Privacy Policy - Trio Healthcare

Trio Healthcare Ltd Privacy and Cookies Statement

The privacy of our customers and website users is important to us.  This privacy statement provides information about the personal information that we collect and how we use that personal information. Note that all of the information set out below may not apply to you.  This Privacy Policy contains an overview of all the possible interactions that we may have with you and one or more may apply to you, depending on how you have interacted with us.

In using this website you are deemed to have read and agreed to the following policy.

Who is responsible for managing your information?

The Data Controller is Trio Healthcare Ltd (referred to in this policy as “we” or “us”).

A data controller, according to the applicable data protection laws, means a person who determines the purposes for which and the manner in which any personal information is to be processed.

We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. That’s why we’ve developed this privacy and cookies policy (“Policy”), which:

  • sets out the types of personal data that we collect
  • explains how and why we collect and use your personal data
  • explains when and why we will share personal data within Trio and other organisations; and
  • explains the rights and choices you have when it comes to your personal data

We ensure that the appropriate technical and contractual measures are in place to provide security of your personal information, guard against unauthorised or unlawful processing of such information and guard against accidental loss, destruction, disclosure, or damage of it.

This Policy also applies if you contact us or we contact you.

Anonymous Access

You can access our website home page and browse our site without disclosing your personal data.

Links

Our website may contain links to other websites operated by other organisations that have their own privacy policies. Please make sure you read their terms and conditions and privacy policies carefully before providing any personal data as we are not responsible for the content of these websites, their own privacy policies or for the way in which they hold and treat information about their users.  In particular, unless expressly stated, we are not agents for these sites nor are we authorised to make representations on their behalf.

Personal information that we collect

We collect the personal data that you may enter whilst you are using our service, including your name, address, email address and telephone number, social media platform.  We do not collect information about our visitors from other sources, such as public records or bodies, or private organisations.

The law on data protection specifies the different reasons a company can hold and process your personal data.  We rely on one or more of the following legal grounds when we process your personal data:

Consent

This applies when you contact us or we contact you and you provide your personal data and specifically consent to us to use that data to provide a specific service.  For example:

  • to send you information about our products and services.
  • Details of the emails and other digital communications we send to you that you open, including any links in them that you click on
  • Your feedback and contributions to customer surveys and questionnaires
  • Deal with a customer complaint you have raised with us and we need to contact for further information or send you out replacement product

When collecting your data, we will ensure it is clear to you what you are consenting to.  You have the right to withdraw consent to any processing that you have previously given consent to at any time.

We do not actively collect Special Categories of Personal Data (as defined by applicable data protection laws) (this being information relating to your race, ethnic origin, politics, religion, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life, or sexual orientation). However, we may collect this information if you actively chose to share it with us by providing it to us either through the functionality available on the website, by email or over the phone.

Contractual Obligations

This applies when you provide us with your personal data in order for us to provide you with a service.  For example, when you order a sample from us for delivery, we’ll collect your address details to deliver your items.

Legal Obligations

This is where we need to process your data in order to comply with the law.  For example, we can pass on details of individuals involved in criminal activity if requested by law enforcement.

Legitimate Interests

This is where we can use personal data to enable us to accomplish our legitimate interests as may be reasonably expected as part of running our business.  For example, we will review your call and sample history with us to ensure we are providing you with correct samples and advice.  Also, if you request a sample from us, we may contact you for feedback on the samples provided for product improvement purposes.

How long will you hold my information for?

We will only keep your data for as long as is necessary to enable us to provide our services to you or to meet our legal requirements.  Where your information is no longer required, we will ensure it is disposed of in a secure manner.  Where you request that you receive no further marketing communications from us, we will retain your details on a “deactivation list” to ensure that no further marketing communications are sent.

Other People’s Information

If you provide us with information about another person, you confirm that they have appointed you to act for them ie you are their Carer, Parent or Guardian, they consent to the processing of their personal data and that you have informed them of our identify and the purposes (as set out above) for which their personal data will be processed.  When we first speak to them, we may tell them where we have got their information from.

How and why we use personal data?

