Sensium Healthcare Ltd collects various kinds of personal data in the day-to-day running of our business and it is our aim to uphold the absolute highest standards when handling your personal information. For the purposes of this policy we are a “Data Controller”, which means we are in a position to make decisions about the processing of data we hold about you, the “Data Subject”. This is our Privacy Statement for online users: those who visit our website and those we correspond with via email.

Our Approach to the GDPR

We follow the principles of the General Data Protection Regulation (GDPR), under which the law requires us to process data fairly; for specified purposes; limited to what is necessary and for as long as necessary; and to ensure data is accurate and secure.

We consider good data protection to be crucial in building positive working relationships, so we never collect data or process any data in a manner which we think would surprise people, and hope to exceed expectations in transparency about our data processing.

We always carefully consider our legal bases for processing under the GDPR for every single item of data we collect, and we make every effort to only process data when we absolutely must to comply with our legal and contractual obligations, and when we are satisfied that it is necessary for our business to function.

We take measures to keep data secure and protect against unauthorised access, and we take particular care before collecting and holding any data that could adversely affect your rights and freedoms or cause you loss or other damage.

 

General Web Users

When you visit a Sensium web page, we use cookies on your device to capture unique identifiers and session data to enable analytics, so we can monitor how people use our sites and work to improve our web presence.

The cookies we use are:

_gid (to distinguish pages visited)

_ga (to distinguish unique users)

_gat (to throttle request rates)

We process this data for our legitimate interest in operating an effective website and marketing suitable products and services to customers or potential customers.

We do not collect or use any other information about your web use to profile or track you.

Google Analytics data is also transferred to Google for processing at one of its data centres in the US, Europe, Singapore and Taiwan. Google does not use this personal data for any other purpose and anonymises user data to run its own analytics. To read more about Google’s use of data click here.

 

Mailing List

When users sign up to one of our mailing lists we only record the information that they input into the form.

We use this information to market suitable services to our clients or potential clients, and do so on the basis of legitimate interest.

 

Email Correspondence

We process names and contact details from emails, together with any other Personal Data provided, for the purposes of our legitimate interest of entering into business correspondence with clients and/or service users, and to maintain adequate records of our correspondence with anyone who we may communicate.

Those who email us should refrain from sharing the personal details of others without that person’s permission, and any such information shall be processed under Article 14.5 of the GDPR, absolving our obligation to contact every Data Subject mentioned to us due to the disproportionate effort required.

 

Who do we share this information with?

We only transfer Personal Data we control to third-party Processors for specified purposes, under strict instructions and with the assurance that appropriate measures are in place to protect your information. Our third-party processors include:

We may share your personal information with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal information with a regulator or to otherwise comply with the law.

We will not transfer your personal information outside the EU.

We will never share the personal data of our contacts with any marketing organisation or any other third party not outlined above. If this ever changes we will seek the express consent of the Data Subjects concerned.

 

How long do we keep this information?

We retain Personal Data in compliance with our Retention Policy and Schedule – for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Our Retention Policy & Schedule is available by contacting dataprotection@sensium.co.uk.

We retain and process personal data for which we have your consent unless and until you chose to withdraw your consent.

 

How do we keep this information secure?

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

What rights do you have?

Data Subjects are entitled to request that we erase, restrict, rectify or provide you with a copy of the data we hold, and may object to processing activities.

If we process Personal Data on the basis of Consent, the Data Subject may withdraw their Consent in respect of the particular processing activity at any time.

It is our policy to fulfil any such request within the statutory period of one month unless there is a compelling legal or contractual obligation which prevents us from doing so.

To make any such request please contact our officer responsible for data protection at dataprotection@sensium.co.uk.

You also have the right to lodge a complaint with the UK’s data regulator, the Information Commissioner’s Office. Visit www.ico.org for more information.

 

Our contact information

Sensium Healthcare Limited

115 Olympic Avenue
Building 3
Milton Park
Abingdon
Oxford
OX14 4SA

+44 (0) 1235 438950