Legal / Privacy Policy
Table of Contents
A. TERMS OF USE (WEBSITE)
1. Introduction
1.1 These terms and conditions shall govern your use of our website.
1.2 By using our website, you accept these terms and conditions in full; accordingly, if you disagree with these terms and conditions or any part of these terms and conditions, you must not use our website.
1.3 If you register with our website, submit any material to our website or use any of our website services, we will ask you to expressly agree to these terms and conditions.
1.4 You must be at least 18 years of age to use our website; by using our website or agreeing to these terms and conditions, you warrant and represent to us that you are at least 18 years of age.
1.5 Our website uses cookies; by using our website or agreeing to these terms and conditions, you consent to our use of cookies in accordance with the terms of our privacy and cookies policy.
2. Copyright notice
2.1 Copyright (c) 2017 Paul Strickland Scanner Centre
2.2 Subject to the express provisions of these terms and conditions:
(a) we, together with our licensors, own and control all the copyright and other intellectual property rights in our website and the material on our website; and
(b) all the copyright and other intellectual property rights in our website and the material on our website are reserved.
3. Licence to use website
3.1 You may:
(a) view pages from our website in a web browser;
(b) download pages from our website for caching in a web browser;
(c) print pages from our website;
(d) stream audio and video files from our website; and
(e) use our website services by means of a web browser,
subject to the other provisions of these terms and conditions.
3.2 Except as expressly permitted by Section 3.1 or the other provisions of these terms and conditions, you must not download any material from our website or save any such material to your computer.
3.3 You may only use our website for your own personal and business purposes, and you must not use our website for any other purposes.
3.4 Except as expressly permitted by these terms and conditions, you must not edit or otherwise modify any material on our website.
3.5 Unless you own or control the relevant rights in the material, you must not:
(a) republish material from our website (including republication on another website);
(b) sell, rent or sub-license material from our website;
(c) show any material from our website in public;
(d) exploit material from our website for a commercial purpose; or
(e) redistribute material from our website.
3.6 Notwithstanding Section 3.5, you may redistribute our newsletter in print and electronic form to any person.
3.7 We reserve the right to restrict access to areas of our website, or indeed our whole website, at our discretion; you must not circumvent or bypass, or attempt to circumvent or bypass, any access restriction measures on our website.
4. RSS feed
4.1 You may access our RSS feed using an RSS reader or aggregator.
4.2 By accessing our RSS feed, you accept these terms and conditions.
4.3 Subject to your acceptance of these terms and conditions, we grant to you a non-exclusive, non-transferable, non-sub-licensable licence to display content from our RSS feed in unmodified form on any non-commercial website owned and operated by you, providing that you must not aggregate our RSS feed with any other feed when displaying it in accordance with this Section 4.3.
4.4 It is a condition of this licence that you include a credit for us and hyperlink to our website on each web page where the RSS feed is published (in such form as we may specify from time to time, or if we do not specify any particular form, in a reasonable form).
4.5 We may revoke any licence set out in this Section 4 at any time, with or without notice or explanation.
5. Acceptable use
5.1 You must not:
(a) use our website in any way or take any action that causes, or may cause, damage to the website or impairment of the performance, availability or accessibility of the website;
(b) use our website in any way that is unlawful, illegal, fraudulent or harmful, or in connection with any unlawful, illegal, fraudulent or harmful purpose or activity;
(c) use our website to copy, store, host, transmit, send, use, publish or distribute any material which consists of (or is linked to) any spyware, computer virus, Trojan horse, worm, keystroke logger, rootkit or other malicious computer software;
(d) conduct any systematic or automated data collection activities (including without limitation scraping, data mining, data extraction and data harvesting) on or in relation to our website without our express written consent;
(e) access or otherwise interact with our website using any robot, spider or other automated means, except for the purpose of search engine indexing;
(f) violate the directives set out in the robots.txt file for our website; or
(g) use data collected from our website for any direct marketing activity (including without limitation email marketing, SMS marketing, telemarketing and direct mailing).
5.2 You must not use data collected from our website to contact individuals, companies or other persons or entities.
5.3 You must ensure that all the information you supply to us through our website, or in relation to our website, is true, accurate, current, complete and non-misleading.
6. Registration and accounts
6.1 To be eligible for an account on our website under this Section 6, you must be resident or situated in the United Kingdom.
6.2 You may register for an account with our website by completing and submitting the account registration form on our website, and clicking on the verification link in the email that the website will send to you.
6.3 You must not allow any other person to use your account to access the website.
6.4 You must notify us in writing immediately if you become aware of any unauthorised use of your account.
6.5 You must not use any other person’s account to access the website, unless you have that person’s express permission to do so.
7. User login details
7.1 If you register for an account with our website, [we will provide you with] OR [you will be asked to choose] a user ID and password.
