The Collaborating Centre for Values Based Practice in Health and Social Care (The Collaborating Centre) is the controller for the personal information that we process, unless otherwise stated. The controller can be contacted by the following methods:
Data Controller’s Contact Details
The Collaborating Centre for Values Based Practice in Health and Social Care
St Catherine’s College
Oxford OX1 3UJ
For general contact please use the contact us page of our website.
Data Protection Officer
Our Data Protection Officer is Matthew Ellacott. You can contact them at email@example.com or via our postal address.
What is Personal Data
“Personal data” is information relating to you as a living, identifiable individual.
Data protection law requires The Collaborating Centre as data controller for your data to process your data in a specific lawful, fair and transparent way:
- To only collect your data for explicit and legitimate purposes;
- To only collect data that is relevant, and limited to the purpose(s) we have told you about;
- To ensure that your data is accurate and up to date;
- To ensure that your data is only kept as long as necessary for the purpose(s) we have told you about.
- To ensure that appropriate security measures are used to protect your data.
The Personal Data that we process
The Collaborating Centre will only collect Personal Data from you when you voluntarily provide this information. For example, this may include, but not limited to, your name, address, email address, postcode, telephone number. We also hold or process Personal Data when you contact us or send us information without The Collaborating Centre asking for it.
We may also hold and use Personal Data only for the specific reason it was supplied.
In some cases, the data that you provide will be a necessity for our relationship or arrangements with you. Not providing the data may place limitations or restrictions on our ability to take actions that you might request.
How we will process your Personal Data
The majority of the Personal Data that we process is provided to us for one of the following lawful purposes:
- You have contacted us by email, post or via our website
- You have registered for, attended or wish to attend an event run by us
- You have requested to be added to our mailing list
- You are a project partner and have submitted a profile to include on our website
- You have submitted an enquiry or comment to our website
- You are representing your organisation
- You have submitted a paper or other material for inclusion on our website and/or social media
- You have requested an announcement to our mailing list and/or Social Media
- You have participated in a recorded webinar, video, audio recording or podcast for inclusion on our website and/or Social Media
- You have a business relationship with us or it is necessary for the performance of contractual arrangements
- To meet legal obligations
- To meet our legitimate interests that are not overridden by your fundamental rights
We may also receive personal information indirectly circumstances may include:
- We have a business relationship
- The information has been supplied without us asking for it
- We have generated the information from information that you have supplied
- Website Functionality such as user preferences
- To gather analytical data on website visitors
We do not process Special Category Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade‐union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Your express written consent is required to process Special Category Data, and should we request this in the future, you may withdraw your consent at any time.
We will not share your personal data with other Data Controllers without your permission.
We will not transfer your data outside of the United Kingdom or European Union. We will obtain your consent before transferring your data outside the United Kingdom or European Union in the future, and will update this policy in accordance with prevailing United Kingdom Data Protection law and guidance.
Sharing Data and Third Parties
We will never sell or pass on your data to another party with the exception of the following circumstances:
- When you agree to us sharing your information.
- For specific purposes that we have told you about in advance
- To respond to specific issues that you raise
- Compliance with a legal or regulatory obligation, to protect our own rights or those of a third party.
- When making a claim in relation to our Public Liability Insurance
- We may use third parties and other partners to provide services such as online meetings, web hosting services, and social media. These organisations will act in accordance with their own Data Policies.
Organisations that we use include:
Zoom Inc. – https://zoom.us/privacy
Facebook Inc. – https://www.facebook.com/policy.php
Twitter Inc. – https://twitter.com/en/privacy
Mailchimp – https://mailchimp.com/legal/privacy/
Libib – https://www.libib.com/privacy-policy
Siteground Limited – https://www.siteground.com/viewtos/privacy_policy
How long we keep your data
We will not keep the data that you supply to us any longer than necessary for the purpose for which it was supplied. We will also regularly review the data that we hold to ensure that it is up to date and continues to be held for a fair and lawful purpose.
Your data rights
Data subjects have the following rights relating to their personal data.
The right of access. – You have the right to ask us for copies of your personal information.
The right to rectification – You have the right to ask us to correct any information that you think is inaccurate or incomplete
The right to erasure – You can ask us to erase personal information in certain circumstances
The right to restrict processing – You have the right to ask us to restrict the processing of your data
The right to object to processing – You may object to the processing of your data
The right to data portability – You have the right to ask that we transfer your information or to you or to another data controller.
You may tell us that you wish to exercise your rights at any time by contacting the Data Protection Officer. We may have the right to say no, where processing of data is required to meet legal requirements or other fair, proportionate and legal uses. In all cases we will reply to you within one month to tell you the action that will be taken. We will not normally charge a fee for this unless we reasonably believe that the request is unreasonable or excessive. In such cases we have the right to charge an administration fee.
For further details on your data protection rights please visit the Information Commissioner’s Website: https://ico.org.uk/your-data-matters/
You have the right to complain to the UK’s supervisory office for data protection, the Information Commissioner’s Office if you believe that your data has been processed unlawfully. Further details can be obtained from: https://ico.org.uk/
Review of this policy
We may update or change this policy from time to time to meet changes in law, regulation, technology or our use of data. Where a material change is made, we give two month’s notice on our website unless this is subject to shorter notice legal or regulatory changes.
This policy will be reviewed at least annually.