This Privacy policy (“Notice”) is issued by Axis Care Group Limited (“Axis”, “we”, “us” or “our”), with a registered address at 41 Scott Street, Leigh England, WN7 5AL. Axis is a healthcare organization that provides you and organizations like the NHS with access to permanent or temporary healthcare professionals.
We take matters of privacy and personal information seriously and our Notice describes how the Personal Information you provide to us through our website, will be collected and processed in connection with our services. Persons visiting our website or using our services are individually, and collectively referred to as “You,” “Your,” or “Yours.”
This Notice is for:
- Visitors to our website
- Our clients: Anyone who is registered with us or who buys, uses, or contacts us about our products and services
- Patients of our healthcare professionals who accesses their services through us
- People who collaborate with us, such as intermediaries or suppliers (but not our employees or healthcare professionals)
Our website is not intended for children, and we do not knowingly collect information relating to children through our website.
We confirm that we will keep your information secure and that we will comply fully with all applicable UK Data Protection laws and regulations. Carefully read and learn about the steps we take to secure and protect such information and what we do with/what happens to your personal data. We are committed to implementing policies and procedures designed to provide for privacy and security and deliver the best possible services and online experience. To that end, we want you to understand what kinds of information we gather about you, how this information, particularly Personal Information (defined below), is used and safeguarded, and how you can control its use.
By visiting https://axiscaregroup.co.uk/ (our website) or registering and using our services, you are accepting and consenting to the practices described in this Notice. For the purposes of the website, and our services, we are the data controller of your Personal Information.
Article 1: Types of Information We May Collect and How We Collect Them:
Information You Provide To Us: Information collected from you will vary, depending on how you access, visit, use or otherwise take advantage of the website, and what information you may choose to provide to us (whether through email or otherwise). It may be possible to browse various sections of the website without submitting any Personal Information. “Personal Information” means individually identifiable information about you that we collect online through the website or otherwise, which include, but is not limited to:
- Identity Data: Your full name, a username, password and biodata;
- Contact data such as your email address, phone number, and physical address;
- Transaction and Sensitive data: Details of the services we have provided to you, or are providing to you, and this includes sensitive information such as your medical/health records, insurance, etc.;
- Financial data: Your financial information, online transactions, and your credit or debit card information.
Information in a form that is aggregated with other information, anonymized, or otherwise processed so as not to be reasonably identifiable with you, and information in a form that otherwise is detached, combined, organized, segmented, modified or processed so as not to be reasonably capable of being associated with you, will not be considered Personal Information, and will not be restricted by this Notice as to use, sharing or otherwise. If you access, visit, use or otherwise take advantage of our services, or certain functions on our website, we may receive data about you or you may be asked to provide Personal Information. In some cases, in relation to our services, you may also be requested to provide additional information. Whenever we ask for Personal Information, you may consult this Notice to help you understand how Personal Information will be used before you make a decision to disclose it. You can choose not to provide us with Personal Information, but then you may not be able to fully access or fully take advantage of our services, or some features on our website, and we may not be able to provide you with certain requested information related to our services and/or products.
We collect information from and about you through different channels that include:
Direct Contact: In which you may give us your Identity and/or Contact Data either orally via telephone or virtual calls, and we may record or monitor these calls with our devices, or through other means, for quality assurance and to make sure we are keeping to legal rules, codes of practice and internal policies; by filling in Questionnaire forms; or by corresponding with us through our website, webchats, instant messaging applications, virtual assistants, or email. This includes Personal Information you provide when you:
- Apply or Register for our services;
- Use our products and services, or in-person consultations;
- Subscribe to our service, publications, or newsletters;
- Participate in a competition, promotion, or survey; or
- Give us service or product feedback.
We may with your consent store your Personal Information within our official devices which our staff may use in facilitating, performing, enabling, conducting, and providing our services to you.
Third parties or Public Sources: This is information we receive about you if you provide your information to use through a third party, for example, referral information from other healthcare professionals, and from social media. In this case, you will be informed when your Personal Information is collected, and of the purpose for which it is being collected. We will only use your information collected from third parties for the purpose for which we collected it.
Automatic Collection of Information: Like many websites or media using the Internet, we automatically track certain information about you as you access or visit our website, or otherwise use our services. We refer to these as “Technical Information”, and are for various reasons that include to help us:
- Better understand, offer, operate, improve, and modify our services,
- Better understand how our website is used and experienced and
- Enhance, or better understand how we can enhance, yours or the overall experience on the website, including providing relevant advertising and other information that is useful to you. This tracked or automatically gathered information may include, among other things:
- Your device’s (as used in this Notice, meaning a computer, tablet, smartphone, or other relevant device) IP address (Internet Protocol address),
- Geographical and device location through GPS, Wi-Fi, or Bluetooth,
- Aggregated data such as statistical or demographic data for any purpose,
- Sections of or content on our website pages on which you click or in which you are interested,
- The number of times you visit each of our website pages, what downloads and/or search queries you have made,
- When our emails are opened or links are clicked,
- How long you spent on particular sections of our website and on the website generally,
- Information about your computer, browser, or operating system type, ISP, or mobile operator.
This automatically gathered data includes information provided through the use of “cookies” (which is described in more detail below) and other technology or methods and may also include information gathered in connection with your use of third-party websites and channels (for example, through the use of “web beacons,” “clear GIFs” or “pixels”). Although not restricted by this Notice, we may also gather and use information, generated by us, or obtained from other sources, derived from, or based on information you have provided or that is obtained by way of the collection means referred to in this Notice (e.g., automatically).
Information from Cookies: Cookies are small files that we or others send to and store on or with your computer so that your computer, browser, mobile application, or other application can be distinguished from other visitors or users the next time you access or visit our website or use our online services. You are always free to decline any cookies we use by adjusting the settings of your browser, as your browser may permit, however, some products, services or features might not be available or operate properly if cookies are not enabled.
We may use the information collected from the Cookies in the following ways:
- To reflect demographic data pertaining to you or other data linked to information you submit;
- To enable you to receive relevant customized adverts, alerts, content, services, or information;
- To administer our website including troubleshooting and for statistical purposes;
- To improve our website and ensure that content is presented in the most effective manner for you and for your computer;
- Security and debugging as part of our efforts to keep our website safe and secure.
Article 2: Use and Disclosure of Personal Information:
The use of information about you depends on the context in which it is collected in relation to the services we provide. We will only share the Personal Information we collect from you with your consent but note that we may also need to process your Personal Information without your consent where this is required or permitted by law, but we will inform you before we do so. This may apply to the use cases detailed below:
- Provision of our Services: In compliance with the EU General Data Protection Regulation (GDPR), we use your Personal Information either on our official devices, our website, or through other online or offline channels when providing our services to you. They include processing your Personal Information, and any additional data required to match you with the appropriate service requested by you. We also use it to communicate with you about our products, services, complaints, updates, administrative, and promotional offers.
- Analytics: Certain features or services on our website may seek or obtain Personal Information from or about you, which may be used in the following ways: (i) The information you submit may be required by our partner service providers to fulfill your service request. (ii) Troubleshoot and improve the website by using your Personal Information for actions that include providing functionality, analyzing our services, and/or technical performance, fixing errors, and improving usability and effectiveness of the website. We will share only relevant information with such third party service providers, which may include your device’s Internet Protocol (IP) address, identification number or location. Other purposes include:
- To perform supporting functions for the various tools, functionality, information, products, and services offered through our website on our behalf,
- To perform or support various tasks or initiatives instrumental to the business of the services we provide, or related to operating or improving, the website or
- To assist us in testing, maintaining, or improving the features, content, or effectiveness of the website or in performing in-house research or development. These service providers may be permitted to receive from us and use information collected from you but will not be authorized by us to use Personal Information for any other purpose other than in connection with performing the support functions for Axis or such other tasks, initiatives, or assistance for or expressly permitted by Axis.
- Sensitive Information: Certain Personal Information such as your medical/health records, deemed sensitive require higher levels of protection. They may be required for us to provide tailored, and more efficient services to you (e.g. medical consultation, diagnosis, and treatment). We process sensitive Personal Information in the following ways:
- If required, with your explicit consent, and only when necessary
- Where we need to carry out our legal/compliance obligations
- Where it is needed in the public interest.
- Where it is necessary for medical or healthcare purposes.
- In the unlikely circumstance where, we need to process your information when it is required in relation to legal claims or where it is needed to protect yours or public interests, and you are not capable of giving your consent, or where you have already made the information public.
- Recommendations: We may use your Personal Information to recommend products and services that might be of interest to you and to identify your preferences.