7.2 Your user ID must not be liable to mislead and must comply with the content rules set out in Section 10; you must not use your account or user ID for or in connection with the impersonation of any person.
7.3 You must keep your password confidential.
7.4 You must notify us in writing immediately if you become aware of any disclosure of your password.
7.5 You are responsible for any activity on our website arising out of any failure to keep your password confidential, and may be held liable for any losses arising out of such a failure.
8. Cancellation and suspension of account
8.1 We may:
(a) suspend your account;
(b) cancel your account; and/or
(c) edit your account details,
at any time in our sole discretion without notice or explanation.
8.2 You may cancel your account on our website using your account control panel on the website.
9. Your content: licence
9.1 In these terms and conditions, “your content” means all works and materials (including without limitation text, graphics, images, audio material, video material, audio-visual material, scripts, software and files) that you submit to us or our website for storage or publication on, processing by, or transmission via, our website.
9.2 You grant to us a worldwide, irrevocable, non-exclusive, royalty-free licence to [use, reproduce, store, adapt, publish, translate and distribute your content in any existing or future media] OR [reproduce, store and publish your content on and in relation to this website and any successor website] OR [reproduce, store and, with your specific consent, publish your content on and in relation to this website].
9.3 You grant to us the right to sub-license the rights licensed under Section 9.2.
9.4 You grant to us the right to bring an action for infringement of the rights licensed under Section 9.2.
9.5 You hereby waive all your moral rights in your content to the maximum extent permitted by applicable law; and you warrant and represent that all other moral rights in your content have been waived to the maximum extent permitted by applicable law.
9.6 You may edit your content to the extent permitted using the editing functionality made available on our website.
9.7 Without prejudice to our other rights under these terms and conditions, if you breach any provision of these terms and conditions in any way, or if we reasonably suspect that you have breached these terms and conditions in any way, we may delete, unpublish or edit any or all of your content.
10. Your content: rules
10.1 You warrant and represent that your content will comply with these terms and conditions.
10.2 Your content must not be illegal or unlawful, must not infringe any person’s legal rights, and must not be capable of giving rise to legal action against any person (in each case in any jurisdiction and under any applicable law).
10.3 Your content, and the use of your content by us in accordance with these terms and conditions, must not:
(a) be libellous or maliciously false;
(b) be obscene or indecent;
(c) infringe any copyright, moral right, database right, trade mark right, design right, right in passing off, or other intellectual property right;
(d) infringe any right of confidence, right of privacy or right under data protection legislation;
(e) constitute negligent advice or contain any negligent statement;
(f) constitute an incitement to commit a crime, instructions for the commission of a crime or the promotion of criminal activity;
(g) be in contempt of any court, or in breach of any court order;
(h) be in breach of racial or religious hatred or discrimination legislation;
(i) be blasphemous;
(j) be in breach of official secrets legislation;
(k) be in breach of any contractual obligation owed to any person;
(l) depict violence in an explicit, graphic or gratuitous manner;
(m) be pornographic, lewd, suggestive or sexually explicit;
(n) be untrue, false, inaccurate or misleading;
(o) consist of or contain any instructions, advice or other information which may be acted upon and could, if acted upon, cause illness, injury or death, or any other loss or damage;
(p) constitute spam;
(q) be offensive, deceptive, fraudulent, threatening, abusive, harassing, anti-social, menacing, hateful, discriminatory or inflammatory; or
(r) cause annoyance, inconvenience or needless anxiety to any person.
10.4 Your content must be appropriate, civil and tasteful, and accord with generally accepted standards of etiquette and behaviour on the internet.
10.5 You must not use our website to link to any website or web page consisting of or containing material that would, were it posted on our website, breach the provisions of these terms and conditions.
10.6 You must not submit to our website any material that is or has ever been the subject of any threatened or actual legal proceedings or other similar complaint.
11. Report abuse
11.1 If you learn of any unlawful material or activity on our website, or any material or activity that breaches these terms and conditions, please let us know.
11.2 You can let us know about any such material or activity by email or using our abuse reporting form.
12. Medical information
12.1 Our website contains general information about medical conditions and treatments. That information is not advice and should not be treated as such.
12.2 You must not rely on the information on our website as an alternative to medical advice from your doctor or other professional healthcare provider.
12.3 If you have any specific questions about any medical matter, you should consult your doctor or other professional healthcare provider.
12.4 If you think you may be suffering from any medical condition, you should seek immediate medical attention.
12.5 You should never delay seeking medical advice, disregard medical advice or discontinue medical treatment because of information on this website.
13. Limited warranties
13.1 We do not warrant or represent:
(a) the completeness or accuracy of the information published on our website;
(b) that the material on the website is up to date; or
(c) that the website or any service on the website will remain available.
