PillarCare Website Privacy and Cookies Policy and Procedure

Policy

1. PillarCare understands that if it operates a website, it may need to update its Privacy Policy to ensure that it is compliant with GDPR. PillarCare will use this Privacy Policy as a template for its updated

version. PillarCare understands that this Privacy Policy only needs to be uploaded by PillarCare to its website if it collects personal data via its website. PillarCare will use the template Fair Processing Notice to inform all other Data Subjects, including Service Users, about how PillarCare processes personal data other than personal data collected via the website.

2. PillarCare understands that the form attached to this policy constitutes the template Privacy Policy. PillarCare understands that terms in square brackets are optional (depending on whether they apply to PillarCare or not) or require completion by PillarCare. PillarCare will review the Privacy Policy in its entirety to determine which elements are applicable to its website, and which are not relevant.

For example:

·        If the template Privacy Policy below refers to personal data that is not collected by PillarCare via its website, PillarCare will delete references to such personal data

·        If the website of PillarCare does not use cookies, PillarCare will delete references to cookies and the Cookie Policy at PillarCare

·        If PillarCare does not transfer personal data outside of the EEA, PillarCare will delete the section entitled “Where we store your personal data”

·        If PillarCare is not required to appoint a Data Protection Officer, PillarCare will delete references to the Data Protection Officer or will consider replacing references to the Data Protection Officer with references to the Privacy Officer at PillarCare or other person nominated to have day-to-day responsibility for data protection and GDPR

If PillarCare uses personal data collected via its website in a way that is not described in the Privacy Policy, it will consider incorporating additional sections.

This Privacy Policy directs users to a webpage with a contact form or contact details if they wish to contact PillarCare. PillarCare will consider whether to provide an alternative contact method instead, such as an email address and/or phone number.

If PillarCare has any concerns or queries in respect of the template Privacy Policy, it will seek legal advice.

3. GDPR has changed the way cookies should be incorporated into websites which means that PillarCare must explain what cookies will be set and what the cookies will do to the users of its website.

PillarCare must obtain consent from individuals to store certain cookies on devices. Cookies that are not strictly necessary need consent which is GDPR compliant which means that PillarCare can no longer rely on implied consent. PillarCare will ensure that it uses a cookie banner on its website to obtain consent to the use of cookies in line with this policy and that if no consent is obtained, no cookies will be set.

4. PillarCare must, therefore, update its processes for collecting consent for cookies. In practice, this means:

·        Users must take a clear and positive action to consent to non-essential cookies

·        The websites and apps of PillarCare must tell users clearly what cookies will be set and what they do, including any third-party cookies

·        Pre-ticked boxes or any equivalents, such as sliders defaulted to “on”, cannot be used for non- essential cookies

·        The users at PillarCare must have control over any non-essential cookies

·        Non-essential cookies must not be set on landing pages before you gain the user’s consent

Consent is not required for cookies that are defined as “strictly necessary” or that fall within the communication exemption. “Strictly necessary” cookies are those that are essential to providing the service requested by the user. Such cookies must be essential to fulfil their request. Those that are simply helpful or convenient, but not essential, or that are essential for the purposes of PillarCare, will still require consent. The communication exemption is about the transmission of a communication over an electronic communications network. For the exemption to apply, the transmission of the communication must be impossible without the use of the cookie. Simply using a cookie to assist the communication is insufficient for the exemption to apply.

PillarCare must note, in particular, that cookies used for analytical purposes or those used for marketing and advertising will always need consent as they are considered to be non-essential. This guidance may change as the latest draft legislation is subject to some challenges on this point.

PillarCare must read the ICO’s cookie guidance available at: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/ for further information on the types of cookie that require consent.

 

Procedure

1. PillarCare will consider whether or not it collects personal data via its website (for example, via enquiry forms, requests to be sent newsletters, requests for provision of services) and whether it needs a Privacy Policy. PillarCare acknowledges that the use of cookies constitutes processing of personal data via the website.

2. PillarCare will review the template Privacy Policy. PillarCare will adapt the Privacy Policy before uploading it to its website to ensure that all aspects of the Privacy Policy are relevant and reflect the ways in which PillarCare processes personal data collected via its website. Where PillarCare has any concerns or queries in relation to its own Privacy Statement, PillarCare will seek legal advice.

3. PillarCare will use the template Fair Processing Notice to inform all other Data Subjects, including Service Users, about how PillarCare processes personal data other than personal data collected via the website.

