Please read this privacy policy carefully as it will help you to understand how we collect your information, what we do with it and who we share your data with.

Who We Are:

Informatica Systems Ltd., Aurora House Deltic Avenue, Rooksley, Milton Keyes, Buckinghamshire, United Kingdom, MK13 8LW, registered in England and Wales with company number 02866377, (“ISL”, “we”, “us”), respects the privacy of every person and is committed to protecting all of your personal data (“Personal Data”, “data”).

Policy:

The policy will serve as a summary of your privacy rights. The law, currently the General Data Protection Regulation (“GDPR”), requires that your Personal Data are kept private unless there is a legal obligation or requirement for disclosure by us to authorised parties, in which case we will make such disclosure(s) as legally obliged.

What We Provide:

This policy applies to your use of the website (“Service”) at one of the following URLs: central.informatica-systems.co.uk, n3.informatica-systems.co.uk or dqs.cymru.nhs.uk. The services we provide to you enable you to analyse aggregated data generated by our Audit+ product and collected from GP surgeries. Access to this Service is provided to you (“Authorised User”) at the request of the organisation that we are contracted with (“Customer”). The Customer acts as the Data Controller and we act as the Data Processor under their instruction. We are obliged by contract to fulfil all legal data protection requirements.

Data Processing:

It is lawful for us to process personal information about you.

Information we use and how

In order to use the Service, we are provided by the Customer personal details about you such as your user name and full name.

Using our Service we record details about when you log in to access the Service.

We use your data in order to provide you with the Service and to help us with its operation. Here are some examples how we use your data:

You have the right to ask the Customer to restrict processing of your personal data and a right to object to the Customer processing your personal data in this way, but if you do either of these, it may impact on your use of the Service and/or we may not be able to provide you with information about the Service that you have requested us to provide to you.

Who do we share your personal data with?

We never commercially exploit or distribute to any third party any information which is personal information. We may pass personal information to people who process data for us in accordance with this Privacy Policy, for example, UKCloud Ltd which provides data centre hosting. We have a contract with these people and we vet them to ensure they are contractually bound to do what we say they can do with this information.

In addition to the above, we may share your personal data with the following third parties:

In order to use our Service, we will be processing user information about you such as: your user name and your full name.

Cookies:

ISL uses cookies to help optimise your experience when using the Service and overall performance. A cookie is a small text file that may be placed on your computer or device when you visit the Service. There are two categories of cookies: (a) ‘persistent cookies’ that remain on your computer or device until deleted manually or automatically; and (b) ‘session cookies’ which remain on your computer or device until you close your browser, when they are automatically deleted.

You can refuse cookies, by activating settings of your chosen browser(s). If you alter your browser settings to refuse cookies your access to the Service will be restricted.

Security

The importance of security for all your Personal Data including, but not limited to, sensitive personal data is of great concern to us. Personal Data collected via the Service is stored in secure environments that are not available or accessible to the public; only those duly authorised individuals. ISL is accredited for ISO 27001 to ensure that we have the systems in place to effectively manage the security of your Personal Data.

Data Storage

The data that we collect from you will be shared with our third party processors which are located and/or store data in the UK.

Your rights

You have the following legal rights in relation to your personal information:

Accessing your data:

If you would like a copy of all of the Personal Data we hold about you please raise your request with the Customer.

We do charge a small fee of £15 for providing information because we have to gather, collate and process this data to make it available to you in its entirety.

The Customer will send you the information within the legally required timeline after receiving full instructions and payment.

For how long we will keep your data?

Personal data will be held for one year beyond the date of the Customer’s contract termination with us. At this point your data will be deleted from the database it’s held in.

Policy updates

By using the Service you acknowledge your acceptance of our privacy policy, as updated from time to time. Your continued use of the Service following any changes to the privacy policy signifies your acceptance of those changes.

We may revise this policy to reflect any changes. We will post a copy on our website. This policy was last reviewed on the 30th May 2018.

Our Data Protection Officer can be contacted by email at dpo@ishealth.co.uk.

Version history:

18-09-2018  2.0 Updated Company Address

30-05-2018 1.0 New privacy notice for GDPR compliance.