THE TREATMENT NETWORK
PRIVACY NOTICE (GENERAL)
Note: if you are not a Customer or potential Customer of The Treatment Network only those sections relating to our website are relevant to you. For our suppliers (including experts) and clients of our Customers, unless otherwise advised, The Treatment Network will process your personal data in the role of a Data Processor.
Last updated on: 22nd May 2018
Welcome to The Treatment Network Limited “The Treatment Network” Privacy Notice.
The Treatment Network takes data protection seriously and is committed to respecting and protecting your personal data. Your personal data is data which by itself or with other data available to us can be used to identify you.
This Privacy Notice explains how we will collect, store and use any personal data you provide via our website, email or networks and when you otherwise communicate with us (including in the course of the services we provide or the running of our business).
If you have any questions you can contact our Data Protection Officer at:
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
This Privacy Notice may change from time to time and, if it does, the up-to-date version will be available on our website and becomes effective immediately.
Please take the time to read this Privacy Notice, which contains important information about the way in which The Treatment Network processes personal data.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the opportunity to deal with your concerns before you approach the ICO so please contact us in the first instance.
For the purposes of this Privacy Notice, " Data Protection Legislation" is defined as, for the periods in which they are in force, the European Data Protection Directive 95/46/EC, all laws giving effect or purporting to give effect to the European Data Protection Directive 95/46/EC (such as the Data Protection Act 1998) or otherwise relating to data protection (to the extent the same apply) and, from 25 May 2018, the General Data Protection Regulation (Regulation (EU) 2016/670) (“GDPR”) or any equivalent legislation amending, supplementing or replacing the GDPR.
We may collect, or be provided with, and process information about you, your personnel and clients through various means, including:
The personal data you give to us may include:
Each time you visit our website, we may automatically collect the following information:
We may ask you for information when you report a problem with our website.
If you contact us, we may keep a record of that correspondence or conversation.
The personal data described above may relate to any of the following categories of person:
We may use your information for the following purposes:
We will rely on the following legal bases under Data Protection Legislation for processing your personal data:
We will process your client’s personal data as a Data Processor in accordance with the terms of the contractual arrangements in place between us, unless otherwise agreed.
We may share your details with third parties instructed by us in accordance with your instructions to enable us to fulfil our contractual obligations to you and/or your clients in the course of business.
We will only share your personal data in compliance with Data Protection Legislation.
We may disclose your information to third parties when:
We will not sell your information.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We will procure that any third parties we engage to provide services in satisfaction of any contract between us will keep your data and that of your clients stored on their systems for as long as is necessary to provide the services to you, and to comply with applicable legal requirements.
We will not store your information for longer than is reasonably necessary or required by law, and/or as needed for the duration of our contractual relationship.
Following the completion of any contract between us, we may also need to retain your personal data for legal and regulatory purposes, including
If we need to share your personal data with a recipient outside the European Economic Area (“EEA”) we will ensure we do so in compliance with Data Protection Legislation and having obtained your consent, where appropriate.
Data Protection Legislation gives you the right to access information held about you.
We will aim to respond to any requests relating to your rights without undue delay and in any case within one month of receipt of your request. With respect to your clients we will, as you are the Data Controller, notify you if we directly receive a request relating to their rights.
We may ask you to confirm your identity so that we can validate a request. If you would like to make a request, please email or write to the DPO using the contact details provided above.
You have the right to:
Where you exercise your rights to request erasure, or request a restriction in the processing of your personal data or to object to processing of your personal data, we may still need to keep basic contact information about you if you are already or will shortly be an active customer as we will require this for contractual purposes.