Privacy Policy

Thank you for visiting our website. This privacy policy tells you how we use personal information collected on https://castle-health.co.uk Please read this privacy policy before using the site or submitting any personal information.

For our website Terms of Service statement please click here

By using the site, you are accepting the practices described in this privacy policy. These practices may be changed, but any changes will be posted and changes will only apply to activities and information on a going forward, not retroactive basis. You are encouraged to review the privacy policy whenever you visit the site to make sure that you understand how any personal information you provide will be used.

This privacy statement covers:

  • Privacy contact information
  • Website and communication privacy policy
  • Who we are
  • Collection of personal data
  • Technical information
  • How information is kept safe
  • Who the data is shared with
  • How long information is kept for
  • Your rights
  • How to request a copy of your data
  • Complaints
  • Cookie Policy
  • Staff consent form
  • Websites we own

Privacy Contact Information

If you have any questions, concerns or comments about our privacy policy, or would like to report a possible data breach, please contact Lucy Haden, Senior Governance Administrator for Castle Craig at l.haden@castlecraig.co.uk or in writing at:

Castle Craig Hospital

West Linton

Peeblesshire

Scotland

EH46 7DH

We reserve the right to update this policy from time to time so it is in keeping with the latest guidelines and relevant to our website users. Any significant changes to this policy will be posted in our blog.

We take data security and confidentiality extremely seriously and all communications and replies are issued as soon as possible.

Website and Communication Privacy Policy

The security of your data is important to us. This privacy policy explains how we collect your data, what we do with it, and your rights regarding the data.

We may update this notice from time to time.

Collection of Personal Data

Castle Craig Hospital Ltd is the data controller for the information collected on this and other websites. This means that Castle Craig determines what information is collected, how this data will be used and how it is protected. We are fully committed to fulfilling our obligations to website users about their privacy and their rights.

Our registered address is:

Castle Craig Hospital

Blyth Bridge

West Linton

EH46 7DH

If you have any concerns about your data protection rights please contact l.haden@castlecraig.co.uk

We will collect data about you for the purposes of making your browsing a better experience, provide you with information you have requested, in your communication with us either on the phone or by email.

This includes information that was obtained directly from you, either via our website or in communications, but may also include from time to time information that was collected about you- for example, from your family or friends who contact us.

We collect this information on the basis of either legitimate interest, where castle-health.co.uk requires the information to provide its service and which isn’t outweighed by your right to privacy; for a lawful basis where castle-health.co.uk is required to collect your data; where consent is required to process the information; or where it is necessary for the public good.

When you get in contact with us, the information that is collected about you may include:

  • Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses
  • Date of birth
  • Gender
  • Marital status and dependants
  • Next of kin and emergency contact information
  • Communication between Castle Health and you
  • Financial information for payment purposes

Technical information

In addition, and in order to ensure that each visitor to any of our websites can use and navigate the site effectively, we collect the following:

  • Technical information, including the Internet Protocol (IP) address used to connect your device to the Internet;
  • Your login information, browser type and version, time zone setting, browser plug-in types and versions;
  • Operating system and platform;

Information about your visit, including the Uniform Resource Locators (URL) clickstream to, through, and from our site.

How Information is Kept Safe

Information is retained in secure electronic and paper records and access is restricted to only those who need to know.

We also anonymise or pseudonymise your information where appropriate to protect your identity.

All of our staff are subject to strict confidentiality policies.

Who the Data is Shared with

Your data is kept within Castle Craig Hospital Ltd unless it is necessary to share with third parties.

We transfer your data to other companies for the purpose of the normal management of the business, to cloud-based hosting providers. Where this is the case, safeguards are put in place to secure your data- including ensuring that the host provider’s security is acceptable and contractual obligations for providers to comply with the GDPR.

We may share data with third parties where Castle Health has a legal obligation to do so.

We may share your data with other people that you request we share it with, for example, family or friends. We may share your data with other bodies, for example, social care or educational services- where we do, will gain your consent unless we are legally required to share the information.

You have a right to revoke your consent to sharing data where your consent is necessary, and we will explain the consequences of this when you do.

Under certain circumstances, your data may be transferred outside of the UK to other EEA countries, or to countries outside of the EEA. Where this is the case, Castle Health ensures the security of your data with strict safeguards including contractual obligations for third parties outside of the EEA to comply with GDPR requirements and encryption of data.

How Long is Information Kept

Your information will be kept for different lengths of time, but in all cases, for no longer than is necessary.

Where you give us information but do not enter treatment, this information will be deleted after being held for six months. Where you, or the person on whose behalf you were ringing, does come into treatment, your communications with us will be held for six years following discharge to comply with the statute of limitations. Where you give us financial information for the payment of treatment, this will be kept for the legal requirement of 7 years.

Where you, or the person on whose behalf you were ringing, does come into treatment an updated privacy policy will be sent to the patient at that time.

Your Rights

Under the GDPR, you have a number of rights regarding your personal data. These are:

  1. The right to be informed of data that is processed about you;
  2. The right to request access to your data, to be provided within 30 days of the request or 2 months for complex cases at no cost except under certain circumstances;
  3. The right to rectify information held, to be corrected within 30 days of the request or 2 months for complex cases;
  4. The right to erasure- where appropriate, your data can be deleted at your request. This will apply only where the Company recording the information is no longer necessary or they do not have an overriding legitimate interest to do so;
  5. The right to restrict processing- under certain narrow circumstances, you will have the right to restrict the Company from processing the data
  6. The right to data portability- under certain circumstances you can request to copy or transfer your information from one IT environment to another
  7. The right to object to processing- under certain circumstances you can object to the processing of the data and the Company must halt processing unless it can demonstrate an overriding legitimate interest.