- Legal or Regulatory Compliance: In certain cases, we are required by law to collect, process and/or disclose some of your Personal Information.
- Customer Support: We may use your Personal Information to communicate with you in relation to the website and our services through different channels such as instant messaging services, phone calls, email, and web-chat services.
- Fraud Prevention: To enhance your safety and the security of the website, we process information to prevent or detect fraud and abuse to maintain your trust, the integrity of our website, our professional reputation, and that of our partner service providers.
- Research and Development: We are constantly working on developing new and innovative ways to improve our current services to you.
- Software Service Providers: We may use software from third party technology partner service providers to enable or enhance certain services to you. To do this, we may collect Personal Information in order to perform the services.
Without the data collected as set forth above, we will not be able to provide our services and/or execute most key functionalities of our service’s obligations to you. We will tell you when we need your consent and ask you for it. If we cannot provide a product or service without your consent, will clearly inform you of this when we ask for it. For example, we cannot process health insurance claims without health information. We do not sell your Personal Information.
Article 3: Partner Service Providers and Third Party Services:
Some of our partner service providers may collect, use, and disclose your Personal Information to the extent necessary to allow them to perform the services they provide to us which enables us conduct and facilitate our services to you. They are bound by service agreements, binding non-disclosure provisions, data protection laws, and privacy policies that prohibit them from mis-using or disclosing your Personal Information and data. They include:
- Partner Service Providers: These include professionals in the medical/healthcare services industry with whom we partner with and engage to provide our services. We may use the Personal Information you submit, as well as other additional data we might request from you or obtain ourselves through your activities on our website, to determine which of our registered participating partners may be best suited for, willing, able and/or compatible to serve your needs, and to assist them in doing so. They may require access to your Personal Information to perform their functions but shall not use it for unauthorized purposes outside enabling our services. They are mandated to process the information and data in accordance with this Notice, and as permitted by the EU GDPR, and any applicable laws and data protection legislation in their jurisdiction.
- Asset transfers: We are always developing our business, and in doing so might decide to buy or sell, or expand or otherwise restructure (e.g., by way of joint ventures, or mergers and acquisitions) with respect to businesses or assets. Personal Information and other information we collect from you is generally one of the assets acquired, transferred, otherwise shared, or affected in connection with such transactions.
- Links: There may be links on our website and clicking on those links may direct you to other websites. We are not responsible for the privacy practices of these other sites and encourage you to read their privacy policies if you want to engage with them. Once you leave our website or you are redirected to a third-party platform, or website, you are no longer subject to our Notice or our Terms and Conditions.
- Legal or Compliance Requirements: We may disclose Personal Information to our lawyers, auditors, financial, tax and public relations advisors; to service users, their families, and advisers to enable response to questions, complaints, or claims, including from you; with other entities in our group as part of our regular reporting activities etc., on company performance; when we are mandated by law or regulation to do so to NHS organizations, our regulators, such as the Care Quality Commission, Information Commissioner’s Office, the Department of Health, Department of Education, and the Health and Safety Executive. However, we will only provide the information that is relevant to such request, and you will be notified by us prior to the disclosure. This provision also includes sharing information with our solicitors. We may also share information because of a legal obligation, such as a court order but before any disclosure will be made, we will satisfy ourselves that any disclosure sought is required by law or can be justified in the interest of the public. Information about you may also be shared with law enforcement authorities where necessary for the prevention or detection of crime.
- Advertising and Analytics providers: We may occasionally display interest-based ads to you on the website through advertising tools. We may also develop or work with third party analytics providers to collect information about the usage of our services and website, and to enable us to improve how we offer our services. These analytics use technology to aid us in collecting information about user/visitor activities on our website and to report usage trends to us and we will do so only with your prior consent.
- Third Party Storage: We are not responsible for the way third parties process and/or store data. This is outside our control. We shall only be responsible for our obligations to you in relation to your Personal Information and data under our control, as a data controller under the GDPR, and applicable laws, and we do not warrant the standard of the privacy policies of any third party.
- Automatically Gathered Information: Information that is automatically, electronically, or otherwise gathered, including through the use of cookies and other technology, may also be shared with other third parties, including listing providers, advertisers, service providers and others, so that we may better understand how the website is used so that we can enhance the overall experience in connection with our services. Such information shared with third parties is restricted to information that is aggregated, de-identified, or in other protected form (see “Information You Provide To Us,” above). Third parties are contractually restricted as to how they can use any shared Personal Information (for example, restricted to use only in connection with the purpose for which it was shared by Axis).
