This document provides as much information as possible to explain how we may collect, use, store and share your personal data. We have split this information into sections allowing you to find the information most relevant to you, quickly and easily.
The purpose of this document is to help you to understand why we collect and store your personal data, and to explain the circumstances in which we may use and share it.
Newson Health Research and Education Ltd (trading as Newson Health Menopause Society) is committed to protecting and respecting your privacy. Please read this Policy document carefully as it contains important information.
This document is intended for Associates of the Newson Health Menopause Society (NHMS) and research participants.
Newson Health Menopause Society is a trading name of Newson Health Research and Education Ltd, a company registered with Companies House in the UK, registration number 12098873. The registered office of Newson Health Research and Education Ltd is at Winton House, Church Street, Stratford-upon-Avon, Warwickshire, CV37 6HB.
NHRE | Newson Health Research & Education Ltd |
NHMS | Newson Health Menopause Society |
Personal Data | Information that relates to a living individual, and which can identify or be identified with, that individual. |
If you have any questions about this document or how we manage your personal data, please contact us. You can email us at society@nhmenopausesociety.org or you can write to us at: Newson Health Research and Education Ltd, Winton House, Church Street, Stratford-Upon-Avon, Warwickshire CV37 6HB
These are some of the reasons why may we collect, use and share your personal data:
We adhere strictly to data protection protocols as defined under GDPR and are compliant with all current legislation. Under data protection law, we may only use your personal data if we have a proper reason, e.g:
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against our own.
We will use your personal data to register you as a subscriber to the Newson Health Menopause Society, administer the provision of services to you, manage our relationship with you and to improve the level of services that we offer.
We may collect data provided directly and voluntarily by you, or it may be collected automatically.
This data may be collected from you:
This data may be collected via:
This may include but is not limited to:
In providing our services to you we may collect more sensitive data from you to which additional protections apply under data protection law. This may include but is not limited to:
The legal basis for us processing such special category personal data is for the purposes of conducting health-based research. Our legal basis for processing this data is your consent, which you can withdraw at any time by notifying us – see section on ‘How to contact us’.
As the data involved relates to your health, we shall ensure that any such consent obtained is explicit consent. Please note that without your consent to do this, we will be unable to involve you in health-based research studies. This is because your health data is necessary for us to conduct the necessary research.
You may decline to share your personal information with us, and you may withdraw your consent for us to use it, at any time. This may limit your access to certain aspects of our services.
Internally, we only grant access to personal data (including special category data) to those people that need access to that data to carry out their role.
Externally, we may share from time-to-time personal data (including special category data) with our service providers, but subject always to due respect for your privacy and adherence to legislation:
Where we share personal data (including special category personal data) externally we will always ensure that the recipient is committed contractually to only use personal data in compliance with our instructions and data protection law.
We will keep your personal data while we are providing services to you. Thereafter, we will keep your personal data for as long as is necessary:
We will not keep your personal data for longer than necessary. Different retention periods apply to different types of personal data, for example we are obliged to keep health data for a period of 8 (eight) years after the date on which we stop providing services to you.
When it is no longer necessary to keep your personal data, we will delete or anonymise it.
The EEA is a group of countries that share the same basic data protection law, and therefore the law assumes that where your personal data is transferred between these countries it enjoys a similar level of protection.
We will provide more information on the non-EEA countries to which we transfer your personal data on request.
We have appropriate security measures to prevent personal data from being accidentally lost, used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We continually test our systems and follow ISO 27001 good practice principles, which means we strive to follow top industry standards for information security.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
The law gives you certain rights in respect of the personal data that we hold about you, and the following is a short overview of those rights (for more information about the rights you have in respect of your personal data please visit the Information Commissioner’s Office website: www.ico.org.uk).
With some exceptions designed to protect the rights of others, you have the right to a copy of the personal data that we hold about you. You do not have any right to request a copy of the personal data that we hold about anyone other than yourself.
Access to the personal data records we hold is free of charge however, we may make a reasonable charge for additional copies of that data beyond the first copy, based on our administrative costs.
Where you have given us your personal data (i.e., you have completed a research survey), you may have the right to receive your copy of this data in a common electronic format. With your consent, we can provide copies of this data to other people, if it is technically feasible to do so.
You have the right to have the personal data we hold about you corrected if it is factually inaccurate. This right does not extend to matters of opinion.
In some limited circumstances, you have the right to have personal data that we hold about you erased (‘the right to be forgotten’). This right is not generally available where we still have a valid legal reason to keep the data (for example, in connection with a legal claim or because we are obliged by law to do so).
You have the right to object to our processing of your personal data where we rely on ‘legitimate interests’ as our legal basis for processing, but we may be able to continue processing if our interest outweighs your objection.
You have the right to require us to stop using your personal data to send you marketing information. If you want us to stop sending you marketing information, the quickest and most efficient way is to use the ‘unsubscribe’ link in our communications (although if you prefer, you may contact us directly to request this).
You also have the right in some circumstances to request that temporary restrictions are placed on how we process your personal data, for example if you contest its accuracy or where we are processing it on the basis of our legitimate interest, and you contest our assessment that our interest overrides your rights.
If we are processing your personal data on the basis of your consent, you have the right to withdraw that consent at any time, in which case we will stop processing your data unless we have another legal basis on which to continue.
Please be advised that in certain circumstances withdrawal of consent to continue processing your personal data may have further impact on your future access to, or benefit from, the service or part of the service.
Please note that to protect your privacy, we may ask you to prove your identity before we take any steps in response to a request you have made.
We treat the protection of your personal data with the utmost respect but if you have cause to complain, we will always ask that you contact us first so we can attempt to resolve the matter for you. However, you also have the right to lodge a complaint about our handling of your personal data with the Information Commissioner’s Office. You can contact them on 0303 123 1113 or via their website www.ico.org.uk/make-a-complaint
We may change this privacy policy at any time. Where we make significant changes, for instance where we use your personal data for materially different purposes, we will email you to let you know.
This table explains how we may use your personal data:
What we use your personal data for | The legal basis for using your data |
Providing our services to you | To perform our contract with you or to take steps at your request before entering into a contract. |
Operational reasons, such as improving efficiency, training and quality control | For our legitimate interests or those of a third party e.g., to be as efficient as we can so we can deliver the best service to you at the best price. |
Updating and enhancing customer records | To perform our contract with you or to take steps at your request before entering into a contract. |
Retaining evidence of your subscription or your involvement in a research study | To comply with our obligations to maintain accurate and safe records. |
Providing marketing information to you on other services we offer | By consent to keep in touch with our subscribers and research participants about the services we offer or other research opportunities that you may be interested in. |
Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies | To comply with our legal and regulatory obligations. |
Providing information required by external medical practitioners and healthcare personnel involved in the Newson Health Menopause Society or research and education | To perform our contract with you or to take steps at your request before entering into a contract. To comply with our legal and regulatory obligations. |
Generating anonymous statistics that may then be used by us and shared with third party for research purposes | For our legitimate interests or those of a third party i.e., to develop new practices and improve the services available to you. |