Home » Data Policy

Data Policy Page Contents

Data Policy

Fittleworth Medical Ltd – Data Policy

Fittleworth takes the protection of all personal data extremely seriously and is committed to a policy of protecting the rights and freedoms of all individuals in relation to the processing of their personal data in compliance with Data Protection legislation.
Below is an introduction to the information that we collect from you, how we use, share and delete it.

Fittleworth has a nominated Data Protection Officer who is responsible for notifying the Information Commissioner of any potential breaches concerning data protection, responding to individual requests for access to personal data, and framing guidelines and procedures surrounding data protection with the aim of ensuring that all personal data processing by the Company complies with the Data Protection Act.

About your information and data protection

This privacy policy summarises how Fittleworth Medical Ltd (Fittleworth), use your information. For the purposes of the General Data Protection Regulations (GDPR), we are a data controller.

Why do you collect information about me?

As a service provider to the NHS, Fittleworth has an obligation to process Sensitive Personal Data. We collect this information to ensure that we continue to meet your service expectations as well as remaining compliant with national legislative and NHS guidance.
The collection, retention and transfer of Sensitive Personal Data is necessary in order for us to support your prescription needs. This contractual requirement, coupled with our obligations in the provision of healthcare and treatment form the legal basis under which we hold and share your data.

We hold identifiable information as a means of safeguarding access to your records. We may also collect contact information relating to carers and/or family member so that we can contact them about your appliances.

What sort of information do you hold about me?

We collect and retain information about your account including the appliances prescribed and dispensed, and any products purchased, payments you make including prescription fees and your prescription payment exemption status.
We will collect information regarding your medical condition that enables us to provide you with advice about your condition and to ensure we are dispensing appropriately.

How do you collect it?

We collect and retain information when you access our website, complete a registration or provide us with physical or digital information, either personally or someone acting on your behalf.
We monitor and record calls to and from our customer service centres to improve our service. If you contact us electronically (e.g., by email or using our website), we may collect your electronic identifier such as your internet protocol address.
Where we record consultation notes and clinical records we use recognised clinical management systems. Paper based referrals and appliance user reviews are subject to stringent NHS Information Governance controls which are reviewed annually.

When will you share my information and with whom?

We will only share your information:
• where we have your permission;
• where it is necessary in order to dispense your prescriptions;
• to carry out a clinical review of the service we provide to you;
• in order to facilitate the delivery of your order;
• in order to provide communication regarding educational and/or patient events;
• where we have to do so or where we’re allowed to do so by law;
• for aggregated market research purposes where you will not be identifiable;
• with regulatory bodies and authorities;
• with our JDS Group companies in the UK; and
• with third parties as detailed in our Privacy Notice (see below).

How will you use my information to contact me?

We may contact you by phone or post and, if you provide us with an email address or mobile phone number, we may send you emails or text messages with operational messages about your account or the dispensing of your prescription. We will need to confirm with you that the goods to be dispensed are required and that you understand how to use and dispose of them.
As texts and emails can be intercepted, we will keep confidential information to a minimum and you should never send us any confidential information via text or email.

Will you send me marketing information?

We will send you tailored marketing information by post, telephone, text and email, but only if you have requested marketing information via these channels.
The medical appliance field is constantly evolving. In order to ensure that you remain fully informed of the development of products and services that may help you to better manage your condition, we may send you information about those products and services that we think you would like to hear about. We respect that you may not wish to receive product updates and have ensured that this is not a default option.

Will you send my information to other countries?

Your data is primarily held on our servers based in the UK. We may however also use cloud-based services where the data is stored within the EU, we only do this where we can be sure your information will be adequately protected.
Fittleworth is the exclusive UK member of the World Assist Alliance; a network dedicated to helping stoma and continence customers with emergency goods when abroad on holiday or business. In order to deliver this service, we will need to share your information with a trusted international partner. You will always be advised of this prior to the disclosure of your private data.

How long will you keep my information?

We keep your information for as long as we need to for legitimate business purposes and for legal and regulatory reasons. We will retain your information after your account has closed for these purposes. Your records are subject to a formal retention and disposal policy which conforms with NHS Information Governance requirements.

Can I see the information you hold about me or find out more about how you use my information?

We take our responsibilities for safeguarding patient data very seriously and have elected a designated Data Protection Officer (DPO) to oversee information management. If you have any questions or concerns relating to the way your personal data is managed, or would simply like to see the information that we hold, please address any enquiries to:

The Data Protection Officer
Governance & Compliance Department
Fittleworth Medical Limited
2 Henry Lock Way
Littlehampton
West Sussex, BN17 7FB

Email: contactDPO@fittleworth.com