Who we are
Our website address is: https://marthaenglish.com
When we refer to ‘we’, ‘us’ and ‘our’, we mean Martha English
What personal data we collect and why we collect it
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Who we share your data with
Martha English fully appreciates the importance of protecting and managing your data and maintaining your privacy. To ensure that we comply with these requirements all our data management and clinical processes fully recognise the data protection law in force in the UK (e.g. the Data Protection Act 1998 and from 25th May 2018, the Data Protection Act 2018 which includes relevant Articles from the EU General Data Protection Regulation (GDPR)
Please read the following information carefully to understand how we process your personal data.
For the purpose of the Data Protection Laws, the Data Controller is Martha English, whose address is 99 Albury Rd, RH1 3LP.
Use of Your Personal Information
This privacy notice explains why we collect information about you and how that information may be used.
Our health care professionals who provide you with our services maintain records about your health and any treatment or care you have received previously. These records help to provide our clients with the best possible healthcare.
Your records may exist is several formats including electronic, paper or a mixture of both, and we deploy many working organisations and approaches to ensure that such information is maintained within a confidential and secure environment. The records which we could hold about you may include the following information: –
• Personal details relating to you, including your address and contact details, carer, legal representative and parents’ emergency contact details
• Any contact we have had or intend to have with you such as appointments, clinic or surgery visits, home visits, etc.
• Notes and reports about your health which is deemed to be of a sensitive nature
• Details about your referral, diagnostics procedures, treatment and care
• Results of any additional relevant investigations
• Relevant information from other health professionals, relatives or those who care for you To ensure you receive the highest levels of care, your records will be used to facilitate the care that we provide. Anonymised information held about could, on occasions, be used to help protect the health and wellbeing of the general public and to help us manage our contracts with commissioners. Information could also be used within our organisation for the purposes of clinical audits which in turn will provide monitoring of the quality of the services we provide. Some of this information will be used for statistical purposes and we will ensure that individuals cannot be identified. For situations where we may contribute to research projects, we will always gain your explicit consent before releasing any relevant information.
Maintaining the Confidentiality of Your Records
We will take all possible care to protect your privacy and will only use information collected with the law including: –
• Data Protection Act 2018 including GDPR
• Human Rights Act 1998
• Common Law Duty of Confidentiality
• Health and Social Care Act 2012
• Codes of Confidentiality, Information Security and Records Management
Our staff are all trained and briefed in data protection principles and understand they have a legal obligation to keep information about you confidential. They also understand that information about you will only be shared with other parties if there is an agreed need to do so or a legal reason. We will only share your data without your permission if there are very exceptional circumstances (i.e. life or death situations), where the law requires information to be passed on and / or in accordance with the Caldicot Principle 7 e.g. to share or not to share. This means that health and social care professionals should have the confidence to share information in the best interests of their patients within the framework set out by the Caldicott Principles. Whilst the Caldicott Principles were originally developed for NHS purposes, we have adopted the underlying principles in order to align with best practice.
All personal information that we manage is stored within the UK within a secure environment and we always use suitably protected methods and systems to transfer your personal information. Legal Basis for Processing – Our legal basis for processing your data relies on certain conditions set out GDPR Article 6e.g. 6.1 (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; As we will also manage sensitive data our legal basis for processing this is included in Article 9 e.g. 9.2 (h) processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3; (see GDPR Article 9.3) Partner Organisations – It may be possible that we will share your information with other organisations, if this is required, we will apply very strong controls.
The current organisations who we share data with includes: –
• Clinical Commissioning Groups It is noted that the above list is not exhaustive, and we may contract with other external organisations to undertake processing of your personal information. These 3rd party organisations will abide with our stringent contractual conditions regarding the protection of personal data. In some cases, you will be requested to provide positive consent if we intend to share your personal details with other organisations Access to Personal Information and Your Rights – You have a right under the Data 2018, to request access to view or to obtain a copy of what information the organisation holds about you and to have it modified should it be inaccurate.
The process to access your records is known as a Subject Access Request (SAR) and the way it works is outlined below: –
• Your SARs request must be made in writing to the organisation’s IG Lead at the address shown above or by email to SARs@marthaenglish.com
• The latest regulations state that there is no charge to have a copy of your electronic or paper information, unless the request is repetitive.
• The request will be reviewed and if possible, completed within one calendar month (subject to our possible requests for further clarification for you)
• You will need to provide adequate proof of your identity before we will release the requested details (e.g. full name, address, date of birth, NHS number and details of your request), you must also provide two forms of identification In addition to the right of access, under the Data Protection Act 2018, you will also have the following rights: –
• Erasure, which is the right to request that your personal data is removed from our systems be they paper or electronic – please note that under certain circumstances we are legal obliged to maintain a copy of your data for contractual and or statutory reasons
• Restriction of processing, this is the right for you to request that we only process certain parts of your data
• Objection – you have the right to object to the way that we are processing your data
• data portability – this concerns the right to request that we provide a copy of your data in an easily transportable format.
• Automatic processing – you have the right to object to the way we automatically process data – in the case of our organisation we do not, at present, carry out automatic processing of your data
• If you have provided us with your consent to process your data for the purpose of providing our services, you have the right to withdraw this at any time. In order to do this should contact us by emailing or writing to the organisation. Retention of your data – Your data will be retained for no longer than is absolutely necessary and in accordance with our Documentation Management Lifecycle Policy and the associated Schedule of Retention
The Data Protection Act 2018 requires organisations that control data to register with the Information Commissioners Office (ICO) website www.ico.org.uk The organisation is registered with the ICO as a Data Controller under the Data Protection Act 1998. The registration number is ZA568361 and can be viewed online in the public register at https://ico.org.uk
Should you have any concerns about how your information is managed by the Organisation please contact us at: – Martha English, 99 Albury Rd, RH1 3LP
If you are still unhappy following a review by the Organisation you can then complain to the Information Commissioners Office (ICO) via their website www.ico.org.uk or in writing to: –
Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF If you are happy for your data to be used for the purposes described in this Privacy Notice, then you do not need to do anything. If you have any concerns about how your data is shared, then please contact us.