Privacy Policy
Last updated: 18 May 2023

PRIVACY POLICY
Patient Services is provided by In-Practice Systems Ltd (INPS), a company registered in England with company number 01788577 with a registered office address of Studio F5, Battersea Studios 1, 80-82 Silverthorne Road, London. SW8 3HE. Phone: 0207 501 7000.
In Practice Systems Limited ('we', 'us' and 'our') is committed to protecting and respecting your privacy.
This policy (together with our terms of use) sets out the basis on which the personal data we collect/ you provide to us, is processed. Please read the following carefully to understand our views and practices regarding your personal data and how we look after it.
The person on whose behalf we're processing your personal data is your GP whom you are registered as a patient.
USING THE SITE
By using this website you can view your data held by your GP practice. If you have any questions about this information, or you think any of it is wrong, please contact your GP practice.
Where applicable, when using this site to update your personal information or contact your GP, please check carefully the information you enter and make sure it is correct. Again, if you have any concerns please contact your GP practice in the first instance.
INFORMATION WE COLLECT FROM YOU
When you register to use the Patient Services site, we collect the following data:
This is to ensure we capture the correct information to allow you to register on the site and link to your healthcare record. Additionally, we may ask you for information when you report a problem that will help us to 'fix' it (where applicable). We will also collect the following:
IP ADDRESSES AND COOKIES
We may collect information about your computer, including where available your computers IP address, operating system and browser type, for system administration purposes. This is statistical data about our users' browsing actions and patterns and would not directly lead to the identification of an individual person.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive that then allow us to improve the site and to deliver a better and more personalised service. Specifically, they enable us:
You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of the site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log into the site.
WHERE WE STORE YOUR PERSONAL DATA
All information you provide to us is stored in UK based, Tier 4 secure data centres. We do not have access to or ask you to share any passwords, regardless of who has set them (you or the GP Practice). You are responsible for keeping this password safe, so please never write it down or share it with anyone, even your GP practice.
Your data is protected during transmission to our site by using Secure Sockets Layer (SSL) software, which encrypts (locks down) the information you provide. Once the data has been received, we add even more layers of protection via a number of policies that include restricting physical access to our data centres and further technical solutions that safeguard your personal data from those who do not have the right to view it. However, it is important that you do your bit to protect against any unauthorised access to your password and computer and ensure you sign out/log off when you are leaving the site, particularly when using a shared computer.
USES MADE OF THE INFORMATION
We use your data in the following ways:
This information is collected under the GDPR Lawful Basis Article 6(1)(b) necessary for a contract. You are free to close your Patient Services account at any time and request that your data be deleted from our servers.
HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?
The data we collect when you register with the site is held for a maximum of 2 years from the last activity date. In other words, if you do not use the site for 2 years or more, your data will be deleted and you will be required to re-register to gain access to the site again. However, you have the right to delete your account at any time and request that your data be deleted with immediate effect.
INDIVIDUALS RIGHTS
The UK GDPR provides the following rights for individuals:
You have a number of important legal rights regarding the manner in which personal data is used. You can find more information about your rights on the Information Commissioner's Office website: For the public | ICO
We have outlined below the key rights which we believe may be relevant to you. Should you wish to exercise any of your rights, please contact our Data Protection Officer at DPO@cegedimrx.co.uk. Please note that you will be asked to provide us with reasonable proof of your identity so that we can be sure we are discussing or providing your personal data to you (or if someone is making a request on your behalf, we need to check that they have the authority to do so).
ACCESS TO INFORMATION
You have the right to access certain information we hold about you so that you can be aware of, and verify the lawfulness of, the processing we undertake.
You can exercise your right of access by making what is generally referred to as a 'Subject Access Request'. We review each request and if we are obliged to provide the personal data to you then we will (subject to certain limited exceptions provided under the relevant law).
Right to have information corrected
If you identify that any personal data that we hold about you is wrong, inaccurate or out of date then you may ask us to correct or update it. Please contact us via the details provided below and we will review each request and respond accordingly. However, if this data is controlled by your GP Surgery then you will need to contact them to update it.
Right of erasure and the right to stop or limit our processing of your personal data
The right of erasure is also known as the 'right to be forgotten'. You have the right to ask us to erase data we hold about you. Alternatively, you can ask us to stop or to limit any processing we are undertaking in respect of your personal data. These rights arise if we no longer have a valid reason to do so or if we have held it for too long.
These are not absolute rights but every request we receive will be considered carefully and we will respond accordingly (providing grounds for any decision we make).
Right to object
You have the right to object to the processing of your personal data at any time. This effectively allows you to stop or prevent the processing of your personal data.
An objection may be in relation to all of the personal data we hold (as a controller) about you or only to certain information. It may also only relate to a particular purpose we are processing the data for.
Save in relation to direct marketing communications, this is not an absolute right but every request we receive will be considered carefully and we will respond accordingly (providing grounds for any decision we make).
Right to complain
Should you be unhappy with the details in this Privacy Policy or have any other concerns please contact us in the first instance so we may work together to resolve the issue. However, if you remain unsatisfied with our response, you are free to make a complaint to the UK data regulatory body, the Information Commissioners Office. Please find their contact information on their website: Contact us | ICO
THIRD PARTY SITES
Our site may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that they will contain their own privacy policies and that cannot accept any responsibility or liability for these. Please check these policies before you submit any personal data to these websites.
CHANGES TO OUR PRIVACY POLICY
Any changes we make to our privacy policy in the future will be posted on this page.
CONTACT
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to the practice where you registered for this service.