Privacy Policy

Greater Lancashire Hospital is committed to ensuring the privacy and confidentiality of your personal information.

The purpose of this Privacy Policy is to inform you about all information that we record about you. It sets out the conditions under which we may process any information that we collect from you, or that you provide to us. It covers information that could identify you (“personal information”) and information that could not. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information.
It applies to information we collect about:

  • visitors to our websites
  • visitors who submit a general enquiry via our contact page or who correspond with us phone, email or otherwise
  • those who use our services, e.g. who subscribe to our newsletter or request a publication from us
    job applicants and our current and former employees
  • those who send a written complaint or enquiry to our Information Governance Manager
  • those who participate in a survey posted on a Bespoke website
  • those who participate in a competition posted on a Bespoke website

We take seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their personal data will not be used for any purpose unintended by them and will not accidentally fall into the hands of a third party.

Bespoke is registered with the Information Commissioner’s Office as a Data Controller and our policy complies with UK law accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR).

The law requires us to tell you about your rights and our obligations to you in regard to the processing and control of your personal data. We do this now, by requesting that you read the information provided at www.knowyourprivacyrights.org

Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website.
By using Bespoke’s websites, you are accepting the terms of this Policy and Bespoke’s use of your information. This Privacy Policy applies to all websites owned by Bespoke, including the websites of Bespoke hospitals.

Visitors to our website

Bespoke collects data on visitors to its websites including usage and behaviour patterns. This is purely to review the number of visits to each part of the website and how the user accessed the website. Information collected includes:

  • date and time of visit
  • pages accessed
  • browser or mobile platform used to access the website
  • source used to find and access the website (i.e. Google Search Engine)
  • location of the visitor (town level only)
  • search queries from external and internal search engines
  • page interaction information
  • technical information, including the Internet protocol (IP) address used to connect your computer to the internet, browser type and version, operating system and platform

When you use our website (or any other owned and operated by Greater Lancashire Hospital) we do not attempt to identify you as an individual user and we will not collect personal information about you unless you specifically provide this to us.

We may collect your personal information if you choose to provide this to us via an online form or by email. Examples are where you:

  • submit a general enquiry via our contacts page;
  • register to receive email Newsletters; or
  • make a general enquiry via the telephone displayed on the website
  • send a written complaint or enquiry to our Information Governance Manager.
    Complaining

When we receive a complaint, we record all the information you have given to us.
We use that information to resolve your complaint.

If your complaint reasonably requires us to contact some other person, we may decide to give to that other person some of the information contained in your complaint. We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and if we do, what that information is.

We may also compile statistics showing information obtained from this source to assess the level of service we provide, but not in a way that could identify you or any other person.

Use of Cookies

We use cookies on our site to distinguish between users. You can read more about how we use cookies on our Cookies page.

Use and disclosure

When you contact us, whether by telephone, through our website or by e-mail, we collect the data you have given to us in order to meet the purpose for which it was given. This includes; responding to your enquiries, delivering electronic Newsletters or improving the website.

We record your request and our reply in order to increase the efficiency of our business.

We keep personally identifiable information associated with your message, such as your name and email address so as to be able to track our communications with you to provide a high-quality service.

Bespoke may share your personal information with any member of our group, including any of its subsidiaries, Bespoke’s holding company and its subsidiaries. Bespoke may also share your information with analytics and search engine providers in order to assist us in improving and optimising our site.

We will not use or disclose personal information to other organisations or anyone else unless:

  • consent has been given for us to do so;
  • you would reasonably expect, or we have told you that your information is usually used or disclosed to other organisations or persons in this way;
  • the use or disclosure is required or authorised by law; or
  • the disclosure is reasonably necessary for law enforcement functions or for the protection of public revenue.

If we receive your email address because you sent us an email message, the email will only be used or disclosed for the purpose for which you have provided it and we will not add your email address to an emailing list or disclose this to anyone else without your consent.

Data quality

If we collect your personal information from our website, we will maintain and update your information as necessary or when you advise us that your personal information has changed.

