Privacy statement

AGILLEX PRIVACY STATEMENT

This statement sets out information you should read regarding the way we collect and process your personal data.

Data we collect

1.    Data you provide

We ask you to provide us with some types of personal data when you contact us or if you ask us to provide you, or your organisation, with services.  This information includes your name and contact details (email address, postal address and telephone numbers). 

Where you use our occupational health services, this information will also include special categories of data, including information that may reveal your racial or ethnic origin or data concerning your health, including sex life or sexual orientation.

2.    Data from other sources

We may receive some personal information from your employer.  This may include your contact details so that we can communicate with you in respect of the services that we are providing.

For example, we may receive information from your employer in relation to management referrals for occupational health services, including information concerning your health.

We also have access to analytical data provided by Google Analytics relating to the use of our website, though this information is typically provided in an anonymised form.

3.    Cookies

Our website only uses session cookies, i.e. cookies that only last so long as you are accessing our website.  

A cookie is a small file automatically placed on your device that is intended to enhance the user experience.  You can disable these by adjusting your browser settings.

How we use your data

1.    Our services

We use your personal data as necessary to provide our services to you or your organisation.

2.    Communications

Exceptionally, we may need to contact you relating to your use of our website.  For example, to notify you of changes to the services that we provide.

3.    Marketing

We will notuse your personal data for advertising or direct marketing purposes.

4.    Data sharing

Periodically, we may need to share your personal data with third parties.  For example, if we need to share your information with other professionals for the purpose of providing our services.  However, we will not share your information without your prior consent, and then only for the purposes for which you have authorised.

We will not share or sell your personal data with or to third parties for the purpose of direct-marketing or other advertising activities.

5.    Legal disclosures

We may need to disclose your personal data if required to do so by law or by a regulatory body (e.g. a court or the Information Commissioner’s Office), of if we believe in good faith that a disclosure is reasonably necessary and proportionate.  

Before making such a disclosure we will use our reasonable endeavours to ensure that it is justified and, where lawful to do so, will notify you of a disclosure request.

6.    Change in control or sale

We may share your personal data with a third party organisation that wishes to buy or merge with our business, or if there is any material change in control, including in relation to activities preparatory to a sale, merger or change of control.

Following a sale, merger or change of control, the resulting entity may continue to use your personal data subject to the terms of this privacy statement.

Your rights

1.    Data retention

We will retain your personal data as long as necessary to supply our services.  Thereafter, we will retain your personal data for so long as we may be required by any applicable law or as reasonably necessary for evidential purposes.  

If we need to retain your personal data, we will reduce it to the amount reasonably necessary to comply with that purpose.

2.    Access to your personal data

You can ask us for a copy of your personal data at any time.  

3.    Control of your personal data

Delete data:you can ask us to erase or delete all or some of your personal data we no longer require it for the provision of our services.  However, please note that we may need to retain some or all of your data to comply with our legal obligations or for evidential purposes.

Change or correct data:you can ask us to correct your data or provide us with updates where necessary

Object to, limit or restrict use of your data:you can ask us to stop using some or all of your data or to restrict our use of your data, e.g. where we no longer need to process your personal data but you require it for evidential purposes.

Other relevant information

1.    Security

We have implemented reasonable safeguards having regard to the nature of the information that we collect and the damage that might result if it is lost, disclosed or altered or unlawfully accessed, transmitted or processed.  These measures include storing data in a secure environment managed and monitored by an industry-standard provider and encrypting data on our personal devices.

2.    Transfers outside the EEA

We do not transfer your personal data outside the EEA; our service providers store your data on servers located within the EEA.

3.    Legal basis for processing

We only collect and process your personal data where we have a lawful basis.  These include:

·      contract: where our processing is necessary for the performance of a contract with you, i.e. to provide you with our services;

·      legitimate interest: where our processing is necessary for our legitimate interests or those of a third party unless these interests are overridden by your interests or fundamental rights and freedoms, e.g. to provide you with information about our services; or

·      occupational health:where processing of special categories of personal data is necessary for the provision of our occupational health services, e.g. for the assessment of working capacity.  

·      contract with a health professional:where we process special categories of personal data in relation to a management referral it will be processed in accordance with a contract with the employer.  However, it will only be processed by or under the responsibility of a professional subject to an obligation of professional confidentiality.

4.    Contact

If you have any questions or complaints regarding this privacy statement, please contact us at enquiries@agillex.co.ukor by writing to us at:

Data Protection @ Agillex
Unit 1, Office 1, Tower Lane Business Park 
Tower Lane 
Warmley
Bristol 
BS30 8XT

If we are unable to resolve your issue, then you can contact the Information Commissioner’s Office at https://ico.org.uk/make-a-complaint/

5.    Changes

If we update this privacy statement we will publish a copy of the revised statement on our website and send you a notice drawing your attention to it.  If you object to the proposed changes then you may ask us to delete your information, which we will do subject to any legal obligations, including the fulfilment of our services or as necessary for evidential purposes.  We will assume you do not object to the revised statement if you have not objected within 30 days of its publication.