Article 4: How We Secure Your Personal Information:
Whenever Personal Information is stored on our devices (which may be for a period recommended by GDPR), that information is protected from unauthorized access or use by way of passwords or other industry-acknowledged means. In addition, our servers that store this information are located behind a firewall. Since your Personal Information (i.e., your medical, health, employment, financial records etc.) may be especially sensitive, we take special care to keep it secure. We will use our best efforts to electronically transmit or ask for this information over secure Internet connections using precautions such as restricting storage and processing of Personal Information to our official devices, using SSL (Secure Sockets Layer) encryption (an accepted standard for online security), security keys and password authentication. To the extent that we may ask for and will store for a period of time Personal Information including information containing sensitive data, such information will be stored using precautions such as secure designated servers where access is limited to individuals in departments charged with using such information only in connection with processing your requested services and/or payment for services provided. We maintain physical, electronic, and procedural safeguards by using reputable cloud storage software services in connection with the collection, storage, and disclosure of Personal Information. We will ensure that appropriate measures are taken against unlawful or unauthorized processing of Personal Information, and against the accidental loss of, or damage to, your personal data. Partner service providers will only process your Personal Information on our instructions and after they have agreed to treat the information confidentially and to keep it secure. Our security procedures mean that we may occasionally request proof of identity before we disclose your personal information to you.
Your cooperation is also required in safeguarding the integrity of your Personal Information. We encourage you to be mindful of how you store your emails and passwords as well as how you disclose Personal Information over the Internet. It is important that you let us know immediately if you suspect that Personal Information you share with us is being used in any way contrary to this Notice.
Article 5: Access to and Change of Personal Information
You have control over your Personal Information which you provide to us and can request that we edit it whenever you want to. It is important for you to take steps to protect against unauthorized access to your email or any of the communication channels through which you provide the Personal Information or receive information from us. You should keep your password and any other security layer confidential. The security of your communication channels relies on your protection of your passwords and any additional layers of security. Make sure that you do not share them with anyone. If you do so for any reason, the third party may have access to your data, and your Personal Information, and you may be responsible for its consequences. If you believe someone else has obtained access to your password/login information, please change it immediately and contact us right away. Note that the regulatory authorities allow you to request that we erase your Personal Information after the statutory retention period elapses.
You have the following rights under the law:
- Right of Access to information held about you.
- Right to Rectification: This ensures that the information we have about you is accurate and updated.
- Right of Erasure (“to be forgotten”): This is subject to our legal and compliance obligations under the law. We often have to keep your Personal Information to comply with a legal obligation, and this means that if you ask us to delete your personal information before the retention period has expired, we will be unable to do so.
- Right to Restrict Processing of Your Information: This is also subject to our legal and compliance obligations, as well as public interest.
- Right to Transfer Personal Data: Applicable where processing is automated and based on your consent for the performance of a contract.
- Right to opt out of Automated Decision-Making: You have a right not to be subjected to a decision made by automated means.
- Right to Withdraw consent: Only if such consent is the basis for us holding or using your information.
- Right to Object: You have the right to object to us holding or using information about you in certain situations that include direct marketing, research, or statistics.
- Right to Non-discrimination
Article 6: How Long We Retain Your Personal Information
If you register any Personal Information on our website or disclose your Personal Information to us as provided in Article 1 of this Notice, we store that information either online or offline in a secure file (“User Profile”, “User Account”) created for you. Upon request you can view your Personal Information which we will make available to you within 30 days of such request, or immediately access and edit your User Profile at any time if a User Account is available on our website. Note that our website administrators have access to and are able to edit that information. The Personal Information about you that we collect, and use is held securely in the United Kingdom, and stored (where necessary) in paper format, and electronically on our secure servers (or those of our partner technology service provider). Some of our partner service providers may be based outside the EEA so their processing of your Personal Information may involve a transfer of data outside the EEA. However, they are contractually bound to provide a similar standard of protection of your Personal Information as if they were processing them in the United Kingdom.
We keep your Personal Information to enable your continued use of the website, and our services, for as long as it is required to fulfil the relevant purposes described in this Notice, and mandated by law and regulation, which include providing our services, legal and compliance requirements, or as otherwise communicated to you by us. This includes our retaining your data after you terminate our services for at least the minimum period provided by the regulatory authorities.
While we may keep your data to provide our services, and to enable your continued use of our services; and for as long as it is required to fulfil the relevant purposes described in this Notice, you may terminate our services at any time. When that happens, we will delete the data and Personal Information that we do not need to retain for regulatory, tax, insurance, customer services, and dispute resolution/litigation purposes, or other legal requirements.
We may also retain details of our services to you, including any related transactions, your location, device, and usage data for these purposes for at least 8 years after your termination of our services in accordance with the law, and NHS guidelines; for purposes mentioned above, including internal research and development. We may retain your Personal Information for a longer time than the minimum retention period after you cancel, opt-out, or terminate our services, if there is a justified need to keep them longer. This may be determined by the following:
- The length of your relationship with us, the types of products or services we have provided to you, and any other relevant events including when you may terminate our services
- How long it would be deemed reasonable by law to have met our obligations to you by keeping your Personal Information
- The period set by applicable law or recommended by regulatory authorities
- Time limits for making a reasonable claim, or any relevant applicable proceedings
Where we retain your Personal Information longer than the minimum required period, the reasons for their continued retention will be recorded, and we will ensure our continued protection of your rights in compliance with the GDPR.
At the end of the retention period, we shall appraise your Personal Information, and verify that:
- There is no outstanding obligation on your User Profile and your Personal Information and data are no longer required by us,
- There is no current or pending complaint, investigation, dispute, or litigation,
- Your User Profile is unaffected by any current or pending request made under the Freedom of Information Act, GDPR, or applicable data protection laws
We shall afterwards create a record of your data and Personal Information to be destroyed or deleted. These decisions as well as the destruction and deletion of your Personal Information in both paper and electronic form shall be conducted in a way that preserves the confidentiality of your data. We shall ensure that all copies of your Personal Information, in whatever format, are irretrievably destroyed and/or deleted without preserving any trace or copies for further use in any format of the destroyed and/or deleted Personal Information. We may be unable close your User Profile with us and delete your data if you have an outstanding obligation, debt, unresolved claim, or dispute until they are resolved or fulfilled.
Article 7: Effective Date, Modifications, Opt-out and Opt-in
This Notice is effective as of the date written above (the “Effective Date”) and may be reviewed, updated, and modified every 12 months by us in our sole discretion. If we choose to update or modify this Notice, such updated or modified Notice shall become effective on the date that is 5 (Five) days after its posting on our website (the “Modification Effective Date”); this would still apply even if it were to happen that the Effective Date (as also modified) is a date earlier than the Modification Effective Date, in which case this Notice as updated or modified, is effective as of the Modification Effective Date. We encourage you, therefore, to periodically review this Notice, which is accessible on our website, in order to keep apprised of our current privacy practices. If after review of our legal pages, you do not agree to the provisions of our terms of service, including this Notice, or any update or modification of it; you may not use our services and may terminate, cancel, or opt-out of using our services. We will immediately stop collecting Personal Information from you when you opt-out of our services but if during this period you visit our website, our cookies may collect aggregated data about your visit as provided in Article 1 of this Notice. After 12 months from your termination or cancellation, or opt-out, we may offer you an opportunity to re-apply (opt-in) for our services. However, if on your own volition, you apply, register, or begin to use our services again, it shall be deemed that you have accepted our prevalent terms of service, including our Notice in force at the time you apply, register for, or begin to re-use our services.
Article 8: Complaints:
You can complain to the Information Commissioner’s Office (ICO) if you are unhappy with the way we have dealt with a request from you to exercise any of your rights or if you think we have not complied with our legal obligations. Whilst you do not have to do so, we would appreciate you making us aware of the issue and giving us an opportunity to respond and to address and/or rectify it before contacting the ICO. Making a complaint will not affect any other legal rights or remedies that you have.
Article 9: Data Protection Officer and Contact Information:
If you would like to access, correct, amend, or delete any personal information we have about you, register a complaint, or simply want more information, we have appointed a data protection officer to oversee compliance with this Notice. For more information about this Privacy Notice, or to exercise any of your rights, or to keep us informed and updated about your Personal Information changes, please contact our Data Protection Officer at:
- 41 Scott Street, Leigh, England, WN7 5AL
- Telephone: 0161 204 7612
- Email: dataprotection@axiscaregroup.co.uk