Data Security

Bespoke is committed to protecting the security of your personal information. We use technologies and processes such as access control procedures, network firewalls, encryption and physical security to protect the privacy of information. Although the transmission of information via the internet is not completely secure and we cannot guarantee the security of your personal information, we will take all reasonable steps to protect your information from loss, misuse or alteration.

If you choose to complete our online forms or make enquiries via our website, we will ensure that your contact details are stored on password protected databases.
Staff members associated with website maintenance have access to our website’s administration system. This is password protected. Our website service is also password protected.

Access, correction and deletion of personal information

At any time, you may review or update personally identifiable information that we hold about you. To find out if we hold any of your personal information send a request to;

Information Governance Manager
Bespoke Healthcare Holdings
5A Millennium City Office Park
Barnfield Way
Preston,
PR2 5DB

If any information is held about you, we will:

  • give you a description of the personal data for which you are the data subject;
  • the purposes for which they are being held;
  • the recipients or classes of recipients to whom they are or may be disclosed;
  • let you have a copy of your data in an intelligible form; and
  • tell you whether we require a fee for providing it to you.

If we do hold your data and they are wrong, or if you wish us to delete personally identifiable information held about you, please request this through the contact details above.

When we receive any request to access, edit or delete personal identifiable information we shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.

Links to other websites

We may create links to third party websites. We are not responsible for the content or privacy practices employed by those responsible for any third party websites we are linked to.

Search engine

Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either Bespoke or any third party.

Telephone Calls

In the interests of training and continually improving our services calls to Bespoke Hospitals may be monitored or recorded. Private calls to and from patients in our hospitals are not recorded.

Email enquiries

Any email sent to us, including any attachments, may be monitored and blocked if the email you send to us is potentially a threat to our information systems or illegal.

Marketing information

We will only send you marketing information where you have agreed to receive it. You can stop us from contacting you for marketing purposes by clicking on the ‘unsubscribe’ link embedded within the email that has been sent to you. Doing so will remove your data from our contacts list automatically.

Job applicants

When individuals apply to work at Bespoke, we will only use the information they supply to us to process their applications and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Disclosure Barring Service (DBS) previously known as the Criminal Records Bureau (CRB) we will not do so without informing applicants beforehand unless the disclosure is required by law.

If we employ you, we collect information about you and your work from time to time throughout the period of your employment. This information will be used only for purposes directly relevant to your employment. After your employment has ended, we will keep your file for a maximum of 6 years before destroying or deleting it.

Personal information about unsuccessful candidates will be held for 12 months after the recruitment exercise has been completed, it will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.

How you can complain

If you are not happy with our privacy policy or if have any complaint, then you should tell us by email. Our address is [email protected]

If a dispute is not settled, then we hope you will agree to attempt to resolve it by engaging in good faith with us in a process of mediation or arbitration.

If you are in any way dissatisfied about how we process your personal information, you have a right to lodge a complaint with the Information Commissioner’s Office. This can be done at https://ico.org.uk/concerns/

Retention period for personal data

Except as otherwise mentioned in this privacy notice, we keep your personal information only for as long as required by us:

  • to provide you with the services you have requested;
  • to comply with other law, including for the period demanded by our tax authorities;
  • to support a claim or defence in court.

Compliance with the law

Our privacy policy has been compiled so as to comply with the law of every country or legal jurisdiction in which we aim to do business. If you think it fails to satisfy the law of your jurisdiction, we should like to hear from you.

However, ultimately it is your choice as to whether you wish to use our website.
Review of this privacy policy

We may update this privacy notice from time to time as necessary. The terms that apply to you are those posted here on our website on the day you use our website. We advise you to print a copy for your records.

If you have any concerns, please contact [email protected]

CCTV

We have CCTV installed across our GLH premises for the purposes of public and staff safety and crime prevention and detection. The recordings are classed as personal data but do not form part of any health or staff record.

Images are held for a period of 31 days, or longer if required for any investigation