Privacy Policy

Under data protection law we are legally required to explain how we use your personal information.

This Privacy Notice is applicable to the Connect NENC service managed by the Newcastle upon Tyne Hospitals NHS Foundation Trust and explains:

  • what we do with personal information we collect about you
  • how we store this information
  • how long we retain it
  • who we may share it with
  • for which legal purpose we may share it

Under data protection law we are legally required to explain how we use your information in a way that is:

  • concise and easy to understand
  • transparent
  • easily accessible – written in clear, plain language, particularly if addressed to a child
  • free of charge

Data protection law says the personal information we hold about you must be:

  • used lawfully, fairly and in a transparent way
  • collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
  • relevant to the purposes we have told you about and limited only to those purposes
  • accurate and kept up to date
  • kept securely and only as long as necessary for the purposes we have told you about

General Data Protection Regulations Statement

The Newcastle upon Tyne Hospitals NHS Foundation Trust is a ‘Data Controller’ under the European General Data Protection Regulations (GDPR) and the UK Data Protection Act 2018.

This means that we are legally responsible for ensuring that all personal data we hold and use is done so in a manner that meets the current and future data protection principles. We must notify the Information Commissioner about all our data processing activities. Our Data Processing registration number is Z6173332 and details of our registration can be found here: Information Commissioner’s website Information we may collect about you on our website. We are committed to safeguarding the privacy of our website visitors. As with the majority of websites there are some types of information which will be automatically tracked. This includes information about your computer, and about your visits to and use of this website such as:

  • your IP address
  • the website you have come from
  • the type of browser you are using
  • the searches you carry out
  • the length of your visit on our site
  • the number of pages you viewed.

We use this data internally to understand the kind of information our visitors are looking for so that we can continually improve the content we provide on our website. This information does not contain any personal details and so our users cannot be identified in any way.

How we do this

We do this by using Cookies – small text files that are stored on your device when the website is loaded on your browser.

Changes to this privacy notice We reserve the right to update this privacy notice at any time. We will notify you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

Definitions

GDPR

“GDPR” means the General Data Protection Regulation (2016/679).

Personal data

“Personal data” means information relating to a natural (living) person or “data subject”, which can be used to identify the person. This provides for a wide range of information to constitute personal data, for example:

  • Name
  • Identification number
  • Social media posts
  • Location data
  • Online identifier

Special category of personal data

“Special category of personal data” means information which is thought to be “extra sensitive”, such as ethnicity, data concerning health, biometric data, sexual orientation and religious or philosophical belief.

Data controller

“Data controller” means the organisation that determines or decides the purposes, conditions and means of the processing of personal data.

Processing

“Processing” means anything that is done to the personal data we hold.

Pseudonymisation

“Pseudonymisation” is the processing of personal data in such a way that the data can no longer be attributed to a specific person without the use of additional information (key).

Information Commissioner’s Office

The Information Commissioner’s Office (ICO) is the body that regulates the Trust under data protection and freedom of information legislation. If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complain to the ICO.

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113 (local rate)
Telephone: 01625 545 745 (national rate)

Email: casework@ico.org.uk