Our data protection policy and how data is used is detailed below. We will not disclose any of your personal information to any third parties. For more detail please Contact Us
We are committed to safeguarding the privacy of our website visitors; this policy sets out how we treat your personal information.
REVISIONS, CHANGES, AND UPDATES
Flexipath Thoughti Health Ltd, Ltd is the data controller in respect of all the personal data collected on or in relation to this website.
Post: Flexipath Thoughti Health Ltd, Kemp House 152-160 City Road, London EC1V 2NX.
Users personal information
We understand the importance of protecting you from the unauthorized use of information you provide in the course of doing business with us. Except as disclosed in this policy or our User Agreement, we will not give away, sell or otherwise disclose any information that personally identifies you. We may disclose personal information about you if we are compelled to do so by law or by valid legal process. We may disclose personal information if we have your express permission to do so, or the disclosure is to our service providers to assist us in providing our services, or for user verification purposes. We may also use IP addresses to analyze trends, administer the site and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information. We have the right to remove personal identifiers from your personal information so that it cannot reasonably be used to identify you.
The User Agreement sets forth the ways in which we may use or disclose protected health information we receive from you or create or receive on your behalf. Among other permitted uses, we may:
- Allow access to your health information to you and your workforce for whatever purpose you require it.
- Transmit your health information between our service users – Clinics/practices to laboratories and vice versa.
- Use your health information for the proper management and administration of our business, and to carry out our legal responsibilities. We may also disclose your health information for these purposes if the disclosure is required by law. For example, we may permit access to the system by our contracted system developers under appropriate confidentiality agreements.
- To any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
You agree that you will use other persons’ information available on or through this site (whether or not protected health information) strictly in accordance with applicable laws and regulations, and you will ensure that others under your control who have access to such information also comply with applicable laws and regulations. You are solely responsible for obtaining and maintaining all patient consents and authorizations necessary for your use of the site and the systems to which it provides access.
To access your account, you must provide the identifier we provided you. With this information, we can verify your identity and permit you to view data in our system. We log and audit system use in order to ensure that users are using the system appropriately. If we have questions about your use of the system, we may contact you. We may also disclose your identity to others to assist in the investigation of suspected misuse of our systems, and otherwise to ensure the proper operation of our systems.
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure (password- and firewall- protected) servers. All electronic transaction data associated with transactions you make on or in relation to our website will be encrypted.
You are responsible for keeping your password and user details confidential. We will not ask you for your password (except, of course, when you log in to the website).
Right of access
You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to:
The supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address).
We may refuse a subject access request or raise a fee for processing the request if the request is manifestly unfounded or excessive.
We may withhold such personal information to the extent permitted by law.
Subject access requests should be addressed to firstname.lastname@example.org
Right to rectification
Where you identify that incorrect information is held you may instruct us to amend that information.
Right to erasure
Individuals have a right to have personal data erased and to prevent processing in specific circumstances:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When the individual withdraws consent.
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
- The personal data has to be erased in order to comply with a legal obligation.
Generally Flexipath will not process a request to erase information where there is an ongoing legal obligation on the company to retain the information, for example for taxation and social security purposes.
Right to data portability
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
The right to data portability only applies:
- To personal data an individual has provided to a controller;
- Where the processing is based on the individual’s consent or for the performance of a contract; and
- When processing is carried out by automated means.
Right to object
Individuals have the right to object to:
- Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
- Direct marketing (including profiling);and
- Processing for purposes of scientific/historical research and statistics.
Objections to processing, other than for marketing purposes for non Flexipath staff must be made in writing to the Controller and must outline the grounds for objection.
Right to restrict processing
In certain circumstances an individual may request that processing of their personal data is restricted. This means that the information can be stored, but not used, except in restricted circumstances.
This right may be exercised in the following circumstances;
- Where an individual contests the accuracy of the personal data, the company shall restrict the processing until the accuracy of the personal data has been verified.
- Where an individual has objected to the processing (where it was necessary for the performance of a public interest task or purpose of legitimate interests), and we are considering whether it’s legitimate grounds override those of the individual.
- When processing is unlawful and the individual opposes erasure and requests restriction instead.
- If we no longer needs the personal data but the individual requires the data to establish, exercise or defend a legal claim.
Rights related to automated decision making
We do not use any automated decision making and profiling systems.
Right to make a complaint to the Information Commissioner
Individuals have the right to raise a complaint about any aspect of the way Flexipath collects, processes, stores or deals with personal data, including complaints.
Contact the Information Commissioner (ICO) for further information on how to do make a complaint.
Each time you visit our site, we collects the limited information that your browser makes available whenever you visit any website. Additionally, we may place internet “cookies” on the computer hard drives of visitors to this website. Information we obtain from cookies helps us to tailor our site to be more helpful and efficient for our visitors. The cookie consists of a unique identifier that does not contain information about you or your health history. We use two types of cookies, “session” cookies and “persistent” cookies.
- A session cookie is temporary and expires after you end a session and close your web browser. We use session cookies to help customize your experience on our site and maintain your signed-on status as you navigate through the features.
- Persistent cookies remain on your hard drive after you’ve exited from our site until you erase them or they expire. Persistent cookies will not contain any personal information about you.
Marketing products and services
We will NOT place advertisements of any type on the interface to our services and we will NOT use or disclose to any third party any information that identifies you to enable the third party to market products or services to you directly.
Third party websites
Where the website contains links to third party websites. We are not responsible for the privacy policies or practices of those third party websites.
FlexipathThoughi Health Ltd, Kemp House 152-160 City Road, London EC1V 2NX
Telephone: 0207 4677 303