Your personal data is used to support a range of different activities.  These are listed in the table below together with the types of data used and legal bases that we rely on when processing them, including where appropriate, our legitimate interests.  Please be aware that we may process your personal data using more than one lawful basis, depending on the specific activity involved.  Please contact us if you need details about the specific legal grounds we are relying on to process your personal data where more than one ground has been set out in the table below:

 

Information

Purpose/Activity

Name and Address, email address

  • This information is essential for us to set you up in our CRM system.
  • To send your samples to you when requested via our online sample form, via our Telephone Advisor’s, via Social media or at a virtual or face to face event.
  • To send you marketing information about existing and newly developed products but only if you have given us consent.

To contact you about becoming a candidate for market research or new product evaluation trials, but only if you have given us consent.

Telephone Number

  • This information is essential for us to be able to follow up and make sure you have received samples requested.
  • To ensure that you are using samples in the correct manner.
  • To answer any queries or concerns you may have about the samples you have received.
  • To contact you about becoming a candidate for market research or new product evaluation trials, but only if you have given us consent.

To follow up with you periodically to see how you are getting on with our products and if you need any further advice or support but only if you have given your consent.

GP Details

  • This information is essential to enable us to communicate with your GP  and ostomy supplies/delivery company regarding your prescription requirements to switch over to one or more of our products.  We will only do this with your consent.  Please note, a prescription change remains at the discretion of your GP, Healthcare Professional and supplier/delivery company.

Information

Purpose/Activity

Information about specific skin conditions

  • This information enables us to safeguard against possible allergic reactions caused by the products we supply.

Surgery type/stoma condition/size/type

  • To enable us to ensure our product is suitable for you to use and we understand your condition so we provide appropriate advice and solutions and make sure the right product is provided.

Other Medical conditions

  • We don’t ask for this information unless it affects your stoma.  This information helps us to build a picture and provide you with appropriate advice and solutions.

Hospital and Nurse Information

  • We may ask for this information so we can contact your nurse and train or provide products for patient use.

DAC/Pharmacy Information

  • We ask for this information as it helps us to analyse where sales of our products are coming from.

Prescription Details

  • We ask for this information as it allows our Telephone Advisor’s to schedule in their next call with you to check that your prescription has been switched over.

 Collection and storage of data analytics

  • This information enables us to improve the performance of our website.
  • Allows us to define type of ostomate who is visiting our website and ensure our website content is up to date and contains relevant product information to meet needs of Ostomate
  • Enables us to monitor customer relationships and experiences
  • Enables us to carry out market research, statistical and survey purposes

Who do we share this information with?

We share your personal information with the following external third parties:

  • Service providers based who provide IT systems and software, and to host our website;
  • Third party service providers that we engage to deliver the goods you have ordered.  We only use reputable service providers ie Royal Mail, Parcel Force;
  • Analytics and search engine providers that assist us in the improvement and optimisation of our website;
  • HM Revenue & Customs, regulators and other authorities based in the United Kingdom
  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If Trio Healthcare Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply or terms of use and other agreements, or to protect the rights, property, or safety of Trio Healthcare Ltd, our customers, or others.
  • Disclose information about you as required by law, to enforce this Agreement and to preserve our rights.
  • Third Party links:  the website may include links to third-party websites, plug-ins and applications.  Clicking on those links or enabling those connections may allow third parties to collect or share your personal information.  We do not control these third-party websites and are not responsible for their privacy statements.  We encourage you to read the privacy policy of every website you visit.

Protection of Information

We are committed to ensuring that your information is secure.  In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information that we collect.  For example:

  • We limit employee access to customer information to only those who have a business reason to know this information
  • We maintain policies and procedures covering the physical security of workplaces and records to ensure no improper use or disclosure of information, no unauthorised modification of personal data and no unlawful destruction or accidental loss of personal data.
  • We use technological means such as a secure cloud based server, virus detection software, encryption, firewalls and SSL technology to protect against unauthorised access or alternations to customer data.

All of our employees and data processors, who have access to, and are associated with the processing of personal data, are required to respect the confidentiality of our customers’ personal data.

Whilst we take appropriate technical and organisational measures to safeguard your personal data, please note that we cannot guarantee the security of any personal data that you transfer over the internet to us.

Marketing and market research

This section explains the choices you have when it comes to receiving marketing communications and taking part in market research.

