When we refer to ‘we’, ‘us’ and ‘our’, we mean Yino Service Limited. We are registered in England and Wales under company numbers 11708234.
When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual. We may hold and use personal data about you as a customer, employee or in any other capacity. Depending on what services you receive from us this may include sensitive personal data such as information relating to your health.
We may collect personal data about you if you:
Please note in the interests of training and continually improving our services, calls to us may be monitored or recorded.
To process your information in accordance with the data protection laws, we must establish a lawful basis for doing so which must be at least one of the following:
Sensitive personal data related to your health will only be disclosed to those involved with your treatment or care, or in accordance with data protection laws and guidelines of professional bodies. We will only use your sensitive personal data for the purposes for which you have given it to us and where we have a lawful basis under the data protection laws to do so.
We have appropriate organisational and technical security measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent personal data being lost, destroyed or damaged. We continually audit our information systems to make sure that the ongoing security is robust.
Any personal data you provide will be held for as long as is necessary having regard to the purpose for which it was collected and in accordance with all applicable data protection laws and/or appropriate guidance.
All personal data you provide to us is stored securely. Any payment transactions on our website will be processed securely by third party payment processors. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our website and information systems, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.
The transmission of information via the internet cannot be guaranteed as completely secure. However, we ensure that any information transferred to our websites is via an encrypted connection. Once we have received your information, we will use strict procedures and security features for prevention of unauthorised access.
At your request, we may occasionally transfer personal information to you via email, or you may choose to transfer information to us via email. Email is not a secure method of information transmission; if you choose to send or receive such information via email, you do so at your own risk.
We may disclose your personal data (to the extent necessary) to certain third party organisations used to support the delivery of our services during our usual course of business. These may include the following:
Where a third party data processor is used, we make sure that they operate under contractual restrictions with regard to confidentiality and security, in addition to their obligations under data protection laws.
We may also disclose your personal data to third parties in the event that we sell or buy any business or assets or where we are required by law to do so.
Your GP: If the clinician providing your care believes it to be clinically advisable, we may also share information about your care with your GP. If your GP requests information regarding your care or copies of any relevant records, then we may also share this information with them. You can ask us not to do this, in which case we will respect that request if we are legally permitted to do so, but you should be aware that it can be potentially very dangerous and/or detrimental to your health to deny your GP full information about your medical history, and we strongly advise against it.
Your Insurer: We share with your medical insurer information about your treatment, its clinical necessity and its cost, only if they are paying for all or part of your treatment with our clinical professionals. We provide only the information to which they are entitled. If you raise a complaint or a claim, we may be required to share personal data with your medical insurer for the purposes of investigating any complaint/claim.
Healthcare and Clinical regulators: We may be requested – and in some cases can be required – to share certain information (including personal data and sensitive personal data) about you and your care with healthcare and clinical regulators such as the General Medical Council, the Health and Care Professions Council or the Care Quality Commission. For example, if you make a complaint, or the conduct of a clinician involved in your treatment is alleged to have fallen below the appropriate standards and the regulator wishes to conduct an investigation. We will ensure that we do so within the framework of the law and with due respect for your privacy.
In an emergency and if you are incapacitated, we may also process your personal data (including sensitive personal data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (i.e. your life or your health).
You have the following rights in relation to your personal data
Please note: Your rights are not absolute: they do not always apply in all cases and we will let you know in our correspondence with you how and whether we will be able to comply with your request
If you want to exercise your rights in respect of your personal data, the best way to do so is to contact us by email at [email protected] or to write to us for the attention of the data protection officer at the address below. In order to protect your privacy, we may ask you to prove your identity before we take any steps in response to such a request.
If you are not satisfied with how we handle your request, you can contact the Information Commissioner’s Office on 0303 123 1113 or visit their website (http://www.ico.org.uk).