Request a copy of your data

You should complete this Subject Access Request form if you want us to supply you with a copy of any personal data we hold about you.

Complaints

You have the right to lodge a complaint to Castle Health via Castle Craig Hospital regarding any rights you have under the GDPR. Please contact Senior Governance Administrator Lucy Haden at l.haden@castlecraig.co.uk.

You have the right to lodge a complaint to the Information Commissioner’s Officer if you believe the Company has not complied with the GDPR. Contact at:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Telephone: 0303 123 1113

Via email here: https://ico.org.uk/global/contact-us/email/

Or the Scottish office here:

The Information Commissioner’s Office – Scotland

45 Melville Street

Edinburgh

EH3 7HL

Telephone: 0303 123 1115

Via email here: Scotland@ico.org.uk

Cookie Policy

For Castle Craig’s separate Cookie Policy please follow this link.

Staff Consent Form

Staff Consent Form in Accordance with the GDPR 2018

Subject Access Request Form

To download the subject access request form, please click or tap on the thumbnail below.

  

 

Cookie Policy

About this cookie policy

This website uses cookies to improve its functionality and to monitor site performance. This Cookie Policy explains what cookies are and how we use them. You should read this policy to understand what cookies are, how we use them, the types of cookies we use i.e, the information we collect using cookies and how that information is used and how to control the cookie preferences. For further information on how we use, store and keep your personal data secure, see our Privacy Policy.

You can at any time change or withdraw your consent from the Cookie Declaration on our website.

Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy.

Your consent applies to the following domains: castle-health.co.uk 

What are cookies ?

Cookies are small text files that are placed on your computer by websites you visit. They are used to store small pieces of information. The cookies are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make the website more secure, provide better user experience, and understand how the website performs and to analyse what works and where it needs improvement. This helps us to develop the user experience.

How do we use cookies ?

As most online services, our website uses cookies first-party and third-party cookies for a number of purposes. The first-party cookies are mostly necessary for the website to function the right way, and they do not collect any of your personally identifiable data.

The third-party cookies used on our websites are used mainly for understanding how the website performs. We use a third-party service, Google Analytics, to collect browsing information and details of visitor trends. We do this to understand behaviour and interaction with our website, such as the number of visitors to the various pages on the site and which pages viewed. This information helps us to build a picture of what users are looking for and provide a better and improved user experience and help speed up your future interactions with the website. The information is processed in a way which does not identify any individual.

No personal identifiable data is collected, the information collated by Castle Health relates to browsing activity across this website only.

Overview of cookie types

Essential: Some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and prevent any security threats. They do not collect or store any personal information. For example, these cookies allow you to log-in to your account and add products to a shopping basket and checkout securely.

Statistics: These cookies store information like the number of visitors to the website, the number of unique visitors, which pages of the website have been visited, the source of the visit etc. These data help us understand and analyse how well the website performs and where it needs improvement.

Marketing: These cookies are used to personalise the advertisements that we show to you so that they are meaningful to you. These cookies also help us keep track of the efficiency of these ad campaigns.

The information stored in these cookies may also be used by the third-party ad providers to show you ads on other websites on the browser as well.

Functional: These are the cookies that help certain non-essential functionalities on our website. These functionalities include embedding content like videos or sharing contents on the website on social media platforms.

Preferences: These cookies help us store your settings and browsing preferences like language preferences so that you have a better and efficient experience on future visits to the website.

What types of cookies do we use?

The table below explains the performance tracking cookies we collect and the information they store.

Cookie Function Read More
Google Analytics

_ga

_gid

_gac_UA-2681766-10

_gac_UA-2681766-6 

 

These cookies are used to collect browsing information on visitor trends to show us how visitors use our website. Castle Health uses the information to compile reports and to help us improve the site and identify pages that are not serving their purpose. The cookies collect information in an anonymous form, including the number of visitors to the site, how visitors have landed on the site and the pages they viewed.

Read Google’s overview of data privacy
ResponseTap

JESSIONID

 

These cookies enable the display of a phone number through ResponseTap call tracking software. This provides a better understanding of website performance and improves customer experience.

See ResponseTap’s cookie policy

 How can I control the cookie preferences?

You can change the settings on your browser to prevent cookies being stored on your computer or mobile device without your explicit consent. For information on manage cookies on popular web browsers, visit the browser developer’s website, where the ‘help’ section will normally provide details on how to manage the cookie settings.

Popular web browser cookie settings:

In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more out more on how to manage and delete cookies, visit wikipedia.org, www.allaboutcookies.org.

To opt out of being tracked by Google Analytics across all websites, visit https://tools.google.com/dlpage/gaoptout.

Terms of Service

If you continue to browse and use this website, you are agreeing to comply with and be bound by the following terms and conditions of use, which together with our privacy policy govern Castle Health’s relationship with you in relation to this website. If you disagree with any part of these terms and conditions, please do not use our website.

The brand Castle Health is owned by Castle Craig Hospital Ltd and ‘us’ or ‘we’ refers to the owner of the website whose office is West Linton, Peeblesshire Scotland EH46 7DH. The term ‘you’ refers to the user or viewer of our website.

The use of this website is subject to the following terms of use:

  • The content of the pages of this website is for your general information and use only. It is subject to change without notice.
  • Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
  • Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
  • This website contains material and intellectual property such as written content and images which are owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
  • All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.
  • Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
    From time to time, this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
  • We reserve the right to remove any content or comments at any time.
  • Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Northern Ireland, Scotland and Wales.