We will send you details regarding the following:

  • Product information
  • Event Information
  • Newsletter

but only if you have previously agreed to receive these marketing communications. When you register with us we will ask if you would like to receive marketing communications, and you can change your marketing choices online, over the phone or in writing at any time.

Cookies and similar technologies

We use cookies and similar technologies, such as tags and pixels (“Cookies”), to personalise and improve your customer experience as you use our websites and to provide you with relevant . This section provides more information about Cookies, including how we use them and how you can exercise your choices about our use of Cookies.

How we use Cookies

Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device.

Cookies help us to provide important features and functionality on our websites and Mobile Apps, and we use them to improve your customer experience. For example, we use Cookies to do the following:

Improve the way our website works

Cookies allow us to improve the way our website works so that we can personalise your experience and allow you to use many of their useful features.

Improve the performance of our website

Cookies can help us to understand how our website is being used, for example, by telling us if you get an error messages as you browse.

These Cookies collect data that is mostly aggregated and anonymous.

Measuring the effectiveness of our marketing communications

We also use Cookies to measure the effectiveness of our marketing communications, for example by telling us if you have opened a marketing email that we have sent you.

Your choices when it comes to Cookies

You can use your browser settings to accept or reject new Cookies and to delete existing Cookies. You can also set your browser to notify you each time new Cookies are placed on your computer or other device. You can find more detailed information about how you can manage Cookies at the All About Cookies and Your Online Choices websites.

If you choose to disable some or all Cookies, you may not be able to make full use of our Websites. For example, you may not be able to use any of our products and services that require you to sign in.

Where we display personalised adverts on other organisations’ websites, the AdChoices icon will usually be displayed. Clicking on this icon will provide you with specific guidance on how to control your online advertising preferences. More information is available on the YourAdChoices website.

Your rights

You have the following rights in relation to your personal data:

Right to be informed:  Know how we use your data – which is provided to you within this privacy notice.

Access request: (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information held about you and to check that we are lawfully processing it.  This information will be provided within 1 month of receipt of the request.  Occasionally it may take us longer than a month if the request is particularly complex or a number of requests have been made.”

To request correction of the personal information that we hold. This enables the correction of any incomplete or inaccurate information we hold, though we may need to verify the accuracy of the new information provided to us.

To request erasure of personal information. This enables the deletion or removal personal information where there is no good reason for us continuing to process it. A request can also be made for deletion or removal of personal information where the right to object to processing has been successfully exercised (see below), where we may have processed information unlawfully or where we are required to erase personal information to comply with local law. Note, however, that we may not always be able to comply with requests of erasure for specific legal reasons with notification of this given, if applicable, at the time of any request.

To object to processing of personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process information which override your rights and freedoms.

To request restriction of processing of personal information. This enables a request to be made to us to suspend the processing of personal information in the following scenarios: (a) if you want us to establish the information’s accuracy; (b) where our use of the information is unlawful but you do not want us to erase it; (c) where you need us to hold the information even if we no longer require it because it is needed to establish, exercise or defend legal claims; or (d) you objected to use of the information but we need to verify whether we have overriding legitimate grounds to use it.

To request the transfer of personal information back to whom it belongs or to a third party. We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which we were given consent to use or where we used the information to perform a contract with you.

To withdraw consent at any time where we are relying on consent to process personal information. However, this will not affect the lawfulness of any processing carried out before the withdrawal of consent. If consent is withdrawn, we may not be able to provide certain products or services. We advise if this is the case at the time of the withdrawal of consent.

If you wish to exercise any of these rights then please contact us by using the details provided under the ‘How to contact us’ section below.

There is no fee to access personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if a request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with a request in these circumstances.

We may need to request specific information to help us confirm your identity when making the request and ensure your right to access the personal information (or to exercise any of the other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask for further information in relation to the request to speed up our response.

How to contact us

Please send any questions, comments or requests for information to our Data Protection Officer, Alison Whittaker, Group HR Director careline@triohealthcare.co.uk.  Trio Healthcare Ltd, 1st Floor, 1 Canute Place, Knutsford, Cheshire. WA16 6BQ. UK

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.  Details of how to contact the ICO can be found on their website: www.ico-org.uk.

We reserve the right to change the policy at any time, so please check back regularly to keep informed of updates to this Policy.