top of page
Rapid booking | Shropshire and UK wide | Occupational Health Provider | Appointments within 3 days
Businessman at workplace Think business investment plan.Contact Investor using cell phone,

Call us on:

Call us on:

Call us on:

Privacy Policy

  • Privacy Policy

    We are committed to protecting your privacy and maintaining the security of any personal information you provide us with. This statement outlines how we ensure this and how we comply with legislation on data protection.
    This Privacy Policy will explain any areas of our website which may affect your privacy and personal details, how they are processed, collected, managed, and stored, and how your rights under the new GDPR (General Data Protection Regulations) are protected.

     

  • The type of personal information we collect

    We may collect personal information from you in order to fulfil your service requests. This includes email addresses, personal name, postal address, and contact numbers. Any personal information used is for the operation and fulfilment of a service requested by you.

    Under the Data Protection Act 1998 and the General Data Protection Regulations 2018, you have the right to review any personal information provided to us at any time.

     

  • Keeping your information secure

    Our systems are designed with your security and privacy in mind and any data provided by you to us will be as secure as it can be. We are fully aware of our responsibilities regarding data under the Data Protection Act 1998 and the General Data Protection Regulations 2018.

    All information is held on a secure system which is compliant with HIPAA standards for security and subject to annual penetration testing.  

    We work to protect the security of your personal information during any communications with you using secure communication methods and secure software procedures. We maintain physical, electronic, and procedural safeguards in connection with storage and disclosure of your personal information. Our security procedures mean that we may ask you to verify your identity before we disclose personal information to you.

    Access to any of your personal data held on our systems is restricted to nominated employees within Ensure Health Ltd.
    We use anti-virus and anti-malware software to reduce the risk of any malicious computer virus or cyber attack on our systems.  We also have a process in place to ensure that all security software updates are applied as soon as they are released.
    We also ensure that your information is encrypted when it is being moved.  Your employer will not have access to your Occupational Health record as it is kept securely on our system and visible only to us.

     

  • Disclosing your information

    We will not sell your information or share it with any other organisations for their own marketing, market research or commercial purposes.

    We may pass on the information we collect about you:

    if we need to disclose your personal information to any law enforcement agency, court, regulator, government authority or other third party where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party
    -to other parties where we identify serious concerns about your or someone else’s health or wellbeing
    -to any third party or supplier for the purposes of providing the services, where you have provided consent (where appropriate)
    -as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation
    Where information is passed to other parties, it will be subject to controls to maintain security and confidentiality of the data and, where it is anonymised data, to prevent re-identification.

     

  • Where do we process your information?

    We process the majority of your information within the UK in accordance with UK GDPR and the Data Protection Act 2018. Emailed information is done using a secure, encrypted email system with a server in Switzerland

     

  • How long do we store your information?

    How long we store your information will depend on the type of record that we have been processing. Your occupational health records are processed for the duration of our contract with your employer and for a further six years after you have left their employment.  After this time, if we have permission from your employer, then your occupational health record will be securely deleted.

    Under Health and Safety law, there is a requirement to keep Health Surveillance records for forty years.  These records will be stored separately on our system and will be kept for forty years.  Where records have been transferred from a previous provider and it is not possible to tell whether the records are Occupational Health records or Health Surveillance records, the longer retention period will be applied.

    If our contract ends with your employer, we will stop processing your information and all personal data and health records will be transferred to your employer’s next occupational health provider (please see above).

    Information that is processed about you, but that does not form part of your Occupational Health record, such as internal email communications may be securely deleted as part of our in-house ‘housekeeping’ procedure to ensure that we do not retain your data unnecessarily.

     

  • Your rights
     

  • Under data protection laws, you have a number of rights. For example, you can ask us: 

  • for a copy of the information we hold about you

  • to delete some inaccurate information or correct any inaccuracies

  • to update any out-of-date information

    If we hold your information for the purposes of services we provide on behalf of another organisation, any request you make may be more relevant to them and we may ask you to contact them directly. If you do send your request to us and we pass it to another organisation, we will tell you.
    When making your request you should provide us with enough information to allow us to confirm your identity. We may ask for more information, for example to allow us to locate that information or if someone else makes the request to us on your behalf we may ask for a specific form of authority by which you allow them to receive your information from us on your behalf.

  • If you ask us to delete all data we hold about you, and we hold the information based on

  • your consent – we will consider deleting it.

  • another legal basis – we will consider your request on a case by case basis, establish if the legal basis still applies and whether we can otherwise delete the information. If it is not necessary for us to keep it, we will delete it.

    If you want to receive information about who the data controller is for one of our services, or the legal basis for processing your personal information under GDPR you should contact us.

     

  • Common law of confidentiality and consent

    Health professionals have a duty to comply with the common law of confidentiality which means that you have a right to withdraw your consent for us to share information about your health to your employer (this is separate from and distinct to your rights under UK GDPR).  
    If you choose to do this, we must notify your employer who may need to make decisions without the benefit of impartial Occupational Health advice.  If your job involves a requirement for routine fitness to work medicals or health surveillance screening, then your employer may have to stop you from doing your job.

     

  • How to contact us
    If you have any questions about your personal information, or how we use it, you can contact email via 
    Email: admin@getmedic.co.uk
    Post: Get Medic Ltd, Corner House, Vicarage Road, Shrewsbury, SY3 9EX 

    We encourage you to contact us if you have any concerns about how we use your personal information, however, if you are not satisfied with our response or believe we are processing your personal information incorrectly and not in accordance with UK GDPR, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at  www.ICO.org.uk.

​

​

bottom of page