 

Definitions

1. Data Subject

·        The individual about whom PillarCare has collected personal data

2. Data Protection Act 2018

·        The Data Protection Act 2018 is a United Kingdom Act of Parliament that updates data protection laws in the UK. It sits alongside the General Data Protection Regulation and implements the EU’s Law Enforcement Directive

3. GDPR

·        General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It was adopted on 14 April 2016 and after a two-year transition period became enforceable on 25 May 2018

4. Personal Data

·        Any information about a living person including but not limited to names, email addresses, postal addresses, job roles, photographs, CCTV and special categories of data, as defined below

5. Process or Processing

·        Doing anything with personal data, including but not limited to collecting, storing, holding, using, amending or transferring it. PillarCare does not need to be doing anything actively with personal data – at the point PillarCare collects it, it is processing it

6. Special Categories of Data

·        Has an equivalent meaning to “Sensitive Personal Data” under the Data Protection Act 2018. Special categories of data include but are not limited to medical and health records (including information collected as a result of providing health care services), Care Plans and information about a person’s religious beliefs, ethnic origin and race, sexual orientation and political views

7. Cookies

·        Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website and can be accessed either by the web server or the client’s computer

8. The Information Commissioner’s Office (ICO)

·        The ICO is the UK’s independent body set up to uphold information rights

We are PillarCare, a Private limited Company incorporated in England and Wales. Our company number is 10260088 and our registered address is 36 Gloucester Avenue, Primrose Hill, London NW1 7BB.

(“PillarCare” / “we” / “our” / “us”). We are committed to ensuring that your privacy is protected. We comply with the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) unless and until the GDPR is no longer directly applicable in the UK, together with any national implementing laws, regulations and secondary legislation as amended or updated from time to time in the UK, and any successor legislation to the GDPR and the DPA (together “Data Protection Legislation”). We are the data controller of data you pass to us pursuant to this policy. Our Data Protection Officer can be contacted at enquiries@pillarcare.co.uk.

This Privacy Policy together with our Cookie Policy sets out how we collect personal information from you and how the personal information you provide will be processed by us. By visiting the website at www.pillarcare.co.uk (the “Website”) you are accepting and consenting to the practices described in this Privacy Policy. If you do not consent, please do not submit any personal data to us.

What information does PillarCare hold and how will we use it?

Information you give PillarCare: You may give us information about you by completing enquiry forms on the website. The information you give us may include your name, email address, address/location and phone number.

Information PillarCare collects about you: PillarCare may collect the following information from you when you visit the website:

•             Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and

•             Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from the website (including date and time), products you viewed or searched for, page response times, website errors, length of visits to certain pages, page interaction information, methods used to browse away from the page and any phone number used to call our helpline

Information we receive from other sources: This includes information we receive about you when you use other websites operated by us or other services we provide. This information may include your name, email address, postal address and phone number.

How long PillarCare will retain your data: We will only retain this data for as long as necessary for the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements and, where required for PillarCare to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. If you want to learn more about our specific retention periods for your Personal Data established in our retention policy you may contact us at enquiries@pillarcare.co.uk.  

The Website uses cookies to distinguish you from other users of the website. For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy below.

Use Made of the Information

PillarCare may use the information we receive and/or collect about you to:

•             Fulfil our obligations under any contract that we have entered into with you or with a Service User that you represent, and to provide you or the relevant Service User with information or services that you or the Service User has requested

•             Send you newsletters and marketing information if you have consented to us doing so

•             Notify you of products and services that we feel may interest you, or permit third parties to do so if you have provided the appropriate consent

•             Monitor website usage and provide statistics to third parties for the purposes of improving and developing the website and the services we provide via the website

PillarCare processes personal information for certain legitimate business purposes, which include some or all the following:

•             Where the processing enables PillarCare to enhance, modify, personalise or otherwise improve the website, its services or communications

•             To identify and prevent fraud

•             To enhance the security of the network and information systems of PillarCare

•             To better understand how people interact with the websites of PillarCare

•             To administer the website and carry out data analysis, troubleshooting and testing; and

•             To determine the effectiveness of promotional campaigns and advertising

If we obtain consent from you to do so, we may provide your personal details to third parties so that they can contact you directly in respect of services in which you may be interested.

Where we are processing personal data that we have obtained via the website on the basis of having obtained consent from you, you have the right to withdraw your consent to the processing of your personal data at any time. If you would like to withdraw your consent or prefer not to receive any of the above-mentioned information (or if you only want to receive certain information from us) please let us know by contacting us. Please bear in mind that if you object, this may affect our ability to carry out the tasks above for your benefit.

