What we collect:
We may collect the following information:
- Contact information such as; Name, email address, phone number
- Demographic information such as postcode, preferences and interests
- Other information relevant to customer surveys and/or offers
- Occupational health and medical information
What we do with the information we gather:
We require this information to understand your needs and provide you with a better service, and for the following reasons:
- Internal record keeping following up with your calls and emails.
- To provide UK Government statutory notifications e.g. to Public Health England (PHE) or Test To Release notifications
- We may use the information to improve our products and services.
- We may periodically send emails about pending appointments and other information which we think you may find useful using the email address which you have provided.
- We may contact you by email, phone or mail.
- We keep a PDF scan of your application forms, results and ECG/investigation reports
- We keep a PDF scan of any occupational or medical reports or blood test, swab test (e.g Covid-19) results
- We keep a client list with your date of birth, name, type /class of occupational or other medical, expiry date, email address and mobile number.
- All documents are stored on devices that have both full disk and file level encryption.
Why we collect your data
- We are obliged by the General Medical Council’s principles of Good Medical Practice, FOM and SEQOHS, CQC and NMC regulations to maintain accurate clinical records.
- We retain your occupational and medical records so that we can assist you with queries and fulfil our statutory obligations.
- We periodically send out reminder emails that medicals or test results are due.
How we respect your rights under the GDPR
- We are registered as a company with the ICO (https://ico.org.uk)
- We never share your data with anyone without your consent.
- We will not use your data for unsolicited marketing purposes or allow anyone else to do so.
- We would expect you to provide valid signed request to access your data.
- We will notify you (as well as the ICO) if your data is ever compromised.
- We will carry out periodic DPIA (data protection impact assessments) when new technology is implemented.
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
A cookie is a file which asks permission to be placed on your computers hard drive. Once you agree, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a website. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at firstname.lastname@example.org
- We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
- You may request details of personal information which we hold about you under the Data Protection Act 2018 and other pertinent legislation. If you would like a copy of the information held on you, please write to: email@example.com
- If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
How Heathrow Medical uses your health records
An individual is regarded as the data subject. The UK CAA has decided that in the context of pilot and ATCO medicals, the CAA is the data controller and AME’s are data processors. You should be aware that our AME’s have all signed a contract to that effect with the CAA.
At Heathrow Medical Services LLP (HMS) we aim to provide you with the highest quality of health care. To do this we must keep records about you, your health and the care we have provided or plan to provide to you. Details of how Heathrow Medical use your health records are available here »