13.2 We reserve the right to discontinue or alter any or all of our website services, and to stop publishing our website, at any time in our sole discretion without notice or explanation; and save to the extent expressly provided otherwise in these terms and conditions, you will not be entitled to any compensation or other payment upon the discontinuance or alteration of any website services, or if we stop publishing the website.
13.3 To the maximum extent permitted by applicable law and subject to Section 14.1, we exclude all representations and warranties relating to the subject matter of these terms and conditions, our website and the use of our website.
14. Limitations and exclusions of liability
14.1 Nothing in these terms and conditions will:
(a) limit or exclude any liability for death or personal injury resulting from negligence;
(b) limit or exclude any liability for fraud or fraudulent misrepresentation;
(c) limit any liabilities in any way that is not permitted under applicable law; or
(d) exclude any liabilities that may not be excluded under applicable law.
14.2 The limitations and exclusions of liability set out in this Section 14 and elsewhere in these terms and conditions:
(a) are subject to Section 14.1; and
(b) govern all liabilities arising under these terms and conditions or relating to the subject matter of these terms and conditions, including liabilities arising in contract, in tort (including negligence) and for breach of statutory duty, except to the extent expressly provided otherwise in these terms and conditions.
14.3 To the extent that our website and the information and services on our website are provided free of charge, we will not be liable for any loss or damage of any nature.
14.4 We will not be liable to you in respect of any losses arising out of any event or events beyond our reasonable control.
14.5 We will not be liable to you in respect of any business losses, including (without limitation) loss of or damage to profits, income, revenue, use, production, anticipated savings, business, contracts, commercial opportunities or goodwill.
14.6 We will not be liable to you in respect of any loss or corruption of any data, database or software.
14.7 We will not be liable to you in respect of any special, indirect or consequential loss or damage.
14.8 You accept that we have an interest in limiting the personal liability of our officers and employees and, having regard to that interest, you acknowledge that we are a limited liability entity; you agree that you will not bring any claim personally against our officers or employees in respect of any losses you suffer in connection with the website or these terms and conditions (this will not, of course, limit or exclude the liability of the limited liability entity itself for the acts and omissions of our officers and employees).
15. Indemnity
15.1 You hereby indemnify us, and undertake to keep us indemnified, against any and all losses, damages, costs, liabilities and expenses (including without limitation legal expenses and any amounts paid by us to a third party in settlement of a claim or dispute) incurred or suffered by us and arising directly or indirectly out of your use of our website or any breach by you of any provision of these terms and conditions.
16. Breaches of these terms and conditions
16.1 Without prejudice to our other rights under these terms and conditions, if you breach these terms and conditions in any way, or if we reasonably suspect that you have breached these terms and conditions in any way, we may:
(a) send you one or more formal warnings;
(b) temporarily suspend your access to our website;
(c) permanently prohibit you from accessing our website;
(d) block computers using your IP address from accessing our website;
(e) contact any or all of your internet service providers and request that they block your access to our website;
(f) commence legal action against you, whether for breach of contract or otherwise; and/or
(g) suspend or delete your account on our website.
16.2 Where we suspend or prohibit or block your access to our website or a part of our website, you must not take any action to circumvent such suspension or prohibition or blocking (including without limitation creating and/or using a different account).
17. Third party websites
17.1 Our website includes hyperlinks to other websites owned and operated by third parties; such hyperlinks are not recommendations.
17.2 We have no control over third party websites and their contents, and subject to Section 14.1 we accept no responsibility for them or for any loss or damage that may arise from your use of them.
18. Trade marks
18.1 Our name (Paul Strickland Scanner Centre), logos and our other registered and unregistered trade marks are trade marks belonging to us; we give no permission for the use of these trade marks, and such use may constitute an infringement of our rights.
18.2 The third party registered and unregistered trade marks or service marks on our website are the property of their respective owners and, unless stated otherwise in these terms and conditions, we do not endorse and are not affiliated with any of the holders of any such rights and as such we cannot grant any licence to exercise such rights.
19. Variation
19.1 We may revise these terms and conditions from time to time.
19.2 The revised terms and conditions shall apply to the use of our website from the date of publication of the revised terms and conditions on the website, and you hereby waive any right you may otherwise have to be notified of, or to consent to, revisions of these terms and conditions.
19.3 If you have given your express agreement to these terms and conditions, we will ask for your express agreement to any revision of these terms and conditions; and if you do not give your express agreement to the revised terms and conditions within such period as we may specify, we will disable or delete your account on the website, and you must stop using the website.
20. Assignment
20.1 You hereby agree that we may assign, transfer, sub-contract or otherwise deal with our rights and/or obligations under these terms and conditions.
20.2 You may not without our prior written consent assign, transfer, sub-contract or otherwise deal with any of your rights and/or obligations under these terms and conditions.
21. Severability
21.1 If a provision of these terms and conditions is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions will continue in effect.
21.2 If any unlawful and/or unenforceable provision of these terms and conditions would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect.
22. Third party rights
22.1 A contract under these terms and conditions is for our benefit and your benefit, and is not intended to benefit or be enforceable by any third party.
22.2 The exercise of the parties’ rights under a contract under these terms and conditions is not subject to the consent of any third party.
23. Entire agreement
23.1 Subject to Section 14.1, these terms and conditions, together with our privacy and cookies policy, shall constitute the entire agreement between you and us in relation to your use of our website and shall supersede all previous agreements between you and us in relation to your use of our website.
24. Law and jurisdiction
24.1 These terms and conditions shall be governed by and construed in accordance with English law.
24.2 Any disputes relating to these terms and conditions shall be subject to the exclusive jurisdiction of the courts of England.
25. Statutory and regulatory disclosures
25.1 We are a UK registered company and our address is Paul Strickland Scanner Centre, Rickmansworth Road, Northwood, Middlesex, HA6 2RN; you can find the online version of the register on the Companies House website. Our company registration number is 02033936.
25.2 We are registered as a charity in England and Wales (no. 298867). For full details see the Charity Commission website.
25.3 We are registered as a provider of diagnosis and screening services with the Care Quality Commission, the independent regulator of health and social care in England. For full details of our registration, see the Care Quality Commission website.
25.4 We are accredited with the Imaging Services Accreditation Scheme (ISAS), a patient-focussed assessment and accreditation programme that is designed to help diagnostic imaging services ensure that their patients consistently receive high quality services, delivered by competent staff working in safe environments. For details of our accreditation, see the UKAS website.
25.5 Our VAT number is GB 773677971.
26. Our details
26.1 This website is owned and operated by Paul Strickland Scanner Centre.
26.3 Our principal place of business is at Rickmansworth Road, Northwood, Middlesex, HA6 2RN.
26.4 You can contact us:
(a) by post, using the postal address given above;
(b) using our website contact form;
(c) by telephone, on the contact number published on our website from time to time.
B. PRIVACY AND COOKIES POLICY (non-medical)
This section sets out how we will use information we collect and store about you – both online and offline. It also covers our cookies policy (14 onwards). For information about how we manage information about your health record see the Confidentiality of your Health Records section.
1. Introduction
1.1 We are committed to safeguarding the privacy of our website visitors and service users; in this policy we explain how we will handle your personal data.
1.2 By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.
2. How we use your personal data
2.1 In this Section 2 we have set out:
(a) the general categories of personal data that we may process;
(b) in the case of personal data that we did not obtain directly from you, the source and specific categories of that data;
(c) the purposes for which we may process personal data; and
(d) the legal bases of the processing.
2.2 We may process data about your use of our website and services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, the website that brought you to us, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is legitimate interests, namely monitoring and improving our website and services.
2.3 We may process your personal data that are provided in the course of the use of our services (“service data”). The service data may include your name, address, telephone number and email address. You are the source of this service data. The service data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is our legitimate interests (namely the proper administration of our website and business) or the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
2.4 We may process information contained in any enquiry you submit to us regarding products and/or services (“enquiry data”). This data may also include your name, home and or postal address, email address and telephone number(s). The enquiry data may be processed for the purposes of offering, marketing and selling relevant products and/or services to you. In both cases. The legal basis for this processing is our legitimate interest (see 2.5.1 and 2.5.2 below).
2.5.1 Where you share information with us through enquiring about fundraising, making donations or supporting us as a charity, our legal basis is our legitimate interest to carry out direct marketing to interested individuals to seek funds to further our cause.
2.5.2. In the case of all other enquiries (for example enquiries about having a scan with us), our legal basis is performance of a contract between you and us and/or taking steps, at you request, to enter into such a contract.
2.6 We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (“notification data”). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is legitimate interest, namely processing and storing the information required to fulfil your request. Upon sign-up, we will also ask for other information about you, which we shall use to send you other material about our centre, as well as our fundraising (see 2.4).
2.7 We may process information contained in or relating to any communication that you send to us (“correspondence data”). The correspondence data may include the communication content and metadata (for example when your enquiry was submitted) associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
2.8 We may process any of your personal data identified in the other provisions of this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
2.9 In addition to the specific purposes for which we may process your personal data set out in this Section 2, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
2.10 Please do not supply any other person’s personal data to us.
3. Automated decision-making
3.1 We will not use your personal data in automated decision-making.
4.1 Providing your personal data to others
4.1 We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.
4.2 We may disclose your name and contact details to our suppliers or subcontractors insofar as reasonably necessary to meet our legitimate interests (namely the proper administration of our website and business) or the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
4.3 Where you provide us with financial details, we will only share these details with our payment services providers to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services providers’ privacy policies and practices on their websites.
4.4 In addition to the specific disclosures of personal data set out in this Section 4, we may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
5. International transfers of your personal data
5.1 In this Section 5, we provide information about the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA).
5.2 We have offices and facilities in the United Kingdom only. We may from time to time store your data on servers or other media situated elsewhere in the world. We are always careful to ensure that data is retained either within the European Union or in the facilities of companies covered by the EU-US Privacy Shield arrangement. Both of these will ensure that your data is protected to the standards applicable in the UK.
5.3 The hosting facilities for our website are situated in the UK.
5.4 When your data needs to be transferred to other parties for processing, we will do our utmost to ensure that the parties involved adhere to the same high standards of data protection that we adhere to ourselves.
5.5 You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
6. Retaining and deleting personal data
6.1 This Section 6 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
6.2 Personal data that we process for any purpose or purposes shall not be kept for longer than is reasonable for that purpose or those purposes.
6.3 We will retain and delete your personal data as follows:
(a) Up until 27 May 2018, supporter or donor data will be retained for 20 years from the date that you last made contact or donated to us, at the end of which period it will be deleted from our systems. The lengthy retention period is justified on the basis that the establishment of Paul Strickland Scanner Centre was a significant event for the local community and that it is not unusual for people to still support us from the days that the charity was established.
(b) From 28 May 2018 onwards, we will retain donor and supporter personal data for no longer than 7 years from the date that you last made contact with us, made a donation or consented to receiving information from us.
6.4 In some cases it is not possible for us to specify in advance the periods for which your personal data such as name, contact details, giving and involvement history will be retained. In such cases, we will determine the period of retention based on the legitimate interest of Paul Strickland Scanner Centre to raise money to fund our charitable services.
6.5 Notwithstanding the other provisions of this Section 6, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
7. Security of personal data
7.1 We will take appropriate technical and organisational precautions to secure your personal data and to prevent the loss, misuse or alteration of your personal data.
7.2 We will store all your personal data on secure servers, personal computers and mobile devices, and in secure manual record-keeping systems.
7.3 The following personal data will be stored by us in encrypted form on our website database: your name, contact information and enquiry.
7.4 Data relating to your enquiries and financial transactions that is sent from your web browser to our web server, or from our web server to your web browser, will be protected using encryption technology.
7.5 You acknowledge that the transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
8. Amendments
8.1 We may update this policy from time to time by publishing a new version on our website. We will endeavour to advertise these changes through our website.
8.2 You should check this page occasionally to ensure you are happy with any changes to this policy.
9. Your rights
9.1 In this Section 9, we have summarised the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
9.2 Your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
9.3 You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee. To access your personal data, email contact@stricklandscanner.org.uk in the first instance.
9.4 You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
9.5 In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
9.6 In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
9.7 You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
9.8 You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
9.9 You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
9.10 To the extent that the legal basis for our processing of your personal data is consent, and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
9.11 If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
9.12 To the extent that the legal basis for our processing of your personal information is consent our our legitimate interest to carry out direct marketing, you have the right to withdraw that consent at any time. All you need to do is email us at appeals@stricklandscanner.org.uk or ring us on 01923 886315 during office hours.
Withdrawal will not affect the lawfulness of processing before the withdrawal.
9.13 You may exercise any of your rights in relation to your personal data by written notice to us, in addition to the other methods specified in this Section 9.
10.Third party websites
10.1 Our website includes hyperlinks to, and details of, third party websites.
10.2 We have no control over, and are not responsible for, the privacy policies and practices of third parties.
11. Personal data of children
11.1 Our website and services are targeted at persons over the age of 18.
11.2 If we have reason to believe that we hold personal data of a person under that age in our databases, we will delete that personal data unless we have a record that permission was granted by their parent or guardian.
12. Updating information
12.1 Please let us know if the personal information that we hold about you needs to be corrected or updated.
13.1 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
13.2 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
13.3 Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies
14. Cookies that we use
14.1 We use cookies for the following purposes:
(a) authentication – we use cookies to identify you when you visit our website and as you navigate our website.
(b) status – we use cookies to help us to determine if you are logged into our website.
(c) security – we use cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally.
(d) personalisation – we use cookies to store information about your preferences and to personalise our website for you.
(e) advertising – we use cookies to help us to display advertisements that will be relevant to you. (f) analysis – we use cookies to help us to analyse the use and performance of our website and services.
(g) cookie consent – we use cookies to store your preferences in relation to the use of cookies more generally.
15.2 Our website uses the following cookies:
First party cookies
Stricklandscanner.org.uk: _ga
Stricklandscanner.org.uk: _gid
Stricklandscanner.org.uk: _gat
These cookies identify you when you visit our website and as you navigate, determine if you are logged in and are for security purposes.
Third-party cookies
Doubleclick.net: IDE This is a tracking cookie used by Google (see section on cookies used by our service providers below) to improve your online experience, including the display of more relevant ads. Find out more at https://www.google.com/policies/privacy/
Youtube.com: Visitor_info1_LIVE
Youtube.com: YSE: YouTube sets this cookie on pages on our website that feature YouTube videos.
Youtube.com: PREF: This cookie stores your preferences and other information, in particular preferred language, how many search results you wish to be shown on your page, and whether or not you wish to have Google’s SafeSearch filter turned on.
For more information on our third-party cookies, see section 16 (“Cookies used by our service providers”).
16. Cookies used by our service providers
16.1 Our service providers use cookies and those cookies may be stored on your computer when you visit our website.
16.2 We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://www.google.com/policies/privacy/.
16.2 To determine your interests, Google will track your behaviour on our website and on other websites across the web using cookies. This behaviour tracking allows Google to tailor the advertisements that you see on other websites to reflect your interests (although we do not ourselves publish interest-based advertisements on our website). You can view, delete or add interest categories associated with your browser by visiting: https://adssettings.google.com. You can also opt out of the AdSense partner network cookie using those settings or using the Network Advertising Initiative’s multi-cookie opt-out mechanism at: http://optout.networkadvertising.org. However, these opt-out mechanisms themselves use cookies, and if you clear the cookies from your browser your opt-out will not be maintained. To ensure that an opt-out is maintained in respect of a particular browser, you may wish to consider using the Google browser plug-ins available at: https://support.google.com/ads/answer/7395996. The relevant cookie is Doubleclick.net IDE.
16.3 We use YouTube to host and play videos on our website. You can view the privacy policy of this service provider at https://www.youtube.com/static?template=privacy_guidelines&gl=GB. The relevant cookies are Visitor_info1_LIVE, YSE and PREF.
17. Managing cookies
17.1 Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(b) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
(c) http://www.opera.com/help/tutorials/security/cookies/ (Opera);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
(f) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).
17.2 If you block cookies, you will not be able to use all the features on our website.
18. Cookie preferences
18.1 Find out how to manage your preferences relating to the use of cookies on our website by visiting allaboutcookies.org
19. Data protection registration
19.1 We are registered as a data controller with the UK Information Commissioner’s Office.
19.2 Our data protection registration number is Z5373677.
20. Data protection officer
20.1 Our data protection officer’s contact details are: The Data Protection Officer, Paul Strickland Scanner Centre, Rickmansworth Road, Northwood, Middlesex, HA6 2RN. You can email them at contact@stricklandscanner.org.uk
C. CONFIDENTIALITY OF YOUR HEALTH RECORDS
This information is intended for patients at Paul Strickland Scanner Centre. It explains why information is collected about you and how it may be used. It describes how we safeguard your information and what your rights are when it comes to your health records.
1. Why we collect your information
Health professionals caring for you keep records about your health, treatment and the care you receive from the National Health Service (NHS) or private practitioners.
They may be written down (manual records), or held on a computer (electronic records).
The records we keep may include:
• Basic details, such as your name, address, date of birth, NHS number and next of kin
• Contacts we or other healthcare organisations have had with you, such as visits for imaging procedures
• Details and records about the treatment and care you receive here
• Results of investigations, such as x-rays and laboratory tests
• Relevant information from other health professionals, relatives or those who care for you and know you well
• Medical images including those from other healthcare organisations involved in your care.
Records are kept to help ensure that:
• Healthcare is provided as efficiently, effectively and safely as possible
• Everyone involved in your care has accurate and up-to-date information to assess your needs and provide the right support, care and treatment
• Full information is available should you need to see another doctor or be referred to a specialist.
We also hold information to:
• Support the effective management of
Paul Strickland Scanner Centre
• Prepare statistics on performance to review and plan services
• Train and teach healthcare professionals
• Audit our accounts and services
• Conduct research and development, though you have to opt in to this valuable work
• Investigate complaints, legal claims or untoward incidents
• Enable us to comply with any legal obligations or court order.
2. Confidentiality and security
All our staff, or others who receive information from us, have a legal duty to keep information about you confidential and secure.
Our staff sign a confidentiality clause in their employment contract and receive training on Information Governance which includes confidentiality, sharing of patient information and security of records.
We follow the Department of Health’s Code of Practice on Confidentiality in the NHS. We are further guided by relevant East and North Hertfordshire NHS Trust policies.
We use up-to-date technology to safeguard your information, and keep rigorous security standards to prevent unauthorised access.
We monitor our procedures to ensure we are adhering to best-practice guidelines.
