· If PillarCare does not transfer personal data outside of the EEA, PillarCare will delete the section entitled “Where we store your personal data”
· If PillarCare is not required to appoint a Data Protection Officer, PillarCare will delete references to the Data Protection Officer or will consider replacing references to the Data Protection Officer with references to the Privacy Officer at PillarCare or other person nominated to have day-to-day responsibility for data protection and GDPR
3. GDPR has changed the way cookies should be incorporated into websites which means that PillarCare must explain what cookies will be set and what the cookies will do to the users of its website.
4. PillarCare must, therefore, update its processes for collecting consent for cookies. In practice, this means:
· Users must take a clear and positive action to consent to non-essential cookies
· The websites and apps of PillarCare must tell users clearly what cookies will be set and what they do, including any third-party cookies
· Pre-ticked boxes or any equivalents, such as sliders defaulted to “on”, cannot be used for non- essential cookies
· The users at PillarCare must have control over any non-essential cookies
· Non-essential cookies must not be set on landing pages before you gain the user’s consent
Consent is not required for cookies that are defined as “strictly necessary” or that fall within the communication exemption. “Strictly necessary” cookies are those that are essential to providing the service requested by the user. Such cookies must be essential to fulfil their request. Those that are simply helpful or convenient, but not essential, or that are essential for the purposes of PillarCare, will still require consent. The communication exemption is about the transmission of a communication over an electronic communications network. For the exemption to apply, the transmission of the communication must be impossible without the use of the cookie. Simply using a cookie to assist the communication is insufficient for the exemption to apply.
PillarCare must note, in particular, that cookies used for analytical purposes or those used for marketing and advertising will always need consent as they are considered to be non-essential. This guidance may change as the latest draft legislation is subject to some challenges on this point.
PillarCare must read the ICO’s cookie guidance available at: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/ for further information on the types of cookie that require consent.
3. PillarCare will use the template Fair Processing Notice to inform all other Data Subjects, including Service Users, about how PillarCare processes personal data other than personal data collected via the website.
1. Data Subject
· The individual about whom PillarCare has collected personal data
2. Data Protection Act 2018
· The Data Protection Act 2018 is a United Kingdom Act of Parliament that updates data protection laws in the UK. It sits alongside the General Data Protection Regulation and implements the EU’s Law Enforcement Directive
· General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It was adopted on 14 April 2016 and after a two-year transition period became enforceable on 25 May 2018
4. Personal Data
· Any information about a living person including but not limited to names, email addresses, postal addresses, job roles, photographs, CCTV and special categories of data, as defined below
5. Process or Processing
· Doing anything with personal data, including but not limited to collecting, storing, holding, using, amending or transferring it. PillarCare does not need to be doing anything actively with personal data – at the point PillarCare collects it, it is processing it
6. Special Categories of Data
· Has an equivalent meaning to “Sensitive Personal Data” under the Data Protection Act 2018. Special categories of data include but are not limited to medical and health records (including information collected as a result of providing health care services), Care Plans and information about a person’s religious beliefs, ethnic origin and race, sexual orientation and political views
· Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website and can be accessed either by the web server or the client’s computer
8. The Information Commissioner’s Office (ICO)
· The ICO is the UK’s independent body set up to uphold information rights
We are PillarCare, a Private limited Company incorporated in England and Wales. Our company number is 10260088 and our registered address is 36 Gloucester Avenue, Primrose Hill, London NW1 7BB.
(“PillarCare” / “we” / “our” / “us”). We are committed to ensuring that your privacy is protected. We comply with the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) unless and until the GDPR is no longer directly applicable in the UK, together with any national implementing laws, regulations and secondary legislation as amended or updated from time to time in the UK, and any successor legislation to the GDPR and the DPA (together “Data Protection Legislation”). We are the data controller of data you pass to us pursuant to this policy. Our Data Protection Officer can be contacted at firstname.lastname@example.org.
What information does PillarCare hold and how will we use it?
Information you give PillarCare: You may give us information about you by completing enquiry forms on the website. The information you give us may include your name, email address, address/location and phone number.
Information PillarCare collects about you: PillarCare may collect the following information from you when you visit the website:
• Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
• Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from the website (including date and time), products you viewed or searched for, page response times, website errors, length of visits to certain pages, page interaction information, methods used to browse away from the page and any phone number used to call our helpline
Information we receive from other sources: This includes information we receive about you when you use other websites operated by us or other services we provide. This information may include your name, email address, postal address and phone number.
