Your information – Privacy Notice
Updated February 2019
At Virgin Care, we want you to be confident that your information is kept safe and secure with us and understand how we use it to provide great care and a more personalised experience.
Who are we?
What information do we collect about you?
Information from other sources
How will we use the information about you?
How we store and protect your data?
Access to your information, your rights and correction
How to contact us
We are Virgin Care Private Limited, a company registered in England and Wales. Our company registration number is 10796658 and our registered office is at Lynton House, 7-12 Tavistock Square, London, United Kingdom, WC1H 9LT.
We may collect the following information from you and other sources:
When you enquire about our services, we may collect:
- Personal data that you provide such as such as your name, age and contact details when you contact us through our website, by phone, email, post, face to face or social media
- Information collected from our website – eg IP addresses and browsing behaviour from our website and any supporting apps you may use (please see more in our cookie section)
If you don’t provide us with information, we will not be able to respond to your enquiries about healthcare.
When you use our services, we may collect:
- Basic information about you such as your name, date of birth, postal and billing address, telephone numbers, next of kin, GP practice detail
- Your account login details including your username and password
- Information about your health and wellbeing, treatment and care. This may also include information about your marital status, ethnicity and sexual orientation and results of X-Rays, scans and laboratory tests.
- Video images if you use our video consultation service
- Bank information (this is retained by our third party payment service)
- Your employers details (if we are providing occupational health services or providing them with a medical report)
- Your health insurer where applicable
- Information from compliments, complaints and incidents
- Your feedback and contribution to our client questionnaires and surveys
We work closely with third parties such as health and care business partners and sub-contractors such as those providing pathology services, sexual health services, scans and X-rays. We therefore may receive information from them relating to your health and care such as referrals, reports and test results
We may also receive information about you from our trusted sub-contractors who provide technical support, payment services, advertising and analytics support. This could be confirmation of payment for your health and care services and information about your browsing behaviour on our websites and supporting applications
This section explains how and why we use your personal data:
We need to process your personal data to manage your personal account, to carry out our obligations arising from any contracts entered into between us and you, to provide you with information or services you have requested and to help you with any payments or refunds you may require
To ensure that you receive the best possible care, your health record will also contain more sensitive information and reports about your health including details of any appointments, illness, tests and other treatments you receive. This may be shared with those who have a legal and legitimate need to see it to support your care. For more information please see our Information Governance page or equivalent ‘Your health records’ leaflet.
We may share minimal and relevant information within the Virgin Care Group in order to provide effective information technology, financial, legal and governance support
We use personal or anonymised data to monitor how effective our services are and to make sure that the treatments and services we provide are meeting the needs of our clients
We use your personal data to send you our newsletters and information about products and services that you may be interested in. You can opt out of this at any time
We may use your personal contact details to notify you about changes to our service
We collect information for the following legitimate interests:
- Providing and managing your healthcare and wellbeing on your behalf or on behalf of others
- Managing all aspects of our relationship with you including contacting you about your appointments through text message reminders and client feedback, your account, payments, compliments, complaints, incident handling and claims etc
- To monitor compliance and improve our services
Sometimes we are required by law to pass on certain information about you without your consent, for example:
- Reporting some infectious diseases
- Where a law, court order or public authority instructs us to do so
Information about you may be shared without your consent in exceptional situations, such as:
- when a serious crime has been committed
- if there is a serious risk to the public or our colleagues
- to protect children or vulnerable adults who are unable to decide whether their information should be shared
With your consent, we may contact you about our services and products. You can opt out of this at any time, either through your account if you are a registered client, by: contacting the service by phone on 0300 247 0121 or by email at email@example.com or through our Privacy Portal which will direct you to our data protection team.
The confidentiality and security of your information is of paramount importance to us. We take the utmost care when handling your personal and confidential information and ensure that we have appropriate organisational and technical security measures in place to prevent unauthorised access, accidental damage, destruction or loss
We use computer safeguards such as firewalls and data encryption and enforce physical access controls to our building and record to keep information safe and expect those who are employed or work in partnership with us have regular training and follow our policies and procedures. We take active steps to monitor compliance with these
Personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may be processed outside the EEA by one of our service providers. When we transfer your personal data, we will ensure that there are adequate protections in place, in line with UK Data Protection Laws.
Credit card payment transactions will be processed securely by our third party payment processors
We enforce physical, electronic and procedural safeguards in connection with the collection, storage, disclosure and destruction of personal data. We may ask for proof of identity before we share your personal data with you or your representative
By sending us an email message (for example via our firstname.lastname@example.org email), you will be sending us personal identifying information, such as your name and email address. In these cases, we may retain the information as long as necessary to respond to your request or otherwise resolve the subject matter of your e-mail. Please be aware that email is not necessarily secure from third party interception or misdirection. For your own protection you may wish to communicate sensitive information using a method other than email. If you prefer email correspondence, we can arrange for an encrypted email message to be set up for communication. Please contact the team for more information.
From time to time we would like to contact you with details of other products and services we provide at Virgin Care Private.
When you register with us, we will ask you if you would like to receive marketing communication.
If you have consented to receive information, you can of course change your choice or opt out at any time online, at the clinic, over the phone or in writing at any time. If you no longer wish to be contacted about our products and services, please call or email us so we can amend your contact preferences.
Medical Records Retention
As the service has now closed, we will retain a copy of medical records for 4 years (adults) and 22 years (children) from the date of closure. The includes associated information relating to your contact details and preferences for contact..
Please keep us up to date if you change your details.
Under UK Data Protection law, you have the right to request a copy of the information we hold about you. If you would like a copy of some or all of your personal information, feel something is not right after reading your records or you have a query about your rights, please contact our Head of Information Governance and Data Protection Officer by clicking here.
Data Protection laws provides you with the following rights:
|The right of access||You are entitled to request a copy of the personal data we hold about you. We will respond to your request, free of charge within 1 month. Please make your request direct at the service or via our secure privacy portal which you can find here
|The right to rectification||You are entitled to request changes to information if it is inaccurate or incomplete.
|The right to erasure||Where no overriding legal basis or legitimate reason continues to exist for processing personal data, you may request that we delete the personal data.
|The right to restrict processing||Under certain circumstances, you may ask us to stop processing your personal data. We will still hold the data, but will not process it any further.
|The right to data portability||Subject to certain conditions, you may request a copy of your personal data to be transferred to another organisation.
|The right to object to processing||You have the right to object to our processing of your data where
· Processing is based on legitimate interest;
· Processing is for the purpose of direct marketing;
· Processing is for the purposes of scientific or historic research;
· Processing involves automated decision-making and profiling.
Please note that the above rights may not apply in all circumstances but we will respond within a month of any requests. If you have any questions or concerns about the information we hold on you, please contact our Data Protection Officer by one of the following options:
Via our secure Data Subject Rights Portal
Tel: 01925 302590
FAO Head of Information Governance & Data Protection Officer
6600 Daresbury Business Park
If you are not happy about the way your information is handled, you have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioners Office (ICO).
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information
The information is used to trace visitor use of the website and to compile statistical reports on website activity.
You can set your browser not to accept cookies and the following websites tell you how to remove cookies from your browser. However, you may find that this impacts on your user experience when navigating the website.
Other websites and applications
We keep our privacy notice under regular review and we will place any updates on this website. This policy was last updated in February 2019 to reflect changes due to the closure of the service.
If you would like to know a little bit more about how Virgin Care Private Limited handles your personal information or have a query or request, please contact our Data Protection Officer:
Sarah Murray, Head of Information Governance
t: 01925 302590