(“GDPR”) and enable Audiology Planet, which is a Trading name for Ace India Limited (“We” or “Us”) to use the personal information about you (“You”) as described below.
We understand that your personal data is entrusted to us and appreciates the importance of protecting and respecting your privacy. To this end we comply fully with the data protection law in force in the UK (“Data Protection Laws”) and with all applicable clinical confidentiality guidelines including those published from time to time by the professional body, British Society of Hearing Aid Audiologists (BSHAA), and the regulator Health and Care Professions Council (HCPC).
If you have questions or would like to send us feedback about our privacy practices, please contact us at firstname.lastname@example.org. If you have an unresolved privacy, data use or any other concern that we have not addressed satisfactorily, please contact the audiology Professional Body, BSHAA https://www.bshaa.com/Customer-Care to lodge a customer care complaint about independent and free of charge mediation.
Personal data we collect and receive
- We collect information you voluntarily supply to us on our websites, through surveys, newsletters, emails, or as feedback.
- Information is collected during the use of some of our products and services as needed to provide the service.
- We use common Internet technologies, such as cookies and web beacons, to keep track of interactions with our sites and services.
- Personal data that we collect from you may be transferred to and stored at, a destination outside the European Economic Area. The transmission of information via the internet cannot be guaranteed as completely secure. However, we ensure that any information transferred to our websites is via an encrypted connection. Once we have received your information, we will use strict procedures and security features for prevention of unauthorised access.
- At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so at your own risk.
How we use your information
- We use the information collected to provide you with information about products or services we offer that we feel may interest you. Unless you have consented to receive marketing communications by electronic means from us, by ticking the relevant box on the form on which we collect your data, we will only contact you by electronic means (e-mail or SMS) with information about products and services similar to those which you previously purchased or enquired about from us, and to notify you about changes to our products or services
- We may use the information collected to respond to requests where we have a legal or regulatory obligation to do so
- We may use the information collected to check the accuracy of information about you and the quality of your treatment or care, including auditing medical and billing information for insurance claims as well as part of any claims or litigation process
- We may use the information collected to support your doctor, nurse or other healthcare professionals
- We may use the information collected to assess the quality and/or type of care you have received (including giving you the opportunity to complete customer satisfaction surveys) and any concerns or complaints you may raise so that these can be properly investigated
- We may use the information collected to conduct and analyse market research and to ensure that content from any of our websites is presented in the most effective manner for you and for your computer.
- We use the information collected to provide you with the services and to facilitate and improve the usage of our services.
- We may also use your information to inform you about other products or services, partners, opportunities and events offered by Audiology Planet and affiliates. You can always opt out of these.
- We ask our webmaster to make effort to safeguard the confidentiality of personally identifiable information, including encryption, firewalls and SSL (Secure Sockets Layer).
How do we lawfully process your personal data
Set out below are some of the ways in which we process personal data although to do so lawfully we need to have a legal ground for doing so. We normally process personal data if it is:
- necessary to provide you with our services – to enable us to carry out our obligations to you arising from any contract entered into between us and you including relating to the provision by us of services or treatments to you and related matter such as billing, accounting and audit, credit or other payment card verification and anti-fraud screening
- in our or a third party’s legitimate interests to do so – see details below
- required or allowed by any applicable law
- with your explicit consent, for example, direct marketing communications
Generally, we will only ask for your consent to processing if there are no other legal grounds to process. In these circumstances, we will always aim to be clear and transparent about why we need your consent and what we are asking it for. Where we are relying on consent to process personal data you have the right to withdraw your consent at any time by contacting us using the details below and we will stop the processing for which consent was obtained.
To process special category data we rely on additional legal grounds and generally, they are as follows:
- With your explicit consent
- It is necessary for the purposes of preventive or occupational medicine, to assess whether you are able to work, medical diagnosis, to provide health or social care treatment, or to manage health or social care systems and services. This may also include monitoring whether the quality of our services or treatment is meeting expectations.
- It is necessary to establish, make or defend legal claims or court action
- It is necessary so that we can comply with employment law
- It is necessary for a public interest purpose in line with any laws that are applicable. This should assist in protecting the public against dishonesty, malpractice or another seriously improper behaviour for example, investigating complaints, clinical concerns, regulatory breaches or investigations e.g the Care Quality Commission or HCPC or BSHAA or ICO.