How long PillarCare will retain your data: We will only retain this data for as long as necessary for the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements and, where required for PillarCare to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. If you want to learn more about our specific retention periods for your Personal Data established in our retention policy you may contact us at email@example.com.
Use Made of the Information
PillarCare may use the information we receive and/or collect about you to:
• Fulfil our obligations under any contract that we have entered into with you or with a Service User that you represent, and to provide you or the relevant Service User with information or services that you or the Service User has requested
• Send you newsletters and marketing information if you have consented to us doing so
• Notify you of products and services that we feel may interest you, or permit third parties to do so if you have provided the appropriate consent
• Monitor website usage and provide statistics to third parties for the purposes of improving and developing the website and the services we provide via the website
PillarCare processes personal information for certain legitimate business purposes, which include some or all the following:
• Where the processing enables PillarCare to enhance, modify, personalise or otherwise improve the website, its services or communications
• To identify and prevent fraud
• To enhance the security of the network and information systems of PillarCare
• To better understand how people interact with the websites of PillarCare
• To administer the website and carry out data analysis, troubleshooting and testing; and
• To determine the effectiveness of promotional campaigns and advertising
If we obtain consent from you to do so, we may provide your personal details to third parties so that they can contact you directly in respect of services in which you may be interested.
Where we are processing personal data that we have obtained via the website on the basis of having obtained consent from you, you have the right to withdraw your consent to the processing of your personal data at any time. If you would like to withdraw your consent or prefer not to receive any of the above-mentioned information (or if you only want to receive certain information from us) please let us know by contacting us. Please bear in mind that if you object, this may affect our ability to carry out the tasks above for your benefit.
We will not share, sell or distribute any of the information you provide to us (other than as set out in this policy) without your prior consent, unless required to do so by law.
Third Party Sites
How Safe is your Information?
Protecting your security and privacy is important to us and we make every effort to secure your information and maintain your confidentiality in accordance with the terms of the Data Protection Legislation. The website is protected by various levels of security technology, which are designed to protect your information from any unauthorised or unlawful access, processing, accidental loss, destruction and damage.
We will do our best to protect your personal data but the transmission of information via the Internet is not completely secure. Any such transmission is therefore at your own risk.
Disclosure of your Information
Please note we may need to disclose your personal information where we:
• Sell any or all our business or assets or we buy another business or assets in which case we may disclose your personal data to the prospective buyer or seller
• Are under a legal duty to comply with any legal obligation or to enforce or apply our terms and conditions; or
• Need to disclose it to protect our rights, property or the safety of our customers or others, including the exchange of information with other companies, organisations and/or governmental bodies for the purposes of fraud protection and credit risk reduction
Your Rights in Respect of your Data
If any of the information you provide to us via the website changes, please let us know as soon as possible so that we can make the necessary changes to the information we hold for you on our database. If you wish to make any changes to your information, please contact us.
If you wish to access or rectify the information we hold about you, or request that such information be transmitted directly to another data controller, please contact us. We shall process your request to access your information within one month of receipt, or we’ll let you know within that timeframe if we need more information from you. We will process your request free of charge.
To request that your information is deleted or if you wish to restrict or object to the processing of your information, please contact us.
If you have any complaints about our use of your personal data, please contact us. You also have the right to complain to the relevant supervisory authority in your jurisdiction. In the UK, the supervisory authority is the Information Commissioner’s Office. Contact details for the ICO can be found at https://ico.org.uk/.
Cookies are small text files which a website may put on your computer or mobile device when you first visit the website. The cookies will help the website recognise your device the next time you visit. Web beacons or other similar files can also do the same thing. We use the term “cookies” in this policy to refer to all files that collect information in this way.
We use the following cookies:
• Strictly necessary cookies. These are cookies that are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Disabling them may mean you are not able to access parts of our website.
• Analytical or performance cookies. We use these cookies to collect information about how visitors use the website, for instance which pages visitors go to most. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. Some of these cookies are known as analytic cookies which allow us to monitor website traffic using industry accepted third parties.
• Functionality cookies. These cookies are used to recognise you when you return to our website and to remember changes you have made to things such as text size, fonts and other parts of the website you can change so we can personalise our content for you.
• Targeting cookies. We use these cookies to record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may share this information with third parties for this purpose.
Most browsers accept cookies automatically, but you can change your cookie preferences by adjusting your browser settings to refuse the setting of all or some cookies if you prefer. You can usually do this by visiting the “options” or “preferences” menu on your browser. Please note, however, that if you do this and choose to block all cookies (including essential cookies) we cannot guarantee that your experience will be as fulfilling as it would otherwise be, and you may not be able to access all or parts of our website.