The Novus Clinics Privacy Notice
This Privacy Notice is designed to help you understand everything you need to know about the what, why and how’s of our data gathering and processing operations, and what your legal rights are.
We hope you’ll take some time to read this document; we’ve tried to keep it all as simple as possible and we will keep you informed if there are any changes to the way we process your personal data in the future, before making them.
Novus Clinics takes its responsibilities to protecting your data very seriously and we do advise you get to know our practices – If there’s anything in this policy you don’t understand or if you want to ask any questions, please feel free to contact us using any of the details below.
Who are Novus Clinics?
We are Novus Clinics, a UK limited company registered in England and Wales at 12-14 Carlton Place, Southampton, Hampshire, SO15 2EA.
What kind of personal data might we ask you to provide?
Novus Clinics will only ever ask for personal data if it is required for a specific purpose; with that in mind we have created a full list of all the kinds of personal data that we may ask individuals to provide in order to achieve those purposes. The kinds of personal data we may collect in order to facilitate the delivery of our goods and services are:
Your name, address, telephone number, email address, medical information, bank details (for payments), VAT information (where appropriate)
If you have provided your personal data to apply for a job at Novus Clinics we may also ask you to provide information about your work and educational history.
Why do we collect personal data?
We will use personal data firstly to fulfill any contractual obligations that exist between us and yourself; where we request personal data be provided to meet the terms of any such contract you will be required to provide the relevant personal data or we will not be able to deliver the goods and/or services you want. In such cases the lawful basis of us processing the personal data is that it is necessary for the performance of a contract.
We may also process your personal data in accordance with our legitimate business interests; this is on the considered measure that we need the personal data to achieve the various purposes and that it could be reasonable for an individual to expect their data to be used for those purposes.
Our data processing activities conducted on the lawful basis of ‘legitimate interests’ are:
- To provide you with goods and services you are looking for
- To inform you of other goods and services we provide, or offers that may interest you (direct marketing)
- To send notifications on subjects you have subscribed to, or otherwise asked us to keep you informed of
- To improve the quality of the services we offer, and to better understand our customers’ needs by requesting feedback, or requesting you review the services we have provided, or we may send survey forms that we ask you to complete
- To notify you of any changes to the goods and/or services we provide, or have provided, that may affect you
- To allow us to understand the scale and range of our customer base; for statistical analysis and market research
- To recognise when customers re-engage with our services
- To allow us to support and maintain our products in active service
- To provide reference information to third party organisations where you request us to do so
- Improve website so content is delivered more efficiently
- Monitor website and/or App activity to identify usage trends
- To enhance the security measures in place that protect data we are responsible for
- To investigate any insurance claims
- To protect the company’s assets
We may also process your personal data in order for Novus Clinics to comply with our various legal obligations; this might include:
- Providing for financial commitments between us and yourself, or to relevant financial authorities
- Cooperating with relevant authorities for reporting criminal activity, or to detect and prevent fraud
- To carry out required business operations and due diligence; e.g. administration, security, reorganisations, investment or corporate/asset sales
- To comply with industry regulatory requirements and any self-regulatory schemes
Who will we share your information with?
We may share your personal data with third party organisations acting as data controllers, but only where we are either legally require to do so by law, or where doing so is necessary to achieve the intended stated purpose of processing the data.
In the event that we sell or reorganise our business, or if otherwise required by law or by an authorised regulator, we may transfer your personal data as a part of the general business data to the relevant parties.
Where is my data going to be stored?
Novus Clinics will not transfer your personal data to any country outside the European Union (EU) other than those that have been granted an adequacy decision under the General Data Protection Regulation (GDPR).
How long will we keep your data for?
We will keep your personal data only for as long as required in order to achieve the purposes for which it was gathered, in line with this privacy notice.
For determining when personal data should be erased we shall take into consideration the amount of and sensitivity of the personal data we have, the amount of harm that could be caused by a data breach, the benefits of the purposes the data is being used for and any legal requirements that we are bound to.
You may request that we erase your personal data an anytime, though in cases where there is a remaining relevant or legal reason why we are required to keep the data we may opt to restrict the amount of processing being conducted to what is absolute necessary in line with your legal rights in order to minimise the impact the processing with have.
Health and safety legislation places obligations on organisations to retain medical records for 40 years from the date of last entry:
- Under the Control of lead at Work Regulations 1998
- As specified by the Control of Substances Hazardous to Health Regulations 1999
- Under the Control of Asbestos at Work Regulations 1987/1998
Where the lawful basis of our processing is based on protection of vital interests and insofar as the above obligations apply Novus Clinics will retain your personal data for 40 years.
You’re Rights, Our Responsibility
There are several rights granted to you immediately upon providing us with your personal information; some of these are mentioned above. We’d like you to know that at Novus Clinics we take your rights as a natural person seriously and will always conduct ourselves in a way that is considerate of our responsibility to serve your legal rights.
You have the Right of Access
This grants you the right to confirm whether or not your personal data is being processed, and to be provided with relevant details of what those processing operations are and what personal data of yours is being processed.
If you would like access to the personal data we have about you, we ask that you contact us by using any of the details below.
The Right to Rectification
This one is fairly straight forward; if you notice that the data we have about you is inaccurate or incomplete, you may request we rectify the mistake. We will make every effort to respond to requests of this type immediately.
The Right to Objection
The right to object is a basic freedom all democracies enjoy. If you wish to object to the way we use, or have used, your personal data you may do so freely.
The Right to Portability
This is a legal right afforded to you that states we must pass on all of the details you have provided to us in a machine readable format, either to your or to another provider of your choosing.
The Right to Complain
We will always try to maintain the highest standards and encourage the confidence our customers have in us as an organisation. In order that we can achieve this we do request that any complaints be first brought to our attention so we can properly investigate matters; if however you would like to complain about Novus Clinics to a supervisory authority you may do so by contacting the Information Commissioners Office on 0303 123 1113, or anyone of the other reporting methods listed on their website – https://ico.org.uk/concerns
Our Contact Details
If you wish to get in touch with Novus Clinics please do so with any of the following contact details: