Privacy Policy

Life Healthcare Communications Limited, is a limited company registered in England under company number 3970934 and whose registered address is Life Healthcare Communications, 31 Chertsey Street, Guildford, Surrey, GU1 4HD, UK.

Life Healthcare Communications Limited (“Life”) understands that your privacy is important to you and that you care about how your data is used. We respect and value the privacy of everyone who visits our office or our website www.life-healthcare.com, as well as clients, contacts and everyone who works with us.

We will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

This policy applies to clients, including former, existing, and future clients, suppliers, other business contacts and advisers, job applicants and visitors to our offices or website. Life takes privacy responsibilities seriously and is committed to protecting and respecting your privacy.

This policy sets out the basis on which we will process and store any personal data we collect from or about you. Please read this policy carefully to ensure that you understand it. This Privacy Policy applies alongside any other information Life may provide about a particular use of personal data, for example when collecting data.

Data Protection Manager (DPM)

The DPM is responsible for ensuring compliance with the UK Data Protection Act 2018, the General Data Protection Regulation and this policy. Any questions regarding the operation of this policy should be sent to the Life’s Data Protection Manager, using the below details:

Email address: DPM@life-healthcare.com

Telephone number: 07595117395

Postal Address: Life Healthcare Communications, 31 Chertsey Street, Guildford, Surrey, GU1 4HD, UK.

Why We Need To Use Personal Data

In order to carry out our ordinary duties to clients, Life may need to process a wide range of personal data about its former, existing, and future clients, staff and suppliers, as part of its daily operation.

Life will need to carry out some of this activity in order to fulfil legal rights, duties or obligations – including those under a contract with its clients.

Other uses of personal data will be made in accordance with Life’s legitimate interests, provided that these are not outweighed by the impact on individuals, and provided it does not involve special categories of personal data.

Life expects that the following uses may fall within the category of its “legitimate interests”:

How Do We Use Your Data?

Life will always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your data, or because it is in our legitimate business interests or those of a third party to do so.

With your permission and where permitted by law, we may also use your data for communication purposes, which may include contacting you by email and post with information, news, and updates on our services. You will not be sent any unlawful marketing or spam. We will always work to adequately protect your rights and comply with our obligations under the Data Protection Act 2018.

Where Life is relying on your consent as a means to process personal data, you may withdraw this consent at any time. Please be aware that Life may have another lawful reason to process the personal data in question even without your consent. That reason will usually have been asserted under this Privacy Policy or may exist under some other contract or agreement with the individual.

Types of Data Obtained and Stored by Life

The type of data will vary between individuals depending on whether they are a client, supplier, job applicant, visitor to our premises or a web site user but will generally include by way of example:

Please see the sections below for the different categories of people whose personal data may be processed by Life.

Data Storage and Security

Life has implemented and shall maintain appropriate technical and organisational security measures, processes and controls to safeguard all personal data stored and processed by them against unauthorised and unlawful processing and accidental loss, disclosure or destruction.

Occasionally Life will need to share personal information with third parties, such as professional advisers (lawyers and accountants) or relevant authorities such as the police.

For the most part, personal data collected or accessed by Life will remain within the company, and will be processed by appropriate individuals only in accordance with access protocols (i.e. on a “need to know” basis). Life will, where appropriate, ensure that their staff access or process personal data only for the purpose of performing services to clients in accordance with instructions given to Life by the client from time to time.

In accordance with the Data Protection Act 2018 electronic versions of the information you provide to us, or we collect about you are stored on our servers within the UK. Our back up servers are located within the EU.

Where we use third party service providers (such as IT service providers) to assist us, your information may also be stored in accordance with their practices and procedures. This is always subject to undertakings from such third parties that personal data will be kept securely and only in accordance with Life’s specific direction.

Life will not cause or allow personal data to be transferred and/or processed in a country or territory which is outside of the European Economic Area without written consent.

What Are Your Rights?

Under the Data Protection Act 2018, you have the following rights, which we will always work to uphold:

Information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

If you wish to make any comment or have any cause for complaint about our use of your data, you should first contact the DPM. If you believe that Life has not complied with this Privacy Policy or acted otherwise than in accordance with the Data Protection Act 2018 you can also lodge a complaint with the Information Commissioners Office (ICO), the UK supervisory authority for data protection issues at www.ico.org.uk, although the ICO recommends that steps are taken to resolve the matter with Life as the Data Controller before involving the regulator.

Data Retention

We will only retain your data for as long as necessary to fulfil the purposes for which we collected it, including to satisfy any legal, accounting, or reporting requirements, and these are specified below, dependent upon the subject.

Subject Access Requests

If you would like to know what personal data we hold about you, you can request details of that data and a copy of it (where any such personal information is held). This is known as a "subject access request".

All subject access requests should be made in writing and sent to the DPM atLife Healthcare Communications, 31 Chertsey Street, Guildford, Surrey, GU1 4HD, UK; or emailed to the DPM at DPM@life-healthcare.com; or call 07595117395 for details on how to make this request. Please provide everything we need to know to be able to respond to your request as quickly as possible.

We will endeavour to respond to your subject access request within one month of receiving it. Typically, we aim to provide a complete response, including a copy of your data within that time. We will, of course, be better able to respond quickly to smaller targeted requests for information. In some cases, for example, if your request is more complicated, more time may be required to provide a response, which could be up to a maximum of three months from the date we receive your application. You will be kept fully informed of our progress. You should be aware that certain data is exempt from the right of access. This may include information which identifies other individuals, or information which is subject to legal professional privilege.