We will not share, sell or distribute any of the information you provide to us (other than as set out in this policy) without your prior consent, unless required to do so by law.

Third Party Sites

Our website may contain links to third party websites, including websites via which you are able to purchase products and services. They are provided for your convenience only and we do not check, endorse, approve or agree with such third-party websites nor the products and/or services offered and sold on them. We have no responsibility for the content, product and/or services of the linked websites. Please ensure that you review all terms and conditions of website use and the Privacy Policy of any such third-party websites before use and before you submit any personal data to those websites.

How Safe is your Information?

Protecting your security and privacy is important to us and we make every effort to secure your information and maintain your confidentiality in accordance with the terms of the Data Protection Legislation. The website is protected by various levels of security technology, which are designed to protect your information from any unauthorised or unlawful access, processing, accidental loss, destruction and damage.

We will do our best to protect your personal data but the transmission of information via the Internet is not completely secure. Any such transmission is therefore at your own risk.

Disclosure of your Information

Please note we may need to disclose your personal information where we:

•             Sell any or all our business or assets or we buy another business or assets in which case we may disclose your personal data to the prospective buyer or seller

•             Are under a legal duty to comply with any legal obligation or to enforce or apply our terms and conditions; or

•             Need to disclose it to protect our rights, property or the safety of our customers or others, including the exchange of information with other companies, organisations and/or governmental bodies for the purposes of fraud protection and credit risk reduction

Your Rights in Respect of your Data

If any of the information you provide to us via the website changes, please let us know as soon as possible so that we can make the necessary changes to the information we hold for you on our database. If you wish to make any changes to your information, please contact us.

If you wish to access or rectify the information we hold about you, or request that such information be transmitted directly to another data controller, please contact us. We shall process your request to access your information within one month of receipt, or we’ll let you know within that timeframe if we need more information from you. We will process your request free of charge.

To request that your information is deleted or if you wish to restrict or object to the processing of your information, please contact us.

If you have any complaints about our use of your personal data, please contact us. You also have the right to complain to the relevant supervisory authority in your jurisdiction. In the UK, the supervisory authority is the Information Commissioner’s Office. Contact details for the ICO can be found at https://ico.org.uk/.

 

If you have any further queries or comments on our Privacy Policy, please contact. We also welcome your views about our website and our Privacy Policy.

COOKIES WEBSITE STATEMENT

Cookies are small text files which a website may put on your computer or mobile device when you first visit the website. The cookies will help the website recognise your device the next time you visit. Web beacons or other similar files can also do the same thing. We use the term “cookies” in this policy to refer to all files that collect information in this way.

 

We use cookies to distinguish you from other users of the website. This helps us to provide you with a good experience when you use the website and also allows us to improve the services we provide to you. On revisiting the website, we will be able to obtain information about your previous visits and about your computer including where available, your IP address, operating system and browser type, for system administration. This is statistical data about your browsing actions and patterns and does not identify you. For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer.

 

We use the following cookies:

•         Strictly necessary cookies. These are cookies that are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Disabling them may mean you are not able to access parts of our website.

•         Analytical or performance cookies. We use these cookies to collect information about how visitors use the website, for instance which pages visitors go to most. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. Some of these cookies are known as analytic cookies which allow us to monitor website traffic using industry accepted third parties.

•         Functionality cookies. These cookies are used to recognise you when you return to our website and to remember changes you have made to things such as text size, fonts and other parts of the website you can change so we can personalise our content for you.

•         Targeting cookies. We use these cookies to record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may share this information with third parties for this purpose.

For more details on the specific cookies we use, why we use them and when they will expire, please see Part 1 of Appendix 1 of this Cookie Policy.

Please note that third parties (such as advertising networks and providers of external services) may also use cookies on the website, over which we have no control. These cookies are likely to be analytical cookies, performance cookies or targeting cookies. Part 2 of Appendix 1 of this Cookie Policy provides a list of the third parties who may use these cookies and the reasons for which they use them.

 

Most browsers accept cookies automatically, but you can change your cookie preferences by adjusting your browser settings to refuse the setting of all or some cookies if you prefer. You can usually do this by visiting the “options” or “preferences” menu on your browser. Please note, however, that if you do this and choose to block all cookies (including essential cookies) we cannot guarantee that your experience will be as fulfilling as it would otherwise be, and you may not be able to access all or parts of our website.

 

Where we collect personal data as part of our use of cookies on the website, we will do so in accordance with our Privacy Policy above.