Cookies and Privacy policy

You are here:

  • Home
  • Cookies and Privacy policy

Cookies and Privacy policy

Cookies policy

Information provided by users through the use of this website will be treated in confidence and will not be disclosed to third parties unless we are required to do so by law.

When you complete a form on our website, we will retain your information for the sole purpose of responding to your enquiry. Any form submitted will be securely stored within the web database with access granted only to IHPN admin staff (for the purpose of responding to your enquiry). Form submissions will not be transferred via email.

After attending to your enquiry, your data will be removed from all our systems along with the website database.

Requests to become a member will require us to retain your data in order to facilitate progressing your request. You may at any time formally request us to remove any data we hold about you by emailing our nominated data controller – [email protected]

We gather information about site usage using Google Analytics in order to assist in the development and improvement of service to our users.

GDPR and privacy notice

This information sets out the privacy notice for both Independent Healthcare Providers Network and NHS Confederation members, and non-members. Please see the links below for each notice:

GDPR and privacy notice for NHS Confederation members

GDPR and privacy notice for non-members

Privacy notice for NHS Confederation members

The Independent Healthcare Providers Network is part of the NHS Confederation.

The NHS Confederation is a charity and membership organisation. We operate a trading subsidiary, The NHS Confederation (Services) Company Limited, together they form the NHS Confederation group.

This statement sets out how we handle your personal data, the lawful basis by which we process your data and the details of our data protection officer.

What personal data do we collect?

We collect the personal data you provide to us as part of your membership and any further personal data you provide from time to time. This personal data includes your name, email address, job title, organisation address, land and mobile phone numbers and other contact details.

We may also combine this personal data with other personal data we hold about you across the NHS Confederation group for example attendance at our events and the different channels you use to interact with us.

How we use your personal data

We process your personal data to be able to interact with you as a member of the NHS Confederation and to deliver member benefits.

We also use your personal data:

  • to send you our email newsletters information
  • to provide you with information about our events and dinners that you may wish to attend
  • to send you and enable your access to resources including briefings and guidance, fact sheets, tool kits, good practice case studies and reports on key issues
  • to offer you member discounted rates to selected paid for events
  • to ensure that the information we hold is kept accurate and up to date
  • to notify you about changes to our services.

How long we keep your personal data

We will keep your personal data for as long as you continue to be a member and as long is as reasonably necessary afterwards to fulfil any legal requirements.

Who we share your personal data with

We will not share your data with any third parties unless you have consented for us to do so for example if you register for an event. Where this is the case we will share the relevant privacy notice with you and secure your consent to do so.  We may share your personal data within our group of companies as detailed above.

We may however disclose or share your personal data if we are so required to do in order to comply with our legal obligations or for the purposes of fraud prevention.

The lawful basis for processing your data

It is necessary for us to process your personal data for performance of our contract in relation to your membership of The NHS Confederation. In certain circumstances, we process your personal data after obtaining your consent to do so.  We may also share your data within our group of companies where it is in our legitimate interest to do so.

What happens if you do not provide us with the personal data we request or ask us to stop processing your personal data?

If you ask that we stop using your personal data then we may not be able to provide you with all your member benefits or to fulfil our obligations to you. You are able to opt out of our newsletters and updates at any time by selecting unsubscribe at the bottom of the email.

How we contact you

We will communicate with you via email, telephone, post and on occasion SMS. You may also update your contact details at any time by contacting us.

Processing data outside of the European Economic Area

In some cases we may process your personal data outside the European Economic Area (EEA) where countries may not have laws which protect your personal data to the same extent as in EEA. We are obliged to ensure that your personal data is processed securely and is protected against unauthorised access, loss or destruction, unlawful processing and any processing which is inconsistent with the purposes set out in this privacy notice.

Currently we use Mailchimp, part of The Rocket Science Group, to send some of our emails. We will update this privacy notice from time to time to reflect any changes to our ways of working. Please contact our data protection officer if you would like more information about the safeguards we have in place.

Your rights

By law you have a number of rights when it comes to your personal data.

Rights What does this mean?
The right to be informed You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights.
The right of access You have the right to obtain access to your personal data that we are processing and certain other information.
The right to rectification You are entitled to have your personal data corrected if it is inaccurate or incomplete. Please inform us of any data which you would like rectified and we will usually respond within a month of the request. We will pass on the changes to any third parties who need to change their records and let you know this has been done.
The right to erasure This is also known as ‘the right to be forgotten’ and enables you to request the deletion or removal of your personal data where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions but where possible we will comply with your request.
The right to restrict processing You have rights to block or suppress further use of your personal data. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their personal data to be ‘blocked’ to make sure the restriction is respected in future.
The right to data portability You have rights to obtain and reuse your personal data for your own purposes across different services. We will do our best to provide the information in an accessible format.
The right to object to processing You have the right to object to ask us to stop processing your data.
The right to lodge a complaint You have the right to lodge a complaint about the way we handle or process your personal data with a supervisory authority. The supervisory authority for the UK is the Information Commissioner.
The right to withdraw consent If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time.

