Fax: 0844 774 4319
2. What data we collect
We collect the personal data you provide to us when signing up for membership, newsletters, updates or events, to receive information from us. This personal data includes your name, email address, job title, organisation address, land and mobile phone numbers and other contact details.
We may also combine this personal data with other personal data we hold about you across the NHS Confederation group for example attendance at our events and the different channels you use to interact with us.
As part of the services we supply we may ask you to participate in consultations, surveys etc and we may keep copies of any communications between you and the NHS Confederation.
3. How we use your personal data
We process your personal data so we can interact with you as a member of the NHS Confederation and to deliver member benefits. We also need to interact with non-members who have requested to receive our services.
We use your personal data to:
- Send you our email newsletters, information, events and updates that you have requested
- Manage any events including dietary requirements or accessibility needs
- Provide you with information about our events and dinners that you may wish to attend
- Send you and enable your access to resources including briefings and guidance, fact sheets, tool kits, good practice case studies and reports on key issues
- Offer you member discounted rates to selected paid for events
- Enable specific research, form policies and responses to consultations
- Ensure that the information we hold is kept accurate and up to date
- Notify you about changes to our services.
- Enable invoicing
We do not undertake any automated decision making or profiling.
4. Our reasons for using your data
We will process your personal data for several reasons:
- processing is necessary for our legitimate business interests, we have legitimate business interests in:
- delivering communications
- attracting new members
- collecting opinions
- managing events
- you have given us consent. All electronic marketing communications (such as newsletters) include the option to directly unsubscribe or you can email [email protected] to ask for your preferences to be updated;
- is necessary to deliver a contract or service.
5. Transfer data outside the EEA
In some cases we may process your personal data outside the European Economic Area (EEA) where countries may not have laws which protect your personal data to the same extent as in EEA. We will ensure that your personal data is processed securely and is protected against unauthorised access, loss or destruction, unlawful processing and any processing which is inconsistent with the purposes set out in this privacy notice.
6. How long will we keep your data
We will keep your personal data for as long as you continue to be a member and as long as is reasonably necessary afterwards to fulfil any legal requirements.
7. How we protect your data
We take the security of your personal information seriously. In order to prevent unauthorised access or disclosure and unlawful or unauthorised processing and accidental loss, destruction or damage, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. For example, we have adopted internal data protection procedures and trained our staff on them with a view to preventing breaches of security.
We take all reasonable steps to protect any personal information you submit via the website. However, as our website is grouped to the internet, which is inherently insecure, we cannot guarantee the information you supply will not be intercepted while being transmitted over the internet. Accordingly, we have no responsibility or liability for the security of personal information transmitted via our website.
Our website may, from time to time, contain links to third party websites. If you follow a link to any of these websites, please note that these websites will have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
8. Who we share your personal data with
The NHS Confederation will not sell your information to any third party.
We may share your information with third parties where we have a legal duty to do so or to provide you with a service you have asked for. We may share your personal data within our group of companies as detailed in “who we are”.
9. Your Rights
As an individual you have explicit rights under general data protection regulation:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure (also known as the ‘right to be forgotten’)
- The right to restrict processing
- The right to data portability
- The right to object
- Rights with respect to automated decision-making and profiling
- The right to withdraw your consent to the collection, holding and processing of your personal data at any time.
10. Accessing your data
We are legally required to act on requests and provide information free of charge with the exception of requests that are manifestly unfounded, excessive or repetitive. If we determine this to be the case we may charge a reasonable fee or refuse to act on the request. We will respond to acknowledge your request and provide the information within one month of receiving your request. Please send your request to [email protected] with subject access request in the subject line.