You will not have to pay a fee to access your data. However, we may ask you to pay a reasonable fee if your request for access is unfounded or excessive, or in some circumstances, we may refuse to comply with your request.

If we decide to charge you a fee or refuse to comply, we will notify you promptly in writing.

Information we may need from you

To process a subject access request, we may require further information to help us to confirm your identity and ensure we are accessing the correct information. This additional data will not be disclosed to any person other than the DPM. Please be aware that failure to provide this information may result in a delay in sending the requested information to you.

Changes to this Privacy Policy

We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be immediately posted on our website and sent to you, if requested or as appropriate, and you will be deemed to have accepted the terms of the Privacy Policy once you have received them or viewed them on our website.

Data Subjects

Clients

Applies to

Former, existing and future clients

Type of data we may hold
Purpose for processing
How is your data collected?
How long will we keep the data?

For former and existing clients, we will keep the data for the period of our contract with you plus up to 7 tax years from the end date of the agreement for tax and legitimate business reasons.

For future clients, where you do not become a client at that point in time, we will retain your information, as agreed by you, until you notify us otherwise.

Suppliers

Applies to

Former, existing and future suppliers

Type of data
Purpose for processing
How is your data collected?
How long will we keep the data?

For former and existing suppliers, we will keep the data for the period of our contract with you plus up to 7 tax years from the end date of the agreement for tax and legitimate business reasons.

For future suppliers, where you do not become a supplier at that point in time, we will retain your information, as agreed by you, until you notify us otherwise.

Other Business Suppliers and Contacts

Applies to

Other former, existing and future business suppliers and contacts, including professional advisers

Type of data
Purpose for processing
How is your data collected?
How long will we keep the data?

For former and existing business suppliers and contacts, we will keep the data for the period of our contract with you plus up to 7 tax years from the end date of the agreement for tax and legitimate business reasons.

For future business suppliers and contacts, where you do not become a supplier at that point in time, we will retain your information, as agreed by you, until you notify us otherwise.

Job Applicants

Applies to

Any applicants seeking opportunities to work with Life, whether or not a specific job is advertised on our website, or vacancy has been placed with a recruitment agency, and to those who are offered employment. If you fail to provide information when requested which is necessary for us to consider your application (such as evidence of qualifications or work history), Life will not be able to process your application successfully.

Type of data
Purpose for processing
How is your data collected?
How long will we keep the data?

Where your application for employment is unsuccessful, your personal data will not be held for any longer than six months and will be erased on a twice-yearly basis as per Life's retention policy, unless requested to do so beforehand by you.

Where your application is successful, further guidance will be provided on your employment commencing with Life.

With whom do we share it?

We may share your information internally for the purpose of processing your application. Where your application has come through a third party, we will share data with them solely relating to your application of employment.

Life Website User

Applies to

All visitors to our website, Twitter, LinkedIn or FaceBook page. Third parties whose content appears on our site may use third-party cookies. Please note that we do not control the activities of such third parties, nor the data that they collect and apply themselves, and we advise you to check the privacy policies of any such third parties.

Type of data collected by Google Analytics
Purpose for processing
How is your data collected?

We use Google Analytics as a third-party service, to collect usual internet log information and details of pages you have visited. We use this information to identify the number of visitors to the various parts of the site. The data type above outlines the data collected and does not identify anyone individually.

You may refuse the use of Google Analytics cookies by selecting the appropriate settings on your browser; however, please note that if you do this, you may not be able to use the full functionality of this website. Google has an Opt-out Browser Add-on to provide website visitors with the ability to prevent their data from being used. Please visit the following website for further information: Google Analytics Opt-out

How long will we keep the data?

We will not keep your data for any longer than is necessary for the reasons for which it was first collected. Your data will, therefore, be held for 26 months.

With whom do we share it?

We will not share any of your data with any third parties for any purposes, subject to one exception when using Google Analytics.

Your data is stored within Google analytics, which is encrypted and protects personal data following GDPR.

How do we use cookies?

Our website may place and access specific first-party cookies on your computer or device. First-party cookies are those set directly by us and are used only by us. We use cookies to facilitate and improve your experience of our site and to provide and improve our services. We have carefully chosen these cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times.

By using our site, you may also receive specific third-party cookies on your computer or device. Third-party cookies are those placed by websites, services, and parties other than us. Third-party cookies are used on our site for Google analytics. For more details, please refer to the table below. These cookies are not integral to the functioning of our site.

All cookies used by and on our site are used following the current Cookie Law.

Before cookies are placed on your computer or device, you will be shown a pop up requesting your consent to set those cookies. By giving your permission to the placing of cookies, you are enabling us to provide the best possible experience and service to you.

Cookie Law deems these cookies to be "strictly necessary". These cookies are shown in the table below. Your consent will not be sought to place these cookies, but it is still essential that you are aware of them. You may even block these cookies by changing your internet browser's settings. We have taken great care to ensure that your privacy is not at risk by allowing them.

The following third-party cookies may be placed on your computer or device:

Name of Cookie

Provider

Purpose

_ga

Google Analytics

Used to distinguish users

_gid

Google Analytics

Used to identify users

_gat

Google Analytics

Used to throttle request rate

In addition to the controls that we provide, you can choose to enable or disable cookies in your internet browser. Most internet browsers also allow you to decide whether you wish to disable all cookies or only third-party cookies. By default, most internet browsers accept cookies, but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.

You can choose to delete cookies on your computer or device at any time; however, you may lose any information that enables you to access our site more quickly.

You may access our site without providing any personal data at all and restrict our use of cookies.

Version number: 1.2

Last reviewed: 12.03.2024