PRIVACY POLICY NOTICE
This privacy policy notice is served by Hyperdive Ltd. under the website www.hyperdive.co.uk. We take data protection seriously and are committed to respecting and protecting your personal data.
​
The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use this website. If you do not agree to the following policy you may wish to cease viewing/using this website, and/or refrain from submitting your personal data to us.
​
This privacy policy may change from time to time; if it does, the up-to-date version will be available on our website, and becomes effective immediately.
​
Policy key definitions:
​
-
"I", "our", "us", or "we" refer to the business, Hyperdive Ltd.
-
"you", "the user" refer to the person(s) using this website
-
GDPR means General Data Protection Regulation
-
ICO means Information Commissioner's Office
-
Cookies mean small files stored on a user’s computer or device
​
We are registered with the ICO under the Data Protection Register. Our registration number is ZA506146. The Data Protection Officer is Dr Oliver Firth, who can be contacted via the website.
​
Key principles of GDPR:
​
Our privacy policy embodies the following key principles:
​
-
Lawfulness, fairness and transparency
-
Purpose limitation
-
Data minimisation
-
Accuracy
-
Storage limitation
-
Integrity and confidence
-
Accountability
​
Personal data we collect:
​
Hyperdive Ltd. aims to provide you with the best possible service. To do this we must keep records about you, your health and the care we have provided, as well as details on how to contact you. These may be stored in paper or electronic form. This information forms your medical record, which includes personal data. Personal data is any data that could identify you as an individual. This may be given through an enquiry as a potential customer, or through your interaction as a registered patient. Personal data may be provided by a telephone call, email or on completing a form.
​
Personal data you give to us may include (but is not limited to):
​
-
your name and title
-
contact information, eg. telephone number, email and postal address
-
photographic identification
-
the content of any enquiry submitted via our website
-
web usage information, eg. IP address
​
How we use your personal data:
​
Everything we do with your personal data counts as “processing” it, including collecting, storing, amending, transferring and deleting it. Under the GDPR we control and/or process any personal information about you electronically using the following lawful bases: consent and legitimate interest. If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
​
We may use the data you provide to:
​
-
communicate with you, eg. using contact details such as the email address or phone number supplied by you via online forms
-
communicate with other appropriate medical professionals, eg. when seeking advice or opinions from relevant consultants or specialists
-
operate our business more effectively, eg. by asking you for feedback to help us improve our service
​
We will not sell or distribute your information to third parties, unless we have your permission, or we are under a legal obligation to do so.
​
How we keep your personal data secure:
​
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard your personal data. These include:
​
-
access limited to those with a genuine and demonstrable need, which for the vast majority of the time is just the doctor;
-
secure storage of all records – those in paper form are kept in locked cabinets, whilst electronic records are password protected on a firewalled server which is automatically backed up to two separate physical locations for redundancy;
-
industry standard anti-virus software on all computers with access to records.
​
Policies and procedures are in place to deal with any suspected data breach so that any loss of data, or consequential damage, is minimised.
​
How long we keep personal data:
​
Current legislation requires retention of medical records for a minimum of seven years. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We will not store your information for longer than is reasonably necessary or required by law.
​
Your information will be kept securely at all times and at the end of the retention period, your files and personal data will be permanently deleted or destroyed.
​
Cookies policy:
​
Cookies are small files that contain information about browsing activity. When you visit a website, your device automatically stores a cookie to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, and to display relevant content. This enables the website to respond more efficiently on subsequent visits. Some cookies are required to enjoy and use the full functionality of this website.
​
In using our website you consent to use of cookies. The cookies are then used by our server to provide enhanced browsing on returning to the site. You can determine whether we use cookies, and these configurations may be changed in your browser menu. If you do not wish us to store cookies, you can browse in an incognito mode.
​
We use analytical cookies to track website traffic using reports from Google Analytics. This software collects and analyses the information automatically to help us improve our website. If you wish to find out more about how this information is used, please visit here: Google Analytics Help.
​
Your individual rights:
​
Under the GDPR you have a number of important rights, which include the following:
​
-
the right to be informed – we are required to inform you why we want to gather your personal information, what we will do with it, who it will be shared with and how long it will be kept for. This information is set out in this privacy notice, but if you require any further clarification please don’t hesitate to contact us
-
the right of access – you are entitled to request a copy of the information which we hold about you (this is known as a ‘subject access request’). If you would like a copy of some or all of this information please contact us with proof of your identity and let us know what information you would like. We must provide this information to you in a commonly used and machine-readable format.
-
the right to rectification – you can require us to correct any mistakes in the information we hold. Please contact us to let us know what data is incorrect and what to replace it with.
-
the right to erasure – you can ask us to delete or destroy all the personal data we hold, where there is no compelling reason for us to continue processing it.
-
the right to restrict processing - you can ask us to suspend the processing of your personal data in certain circumstances. For example, if you have notified us there is a mistake in the information we hold about you, you may ask us to suspend processing until that mistake is rectified.
-
the right to data portability – you are entitled to request the transfer of your personal data to you or to a third party.
-
the right to object – you may object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts your fundamental rights and freedoms.
​
You can read more about your rights in detail here.
​
Questions or complaints:
​
If you have any questions or concerns about anything within this policy, please in the first instance contact the Data Protection Officer (Dr Oliver Firth) by using the contact form on our website.
​
However, if you feel there is a problem with the way in which we are handling your data, you also have the right to lodge a complaint with the ICO via their website.