Subject access requests

We are legally required to act on requests and provide information free of charge with the exception of requests that are manifestly unfounded, excessive or repetitive.   If we determine this to be the case we may charge a reasonable fee or refuse to act on the request.  We will respond to acknowledge your request and provide the information within one month of receiving your request.  Please send your request to our Data Protection Officer at the email address below with Subject Access Request in the subject line.

Our data protection officer contact details

Our data protection officer is Lauren Harkins.If you have any queries, questions or concerns about your data, how we are handling it, wish to ask us not to process your data or wish to ask us to erase your data, please contact [email protected].

Privacy notice for non-members

The NHS Confederation is a charity and membership organisation. We operate a trading subsidiary, The NHS Confederation (Services) Company Limited, together they form the NHS Confederation group.

This statement sets out how we handle your personal data, the lawful basis by which we process your data and the details of our data protection officer.

What personal data do we collect?

We collect the personal data you provide to us when signing up for newsletters or updates, to receive information from us or to otherwise provide your data to us, along with any further personal data you provide from time to time. This personal data includes your name, email address, job title, organisation address, land and mobile phone numbers and other contact details.

We may also combine this personal data with other personal data we hold about you across the NHS Confederation group for example attendance at our events and the different channels you use to interact with us.

How we use your personal data

We process your personal data to be able to interact with you, provide you with.

We also use your personal data:

  • to send you our group newsletters, events and updates.
  • send you other events and products we believe will be of interest to you.
  • to ensure that the information we hold is kept accurate and up to date.
  • to notify you about changes to our services.

How long we keep your personal data

We will keep your personal data for as long as reasonable for the purpose it was provided. We will periodically review our interactions with you and may delete your data if we have not interacted for some time.

Who we share your personal data with

We will not share your data with any third parties unless you have consented for us to do so for example if you register for an event.  Where this is the case we will share the relevant privacy notice with you and secure your consent to do so. We may share your personal data within our group of companies as detailed above.

We may however disclose or share your personal data if we are so required to do in order to comply with our legal obligations or for the purposes of fraud prevention.

The lawful basis for processing your data

We rely on your consent to process your data. We may also share your data within our group of companies where it is in our legitimate interest to do so.

What happens if you do not provide us with the personal data we request or ask us to stop processing your personal data?

You may withdraw your consent to our processing your data at any time. You are able to opt out of our newsletters and updates at any time by selecting unsubscribe at the bottom of the email.  You may ask us to stop processing your data completely, to do this please contact our data protection officer.

How we contact you

We will communicate with you via email, telephone, post and on occasion SMS.  You may also update your contact details at any time by contacting us.

Processing data outside of the European Economic Area

In some cases we may process your personal data outside the European Economic Area (EEA) where countries may not have laws which protect your personal data to the same extent as in EEA. We are obliged to ensure that your personal data is processed securely and is protected against unauthorised access, loss or destruction, unlawful processing and any processing which is inconsistent with the purposes set out in this privacy notice.

Currently we use Mailchimp, part of The Rocket Science Group, to send some of our emails.  We will update this privacy notice from time to time to reflect any changes to our ways of working. Please contact our data protection officer if you would like more information about the safeguards we have in place.

Your rights

By law you have a number of rights when it comes to your personal data.

Rights What does this mean?
The right to be informed You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights.
The right of access  

You have the right to obtain access to your personal data that we are processing and certain other information.
The right to rectification  

You are entitled to have your personal data corrected if it is inaccurate or incomplete. Please inform us of any data which you would like rectified and we will usually respond within a month of the request. We will pass on the changes to any third parties who need to change their records and let you know this has been done.
The right to erasure This is also known as ‘the right to be forgotten’ and enables you to request the deletion or removal of your personal data where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions but where possible we will comply with your request.
The right to restrict processing You have rights to block or suppress further use of your personal data. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their personal data to be ‘blocked’ to make sure the restriction is respected in future.
The right to data portability You have rights to obtain and reuse your personal data for your own purposes across different services. We will do our best to provide the information in an accessible format.
 

The right to object to processing

  

You have the right to object to ask us to stop processing your data.
 

 

The right to lodge a complaint

  

You have the right to lodge a complaint about the way we handle or process your personal data with a supervisory authority. The supervisory authority for the UK is the Information Commissioner.
 

The right to withdraw consent

 If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time.

Changes to our privacy notice

Any changes we may make to our privacy notice in the future will be posted on our websites and, where appropriate we will notify you by email. Please check back frequently to see any updates.

Subject access requests

We are legally required to act on requests and provide information free of charge with the exception of requests that are manifestly unfounded, excessive or repetitive.  If we determine this to be the case we may charge a reasonable fee or refuse to act on the request.  We will respond to acknowledge your request and provide the information within one month of receiving your request.  Please send your request to our data protection officer at the email address below with subject access request in the subject line.

Our data protection officer contact details

Our data protection officer is Lauren Harkins. If you have any queries, questions or concerns about your data, how we are handling it, wish to ask us not to process your data or wish to ask us to erase your data, please contact [email protected].