TEL: 01452 222 480
E: connect@thehygrove.com

Privacy Policy

Privacy Policy

The Hygrove Privacy Policy – Version 1.0 22/05/2018

1. Privacy Policy

Policy Statement

Please read this Privacy Policy carefully as it describes The Hygrove’s collection, use, disclosure, retention and protection of your personal information. This Policy applies to any website, application or service which references this Privacy Policy.

About this Policy

The Hygrove takes the privacy of its Members and that of people that make enquiries, very seriously and is committed to protecting personal information. This Privacy Policy sets out the way in which any personal information you may provide to us is used and kept secure by The Hygrove. It applies whenever we collect your personal data (including when you use our website), so please read it carefully.

This policy does not apply to our employees nor does it form part of any The Hygrove Employee’s contract of employment and may be amended at any time.

2. Definitions

Information

Means information or data (including critical business information) which is stored electronically, on a computer or authorised device (such as mobile phones), or in paper-based filing systems / locations.

Personal Data

Means any data relating to an identified or identifiable living individual who can be identified from that data (or from that data and other information in our possession). Personal data can be factual (for example, a name, address, date of birth, member number, location data), or it can be an opinion about that person, their actions and behaviour.

Data Protection Legislation

Means the General Data Protection Regulations (EU) 2016/679 (“GDPR”), unless and until GDPR is no longer directly applicable in the UK, the GDPR and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then any successor legislation to the GDPR or the Data Protection Act 1998

Data Subjects

Means all the identified or identifiable living individual to whom the personal data relates. A data subject need not be a UK national or resident. All data subjects have legal rights in relation to their personal information.

Data Subject Rights

Means the Data Subjects rights to be informed of the data being held about them, have access to the data (known as a Subject Access Request), ability to be able to rectify the data, to be forgotten – have that data erased, to restrict processing of the data (the data can be stored but not processed), to be able to have the data transfer easily between IT environments (portability), to be able to object to certain processing aspects (such as marketing), as well as rights relating to automated decision making and profiling.

Processing

Means any activity that involves the use of the data. It includes collection, recording, structuring or storage of the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring Personal Data to third parties.

Cookies

A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. The cookie allows the website to “remember” your actions or preferences over time. Most Internet browsers support cookies; however, users can set their browsers to decline certain types of cookies or specific cookies. Further, users can delete cookies at any time.

3. About The Hygrove Limited

Who we are

This Privacy Policy applies to all the services offered by The Hygrove Limited (a company incorporated in England with company registration number 08874936) whose registered office address is Hygrove House, Main Road, Minsterworth, Gloucester GL2 8JG.

If you have any questions

If you have any questions about this privacy notice, please contact our Data Protection Officer (DPO) by email – connect@thehygrove.com

4. Information we collect

What information do we collect and why?

We collect different information depending on what your relationship is with us, the services you purchase or use, or your contracts with us. We need to tell you what we use your information for and the legal grounds we have to use this information.

In broad terms, we use your data for the following purposes:

  • to administer and provide services for our Members and to provide potential customers with information about services they have expressed an interest in
  • to perform services that we are contracted to deliver
  • for fraud screening and prevention purposes
  • for record keeping purposes e.g. financial records
  • to track your activity on our websites
  • where you have a legitimate interest, for marketing purposes

When you interact with our websites, we may also automatically collect the following information about your visit. This is primarily to help us better understand how our website visitors use our digital platforms to inform our marketing, enable us to create a better user experience or content and create more relevant communications:

  • how you have reached our website or digital platform and the IP (internet protocol) address used
  • your browser type, versions and plug-ins, and your operating system
  • your journey through our website, including which links you click on and any searches you made, how long you stayed on a page, and other page interaction information which may enhance user experience.

5. How we use your data

Members

What information is collected What is it used for What is the legal basis for processing the data
• Member contacts

• Invoicing details

• Member addiction details and medical records
• Members’ family or employer details (as appropriate)

• To provide contracted services to the Member.

• To provide information to our Members and where appropriate their family or employers.