Processing of personal data which you have made public:
As stated above, one of the legal grounds for processing data is where it is in our legitimate interest to do so, taking into account your interest’s rights and freedoms. This allows us to manage the relationship that exists between you and us and can include the following reasons:
- provide you with information, products or services that you request from us
- managing all aspects of our relationship with you, our products and services and any third parties who may provide products or services on our behalf
- allow you to participate in interactive features of our services when you choose to do so
- notify you about changes to our products or services
- keep our records up to date
- respond to requests where we have a legal or regulatory obligation to do so
- check the accuracy of information about you and the quality of your treatment or care, including auditing medical and billing information for insurance claims as well as part of any claims or litigation process
- support your doctor, nurse or other healthcare professionals
- assess the quality and/or type of care you have received (including giving you the opportunity to complete customer satisfaction surveys) and any concerns or complaints you may raise, so that these can be properly investigated
- to conduct and analyse market research
- to ensure that content from any of our websites is presented in the most effective manner for you and for your computer
- to share your personal information with people or organisations in order to run our business or comply with any legal and/or regulatory obligations including to defend ourselves from claims, exercise our rights and adhere to laws and regulations that apply to us and the third parties we work with
- to take part in, or be the subject of, any sale, purchase, merger or takeover of all or part of our business.
How long do we retain your personal data?
Unless we explain otherwise to you, we will retain your personal data on the basis of the following guidelines:
- for as long as we have a reasonable business need, such as managing our relationship with you and managing our business
- for as long as we provide services and/or treatment to you and then for as long as someone could bring a claim against us (in general this is a period of 8 years); and/or
- in line with professional, legal, and regulatory requirements or guidance.
Disclosure of your personal data to third parties
In the usual course of our business, we may disclose your personal data (which will be limited to the extent reasonably necessary) to certain third-party organisations that we use to support the delivery of our services. This may include the following:
- business partners, suppliers and sub-contractors for the performance of any contract we enter into with you,
- organisations providing IT systems support and hosting in relation to the IT systems on which your information is stored,
- third-party debt collectors for the purposes of debt collection,
- delivery companies for the purposes of transportation,
- third party service providers for the purposes of storage of information and confidential destruction, third-party marketing companies for the purpose of sending marketing emails, subject to obtaining appropriate consent.
Where a third party data processor is used, we ensure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under Data Protection Laws.
We may also disclose your personal data to third parties in the event that we sell or buy any business or assets or where we are required by law to do so.
What do we do with any non-personal information collected when accessing the website?
We may also use other companies to set cookies on our websites and gather cookie information for us – please refer to the information detailed below. From time to time we may also analyse Internet Protocol (IP) addresses or other anonymous data sources.
By law, website operators are required to ask for a website user’s permission when placing certain kinds of cookie on their devices for the first time.
Where consent is required, the law states that it should be “informed consent”, which means we must ensure that you understand what cookies are and why we want to use them.
What are Cookies?
Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device.
Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving your user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests. For information on how to delete cookies, please refer to https://ico.org.uk/for-the-public/online/cookies
You have the right to ask us not to process your information in this way at any time. If you no longer wish to receive web-based marketing information you can unsubscribe by emailing email@example.com. For non-web based marketing information please write to Audiology Planet, 39 Redbud Road, Tonbridge, Kent UK TN9 1FX. We would ask you to give us a reasonable amount of notice, to give us time to update our systems. While the precise timings vary by department we generally ask that you give us at least 30 days’ notice.
Many of our premises are surveyed by CCTV for the purposes of security. Images and videos may be retained for a limited period.
Accessing and updating your information
The law gives you certain rights in respect of the personal data that we hold about you. In addition to your right to stop marketing, detailed above, below is a short overview of the most commonly-used rights. It is not an exhaustive statement of the law.
- With some exceptions designed to protect the rights of others, you have the right to a copy of the personal data that we hold about you
- You have the right to have the personal data we hold about you corrected if it is factually inaccurate. It is important to understand that this right does not extend to matters of opinion, such as medical diagnoses. If any of your personal data has changed, especially contact information such as email address, postal address and phone number please get in touch with us on 0330 2233 453 so we can ensure your personal data is kept up to date
- Your Data will be stored for as long as it is necessary to provide services in relation to your hearing/balance and ear care unless applicable law requires Us to delete it before or store it for a longer period of time. Please be informed that you may withdraw Your Consents at any time, in which event We will cease processing Your Data and delete it (unless we are obligated to keep it). Withdrawal of Your Consent can be done by post, phone or by email as described below. You may also contact us or in case of questions or other queries related to the collection and processing of Your Data. Queries could, for example, include exercising rights according to GDPR to access Your Data, to object to processing, to withdraw your consent (as described above), to request rectification or erasure of Your Data, or to request restriction of processing. We are subject to supervision by Information Commissioner Office (the “Supervisory Authority”). In addition to your right to contact Us mentioned above, you are entitled to lodge complaints related to the processing of Your Data with the Supervisory Authority. You may also complain to the Professional Body, British Society of Hearing Aid Audiologists via their independent customer care scheme at https://www.bshaa.com/Complain
- If you want to exercise your rights in respect of your personal data, the best way to do so is to contact us by email on firstname.lastname@example.org, or to write to us for the attention of the data protection officer at the address: Audiology Planet, 39 Redbud Road, Tonbridge, Kent UK TN9 1FX. In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to such a request.
If you are not satisfied with how we handle your request, you can contact the Information Commissioner’s Office on 0303 123 1113 or visit their website (http://www.ico.org.uk).
 REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC