For our website Terms of Service statement please click here.
This privacy statement covers:
- Privacy contact information
- Who we are
- Collection of personal data
- Technical information
- How information is kept safe
- Who the data is shared with
- How long information is kept for
- Your rights
- How to request a copy of your data
- Staff consent form
- Websites we own
Privacy Contact Information
Castle Craig Hospital
We reserve the right to update this policy from time to time so it is in keeping with the latest guidelines and relevant to our website users. Any significant changes to this policy will be posted in our blog.
We take data security and confidentiality extremely seriously and all communications and replies are issued as soon as possible.
We may update this notice from time to time.
Collection of Personal Data
Castle Craig Hospital Ltd is the data controller for the information collected on this and other websites. This means that Castle Craig determines what information is collected, how this data will be used and how it is protected. We are fully committed to fulfilling our obligations to website users about their privacy and their rights.
Our registered address is:
Castle Craig Hospital
If you have any concerns about your data protection rights please contact email@example.com
We will collect data about you for the purposes of making your browsing a better experience, provide you with information you have requested, in your communication with us either on the phone or by email.
This includes information that was obtained directly from you, either via our website or in communications, but may also include from time to time information that was collected about you- for example, from your family or friends who contact us.
We collect this information on the basis of either legitimate interest, where castle-health.co.uk requires the information to provide its service and which isn’t outweighed by your right to privacy; for a lawful basis where castle-health.co.uk is required to collect your data; where consent is required to process the information; or where it is necessary for the public good.
When you get in contact with us, the information that is collected about you may include:
- Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses
- Date of birth
- Marital status and dependants
- Next of kin and emergency contact information
- Communication between Castle Health and you
- Financial information for payment purposes
In addition, and in order to ensure that each visitor to any of our websites can use and navigate the site effectively, we collect the following:
- Technical information, including the Internet Protocol (IP) address used to connect your device to the Internet;
- Your login information, browser type and version, time zone setting, browser plug-in types and versions;
- Operating system and platform;
Information about your visit, including the Uniform Resource Locators (URL) clickstream to, through, and from our site.
How Information is Kept Safe
Information is retained in secure electronic and paper records and access is restricted to only those who need to know.
We also anonymise or pseudonymise your information where appropriate to protect your identity.
All of our staff are subject to strict confidentiality policies.
Who the Data is Shared with
Your data is kept within Castle Craig Hospital Ltd unless it is necessary to share with third parties.
We transfer your data to other companies for the purpose of the normal management of the business, to cloud-based hosting providers. Where this is the case, safeguards are put in place to secure your data- including ensuring that the host provider’s security is acceptable and contractual obligations for providers to comply with the GDPR.
We may share data with third parties where Castle Health has a legal obligation to do so.
We may share your data with other people that you request we share it with, for example, family or friends. We may share your data with other bodies, for example, social care or educational services- where we do, will gain your consent unless we are legally required to share the information.
You have a right to revoke your consent to sharing data where your consent is necessary, and we will explain the consequences of this when you do.
Under certain circumstances, your data may be transferred outside of the UK to other EEA countries, or to countries outside of the EEA. Where this is the case, Castle Health ensures the security of your data with strict safeguards including contractual obligations for third parties outside of the EEA to comply with GDPR requirements and encryption of data.
How Long is Information Kept
Your information will be kept for different lengths of time, but in all cases, for no longer than is necessary.
Where you give us information but do not enter treatment, this information will be deleted after being held for six months. Where you, or the person on whose behalf you were ringing, does come into treatment, your communications with us will be held for six years following discharge to comply with the statute of limitations. Where you give us financial information for the payment of treatment, this will be kept for the legal requirement of 7 years.
Under the GDPR, you have a number of rights regarding your personal data. These are:
- The right to be informed of data that is processed about you;
- The right to request access to your data, to be provided within 30 days of the request or 2 months for complex cases at no cost except under certain circumstances;
- The right to rectify information held, to be corrected within 30 days of the request or 2 months for complex cases;
- The right to erasure- where appropriate, your data can be deleted at your request. This will apply only where the Company recording the information is no longer necessary or they do not have an overriding legitimate interest to do so;
- The right to restrict processing- under certain narrow circumstances, you will have the right to restrict the Company from processing the data
- The right to data portability- under certain circumstances you can request to copy or transfer your information from one IT environment to another
- The right to object to processing- under certain circumstances you can object to the processing of the data and the Company must halt processing unless it can demonstrate an overriding legitimate interest.
Request a copy of your data
You should complete this Subject Access Request form if you want us to supply you with a copy of any personal data we hold about you.
You have the right to lodge a complaint to Castle Health via Castle Craig Hospital regarding any rights you have under the GDPR. Please contact Senior Governance Administrator Lucy Haden at firstname.lastname@example.org.
You have the right to lodge a complaint to the Information Commissioner’s Officer if you believe the Company has not complied with the GDPR. Contact at:
Information Commissioner’s Office
Telephone: 0303 123 1113
Via email here: https://ico.org.uk/global/contact-us/email/
Or the Scottish office here:
The Information Commissioner’s Office – Scotland
45 Melville Street
Telephone: 0303 123 1115
Via email here: Scotland@ico.org.uk
Staff Consent Form
Subject Access Request Form
To download the subject access request form, please click or tap on the thumbnail below.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.
Your consent applies to the following domains: castle-health.co.uk
What are cookies ?
Cookies are small text files that are placed on your computer by websites you visit. They are used to store small pieces of information. The cookies are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make the website more secure, provide better user experience, and understand how the website performs and to analyse what works and where it needs improvement. This helps us to develop the user experience.
The third-party cookies used on our websites are used mainly for understanding how the website performs. We use a third-party service, Google Analytics, to collect browsing information and details of visitor trends. We do this to understand behaviour and interaction with our website, such as the number of visitors to the various pages on the site and which pages viewed. This information helps us to build a picture of what users are looking for and provide a better and improved user experience and help speed up your future interactions with the website. The information is processed in a way which does not identify any individual.
No personal identifiable data is collected, the information collated by Castle Health relates to browsing activity across this website only.
Overview of cookie types
Essential: Some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and prevent any security threats. They do not collect or store any personal information. For example, these cookies allow you to log-in to your account and add products to a shopping basket and checkout securely.
Statistics: These cookies store information like the number of visitors to the website, the number of unique visitors, which pages of the website have been visited, the source of the visit etc. These data help us understand and analyse how well the website performs and where it needs improvement.
Marketing: These cookies are used to personalise the advertisements that we show to you so that they are meaningful to you. These cookies also help us keep track of the efficiency of these ad campaigns.
The information stored in these cookies may also be used by the third-party ad providers to show you ads on other websites on the browser as well.
Functional: These are the cookies that help certain non-essential functionalities on our website. These functionalities include embedding content like videos or sharing contents on the website on social media platforms.
Preferences: These cookies help us store your settings and browsing preferences like language preferences so that you have a better and efficient experience on future visits to the website.
What types of cookies do we use?
The table below explains the performance tracking cookies we collect and the information they store.
These cookies are used to collect browsing information on visitor trends to show us how visitors use our website. Castle Health uses the information to compile reports and to help us improve the site and identify pages that are not serving their purpose. The cookies collect information in an anonymous form, including the number of visitors to the site, how visitors have landed on the site and the pages they viewed.
|Read Google’s overview of data privacy|
These cookies enable the display of a phone number through ResponseTap call tracking software. This provides a better understanding of website performance and improves customer experience.
How can I control the cookie preferences?
You can change the settings on your browser to prevent cookies being stored on your computer or mobile device without your explicit consent. For information on manage cookies on popular web browsers, visit the browser developer’s website, where the ‘help’ section will normally provide details on how to manage the cookie settings.
Popular web browser cookie settings:
In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more out more on how to manage and delete cookies, visit wikipedia.org, www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites, visit https://tools.google.com/dlpage/gaoptout.
Terms of Service
The brand Castle Health is owned by Castle Craig Hospital Ltd and ‘us’ or ‘we’ refers to the owner of the website whose office is West Linton, Peeblesshire Scotland EH46 7DH. The term ‘you’ refers to the user or viewer of our website.
- The content of the pages of this website is for your general information and use only. It is subject to change without notice.
- Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
- Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
- This website contains material and intellectual property such as written content and images which are owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
- All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.
- Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
From time to time, this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
- We reserve the right to remove any content or comments at any time.
- Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Northern Ireland, Scotland and Wales.