• Performance of a Contract. To allow us to complete the performance of our contract with you, we require you to provide the stated information (or access to the information).
• Legitimate Interest to Connect with you. For the duration of your Membership plus 6 months, we will send you marketing information that we think will be of interest to you as we consider this to be in your legitimate interest. You can of course unsubscribe at any point.
• Opt-in. Where you opt in to receive marketing from us, we will send you information that we think will be of interest to you, for a period of 3 years before needing to ask you to re-subscribe. You can of course unsubscribe at any point.

Prospective Customers

What information is collected What is it used for What is the legal basis for processing the data
• Enquirer contacts

• Enquirer addiction details

• Enquirers’ family or employer details (as appropriate)

• To respond to the enquiry and provide any information required to fulfil the initial query and any subsequent queries. • Legitimate Interest to Connect with you. It is in the legitimate interests of a person or organisation enquiring that we are able to contact them to provide them with the information necessary to satisfy their enquiry.

• Where you opt in to receive marketing from us, we will send you information that we think will be of interest to you, for a period of 3 years before needing to ask you to re-subscribe. You can of course unsubscribe at any point.

Referrers

What information is collected What is it used for What is the legal basis for processing the data
• Referrer contacts

• Bank details where we are paying a referral fee

• To provide contracted services to the referrer (where a contract exists).

• To provide information to our referrers, regarding our services and events.
• To pay a referral fee when a Member is referred to us and commences treatment.

• Performance of a Contract (where one exists). To allow us to complete the performance of our contract with you, we require you to provide the stated information (or access to the information).

• Legitimate Interest. We may send you marketing information that we think will be of interest to you as we consider this to be in your legitimate interest. You can of course unsubscribe at any point.

• Opt-in. Where you opt in to receive marketing from us, we will send you information that we think will be of interest to you, for a period of 3 years before needing to ask you to re-subscribe. You can of course unsubscribe at any point.

Suppliers

What information is collected What is it used for What is the legal basis for processing the data
• Supplier contacts

• Invoicing details

• Service level agreements and capabilities.

• To be able to place work with and direct work to the supplier, to enable The Hygrove to meet its contractual obligations with customers and provide the best possible service and experience to contacts at these customers.

• To be able to pay for services delivered by the supplier.

• Performance of a Contract. To allow us to complete the performance of our contract with our customer we require the supplier to provide the stated information (or access to the information).

 

Monitoring

We may monitor or record telephone calls for training, monitoring and evidence purposes and to improve the quality of services that we provide to you. We also use CCTV at Hygrove House for the safety and security of our Members and Employees. Recordings from this CCTV are held for 28 days.

Additional Information

We may collect additional information as we develop new systems and services. This policy will be updated with the details if this is the case as outlined in section 11 of this policy.

6. Cookies

What cookies we use

We primarily use cookies on our website known as performance cookies. The Hygrove do not use tracking cookies.

Performance Cookies

Cookie Type What personal information is collected? What is it used for? Further information
Google Analytics • No personal data is collected • To collect anonymous information about how visitors use our website and those of other businesses in our Group

• We use the information to compile analytical reports which help us improve our website/s

• The cookies collect information such as the number of visitors to our website, how they arrived there (e.g. directly from the internet or through linking from another website) and tracking which webpages they visited.

• Persistent cookies

• Examples of such cookie names are: _utma _ga

• Google privacy details can be found here

You Tube • IP address and location • We may embed YouTube videos onto our websites, YouTube will then track your usage of the video, how long you watch it for, your IP address and location. • Session cookies – The Hygrove do not retain or use this information

• YouTube privacy details can be found here

Of course, you can also visit our website without accepting cookies. If you do not want your computer to be recognised the next time you visit, you may also decline to use cookies by changing the settings in your browser to “decline cookies”.

The respective procedure can be found in the operating instructions of your respective browser. If you refuse the use of cookies, however, this may lead to restrictions in the use of some areas of our websites.
Social Media Plugins

Our website uses so-called “social plugins”. Currently these are the plugins of the services Twitter, Facebook, Linkedin and Instagram. We ourselves do not collect personal data by means of social plugins or their use. Only when you actively click on one of the social plugins, can data be transmitted to the service provider and stored there.

7. Sharing Your Information

Who we share your data with

To provide our services to you or to otherwise fulfil contractual arrangements that we have with you, we may need to appoint other organisations to carry out some of the data processing activities on our behalf.

These may include for example, your doctor or medical advisor, your local NHS Trust, your family members or employers (where you indicate you wish us to), your insurance company (where applicable), freelance counsellors and therapists, event organisations or travel companies, the Care Quality Commission, companies who assist us with our marketing and other suppliers. They only use the information to provide their services to us.

We only give them the information that they need. We always keep control of your data and our suppliers must act in accordance with our instructions.

In some circumstances, we may also have to disclose your personal information by law, because a court or the police or other law enforcement agency has requested it.

Criteria for sharing your data

We only share your data with third parties if:

  • They have a need to know the information for the purposes of providing the contracted services;
  • Sharing your Personal Data complies with this Privacy Policy and, if required, the Data Subject’s consent has been obtained;
  • The third party has agreed to comply with the required data security standards, policies and procedures and put adequate security measures in place;
  • The transfer complies with any applicable cross border transfer restrictions; and
  • Where an appropriate written contract or agreement that contains data protection clauses has been agreed.

8. Record Keeping

How we record the data we hold

We are required to keep full and accurate records of all our Data Processing activities.

9. Your Choices, Obligations and Rights

How long we keep your data for

We only hold your personal information for as long as is necessary to provide services to you unless there is a requirement to hold that information for a longer period – for example where we are subject to a statutory obligation to keep hold of your information e.g. financial records.

To be able to fulfil our contractual and service obligations with our Members we retain your information for the duration of your membership plus 6 months, in case you should have any queries or service requirements.

If there is a possibility that you may have a legal claim against us or you have made a complaint against us, then we will hold your information for the duration of any statutory limitation period associated with the claim.

All our Marketing emails have an unsubscribe option clearly visible and you can also unsubscribe at any time by emailing us using connect@thehygrove.com

Security of your data

The Hygrove are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure we have put in place robust physical, electronic and managerial procedures to safeguard and secure the information we collect.

If at any point you become aware of a security incident or you have reason to suspect that your data may have been compromised (e.g. you receive a suspicious communication about you), please forward the communication to us or report the incident by email to connect@thehygrove.com

If you have been the victim of a fraudulent transaction (or that you have reason to suspect that you may have done) whether or not this relates to your dealings with The Hygrove you should always contact the police and/or your bank in the first instance to ensure your own finances are secure.

More about your information – your rights

You may request a correction or update your personal information at any time by emailing us at connect@thehygrove.com

Please include your name, address and email address when you contact us as this helps us to ensure that we accept amendments only from the correct person and can contact you to verify your identity should this be necessary. We encourage you to promptly update your personal information if it changes and we will action any such requests as quickly as we reasonably can.

We will securely retain your information for as long as is reasonably necessary and in accordance with law applicable at the time. If you wish to submit a request that your data be deleted, please email us using connect@thehygrove.com

You have the right to receive a copy of the personal information that we hold about you. Please email us using connect@thehygrove.com if you wish to exercise this right.

If you receive Marketing information from us, you can of course change your mind and unsubscribe by contacting us at any point using connect@thehygrove.com

10. Complaints

Complaints to the Regulator

If you do not think that we have processed your data in accordance with this notice, please contact us by email using connect@thehygrove.com

If you are not satisfied with our response, you can refer the matter to the Information Commissioner’s Office. Information about how to do this is available on their website at www.ico.org.uk

11. Changes to this Policy

Notification of Changes

The Hygrove Limited reserve the right to change this policy at any time. Where appropriate, BookCheck will notify Data Subjects of those changes in writing (letter or email). An up-to-date copy of this Policy will always be held on our website www.thehygrove.com .

Each revised copy will have a version number and date on it. You can also request an up-to-date version by emailing us using connect@thehygrove.com

GET IN TOUCH

TEL: 07592 580180

E: CONNECT@THEHYGROVE.COM