You will usually have been referred to Paul Strickland Scanner Centre by staff from a GP practice, NHS hospital, or an independent provider.
We will need to share some information about you and your imaging examinations with your referring doctor and/or other medical institutions so we can all work together for your benefit.
We will only use or pass on information about you if others involved in your care have a genuine need for it, in order to support your ongoing or future direct healthcare, unless you consent to research and/or training use.
Typically, information about you will be shared electronically, by internal/external post, and/or verbally between healthcare staff (for example in meetings during which the treatment plans of individual patients are discussed).
There are strict rules describing how information can be shared with partner organisations. When we pass on or receive any information we will ensure it is kept confidential and secure. Our partners include Clinical Commissioning Groups, NHS hospital trusts, GPs, and independent healthcare providers.
You have the right to choose whether or not to let us share information given in confidence, but will need to understand how refusal might affect the ability of your medical team to care for you. If you have any concerns you should speak to the health professionals responsible for your care (for example, your doctor or the radiographer carrying out your scan).
We won’t use any information that could identify you for education or research purposes without your consent. All research is approved by the local research ethics committee and you will be asked if you wish to be involved. Patient information for education, research, service planning, quality improvement, complaints, incident reporting and audit is normally anonymised to prevent identification.
PSSC is fully compliant with the National Data Opt-out.
There are legal exceptions, such as during a public health emergency or when we need to notify the police.
3. How to get access
In addition to being told how your your data is processed, data protection regulations allow you to find out what information about you (including your health) is held on computer systems and in certain manual records. If you want to see them you should make a request to Paul Strickland Scanner Centre.
You also have the right to have incorrect information rectified, erased (in specific circumstances), block or suppress processing of personal data (although this may have repercussions for your care), obtain your data so you can personally take it somewhere else (“data portability”) and to object to your data being processed for purposes not relating to your care with us.
For more comprehensive records, you should contact the health bodies who have referred you to us. Contact the medical records department at the NHS Hospital Trust or private hospital where you are being treated.
Paul Strickland Scanner Centre will do anything it can reasonably do to help facilitate this process if required. Be aware that in certain circumstances your right to see some details in your health records may be limited in your own interest or for other reasons.
Have your say
We actively seek feedback and service user involvement.
If you have any comments (or complaints) about this section or how we use information about you (or would like to get involved in shaping this part of our work), contact us and ask a member of our reception staff to speak to our Information Governance lead.
More information
To find out more about how the NHS uses your information and keeps it secure, see the NHS code of Practice on Confidentiality.
You can also contact the Society of Radiographers and ask about guidance for patients on access to health records by diagnostic staff.
Last reviewed June 2023. Next review due June 2026.
D. Paul Strickland Scanner Centre Remote Image Viewing Service Terms and Conditions
1. Scope of these Terms & Conditions
These Terms & Conditions apply specifically to the remote image viewing service (“this service”) offered by Paul Strickland Scanner Centre (PSSC) and set out PSSC’s commitment and the responsibilities that are placed upon users.
They should be read in conjunction with the standard Terms & Conditions of the service provider (“Cimar”) which will be presented to the user when they first log on.
These Terms & Conditions may change periodically. While PSSC will use its best efforts to notify all users of significant changes, including through website updates, it is the user’s sole responsibility to check the Terms & Conditions periodically and to raise any concerns they may have.
2. Purpose of the Service
The primary purpose of the service is to provide healthcare professionals and others with a means of reviewing images of scans performed at PSSC and the accompanying clinical reports. To this end, PSSC is providing a cloud-based, zero-footprint viewer. This means that access to those images is independent of location and, to as great a degree as possible, independent of the type of device used.
While the service can provide diagnostic-quality images and supports a variety of tools for image manipulation, the primary purpose of the service is not diagnosis or reporting and PSSC currently neither recommends nor specifically supports such use.
3. Image Availability
Images must be uploaded to the cloud service before they can be viewed by users. Users will not have access to all images currently held by PSSC, in its Picture Archiving and Communication System (PACS) or elsewhere.
Emphasis is currently placed upon uploading new scans; without making any undertaking at this stage, PSSC will consider during the project whether to also release prior images on a routine basis or on an as-requested basis. Images imported from third-party institutions will not be uploaded. PSSC will use its best efforts to notify users of changes to these policies, including through website updates.
Ordinarily, PSSC does not release images without the authorised clinical report having been attached.
4. Access Control and Data Security
PSSC takes data security very seriously. In the case of patient data, as here, there are additional considerations to be taken into account relating specifically to confidentiality.
There is a balancing act to be managed between sharing a patient’s medical information to support their care against the need to minimise unnecessary circulation of such information where it is not truly required. In case of doubt, we will always come down on the side of patient confidentiality.
All uploads of data to this service are made through secured connections using on-the-fly encryption and appropriate access restrictions are applied to all images before they are made available outside of PSSC.
Prospective users must apply for login credentials before being given access. PSSC reserves the right to refuse access to any applicant without giving any reason for doing so.
Login credentials will only be given to applicants with a reasonable requirement for access; accredited users will be able to access only those images which are specifically relevant to them.
Users must not under any circumstances share their ID or password with anyone else. Users must not under any circumstances leave unattended any unauthorised person with access to this service.
PSSC reserves the right to rescind access for any user without warning should these Terms and Conditions appear to have been breached.
5. User Responsibility
While PSSC takes responsibility for the security of data uploaded to and held on the system, it cannot control what users do with the access rights that they are given.
Users have the ability to share images with others and to download images to their own or others’ systems at will. Both of these facilities are deemed important to support healthcare professionals in making the maximum use of the system to the benefit of the patients in their care.
While PSSC will stand behind the authorised report released with the images, users should note that users take full responsibility and bear full liability for any activities carried out with the images made available on the system including but not limited to:
sharing images with others;
downloading images; and
attempting to carry out further diagnosis.
Users must make sure that they consider their responsibilities under data-protection legislation, including but not limited to the Data Protection Act 2018, and that they have appropriate equipment to properly support their activities. Users should have consideration for the data-security policies of their own employer(s), best practice as relates to encryption of portable media, and the requirements of non-statutory or quasi-statutory regulations such as the Caldicott Principles. Users must also ensure that equipment used with this system, including the quality and resolution of screens on which images are viewed, are appropriate for the purpose to which they are being used.
6. General Data Protection Regulation (GDPR) Statement: System Users
A minimum of identifying information is held by PSSC on all applicants for the system, including email addresses and mobile phone numbers. We use this information to identify, verify and contact the applicant.
This is initially collected via the application form on the PSSC website. It is stored for one month on the website and then purged automatically. It is also emailed to the administrators of this service and will be held by PSSC until:
I. this service as a whole is withdrawn
II. The applicant requests that their access be revoked; or
III. PSSC revokes their user credentials.
Users of this service may request that their details be deleted but PSSC will then be unable to offer this service to them since we need to be able to contact them, apply appropriate security, and track their use.
Use of the system is automatically tracked and stored by this service. PSSC may, from time to time, extract and analyse this audit data to better tailor the system to user requirements and to monitor for possible abuse.
PSSC will not release this data to third parties unless compelled to do so by an overriding legal obligation and will never sell this data.
7. General Data Protection Regulation (GDPR) Patient Data
This service necessarily relies upon sharing patient identifiable data, via the cloud-hosting service, to properly accredited users. This will include a minimum of demographic data, along with the scan images and clinical report.
PSSC does not share more data than is required to support positive identification of the patient and support distributed patient care.
Patients have an absolute right to refuse to allow their images and/or reports to be shared via this service or to withdraw permission even once the images have been shared. Patients are made aware of these rights at various points in the patient pathway. PSSC will act as quickly as reasonable to uphold such restrictions once expressed by any patient.
Users must be aware of these patient rights and how they may apply to downloaded and/or shared studies.
E. PROFILING
As with many other charities, we may conduct research and use profiling techniques in order to use our resources effectively and make our fundraising more relevant to our supporters. Profiling helps us to engage with existing and potential high value donors and identify people that could have an interest in our cause and the work that we do. It enables us to understand our supporters better and helps us to make appropriate fundraising requests to people who may be able and willing to make a gift to the Paul Strickland Scanner Centre. Most importantly, it helps us to raise funds in a more cost-effective way, thus enabling us to support more people through our services.
Research and profiles may include information that you have given to us through previous interactions, such as geographic or demographic data. When conducting research, we may use additional information from credible third party sources in the public domain. This information is compiled using publicly available data about you, such as news archives, Companies House, listed directorships, social networks such as LinkedIn and biographies published on company websites. We do not seek consent to conduct research, but rely on legitimate interest as our lawful basis for processing. The legitimate interest in conducting research and writing profiles using publicly available information is to increase our understanding of our supporters and prospective supporters in order to make our fundraising requests, and the information we share, more relevant to them and their interests. This is done so that we can increase donations to our charity and further our cause. We believe that having more funds to deliver our services is in everybody’s interests. If we do conduct research on you, we will notify you at the first available opportunity by providing you our privacy notice when we first make contact, or within 30 days, whichever is sooner. This could be done via letter, a hyperlink to our privacy notice on email signatures and via our website’s URL on written communications. If no contact is made, or if following contact with an individual we do not receive a response [either verbally or in writing], we will stop processing the data and delete the information from our records within 30 days.
You can opt out of any of the ways we process your data as described above. All you need to do is email us at appeals@stricklandscanner.org.uk or ring us on 01923 886315 during office hours.
