Privacy policy and cookies

Privacy policy for members and non members

Who are we?

NHS Providers is the membership organisation for NHS foundation trusts and trusts. We are a charitable organisation whose aim is to support trusts to lead and improve the running of their organisation.

This policy applies if you are a member or associate member of NHS Providers, a stakeholder, commercial organisation or use any of our services, visit our website, email, call or write to us.

NHS Providers takes your privacy seriously and we are committed to protecting and respecting your privacy. This policy sets out how we collect and process data that you provide to us. Any personal data that you give us will be treated with the utmost care and security. It will not be used in ways to which you have not consented.

We process personal data for certain legitimate business purposes, which include some of the following:

Privacy notice for members

Privacy notice for non members

Privacy notice for members

We use the personal data you provide as a member to service your membership. This includes sending renewal information to annual members by mail and email, sending NHS Providers newsletters and information about our reports, surveys and briefings. It is also used to verify you when you sign up to manage your membership online.

What information is collected?

We collect personal data in connection with specific activities such as registration or membership, placing an order and conducting research.

Website

We collect certain data or information when you use www.nhsproviders.org including:

Links to other websites

Our website may contain links to and from other websites who will have their own privacy policies. Please note that we do not accept responsibility or liability for these policies. You should check their policies before you submit any personal data to these websites. This privacy policy applies solely to the personal data collected by NHS Providers.

Storage of data

We take appropriate technical and organisational measures to ensure that we keep your information secure, accurate and up to date. For example our internal spreadsheets are always encrypted and our network is protected and routinely monitored. 

NHS Providers are based in the UK and we store our data within the European Union (EU) using a virtual desktop system, VESK and through our CRM system, Microsoft Dynamics. Data from event registrations is stored by Eventsforce.

Some organisations which provide services to us may transfer data outside the European Economic Area but we’ll only allow this if your data is adequately protected. Some of our systems are provided by US companies and whilst it is our policy that we prefer data hosting and processing to remain on EU-based solutions, it may be that using their products results in data transfer to the USA.  However we only allow this when we certain it will be adequately protected. (e.g. US Privacy Shield or Standard EU contractual clauses). 

For more details on how VESK stores data please visit their website.

Cookies

We use cookies to collect user data. This data allow us to assess the popularity of certain areas of the website and raise the level of service performance which we provide for you. We use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users' computers. The information generated relating to our website is used to create reports about the use of the website. Google will store this information; their privacy policy is available here.

We may use both session cookies and persistent cookies on the website. We will use the session cookies to keep track of you while you navigate the website. We will use the persistent cookies to enable our website to recognise you when you visit.

Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.

If you want to block cookies, you can use a universal cookie blocker such as the Google Analytics opt-out.

Email marketing

If a member has agreed to hear from us, we will periodically use their preferred contact address (usually email) to send updated information, invitations to NHS Providers events, networks and services.

Occasionally we may also to send information to all members or affiliate members, on topics that are an essential part of the membership experience, such as notice of the annual conference and exhibition, or an invitation to take part in our surveys or our policy work.

You can change your email preferences or opt out of our emails by clicking on the unsubscribe link at the bottom of our messages or by emailing us.

 

E-newsletters

We use a third party provider, Campaign Monitor, to deliver our regular e-newsletters. We gather statistics around email open rates and click through rates using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. For more information, please see Campaign Monitor’s privacy statement.

Direct marketing by post and telephone

Upon registration you are given the option to opt in to receive marketing communications by post or telephone. Where you do opt in to such communications, NHS Providers may send you information about our policy work, forthcoming events or products and services we offer. If you would like to change your marketing preferences you can email us, write to us or log in to your account on the website at any time.

Events

We use Eventsforce, to enable you to book your places for conferences and events and collect information on your attendance. This data includes your contact details, your organisation name, invoice address, access and dietary requirements, the events you have visited and the date that you attended. NHS Providers will undertake customer analysis on this data to allow us to understand visiting trends. For details on their privacy policy please visit their website.

Slido

We use a third party provider, Slido to manage our conference slides and crowdsource questions to engage participation at our events. For details on their privacy policy please visit their website.

Social media

We use a third party provider, Sprout Social to manage our social media interactions. If you send us a direct message via social media the message will be stored by Sprout Social for three months. It will not be shared with any other organisations.

Survey tool

We may ask you to fill out surveys about our conferences or policy work in or to provide an evidence base and improve our products and services, although you do not have to respond to them. We use a third party service, Smart Survey to send out surveys. For more information, please see Smart Survey’s privacy statement on their website.

Website search

Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either NHS Providers or any third party.

Website

Our aim is to understand what you want from the website and to improve our services to you. All those wishing to become registered users are asked to submit their email addresses, first name, last name, title, and job title.

Submission of your email address enables us to contact you at any time. This will be used to set up targeted newsletter services and other email-based services to enhance your experience and set communication preferences based on what you want to hear from us.

Disclosure to third parties

We do not pass, sell, trade or rent personal details entered on this website or the community to others.

You agree that you do not and will not consider anything in this privacy policy being a breach of any of your rights under the Telecommunications (Data Protection and Privacy) Regulations 1999. 

We reserve the right to access and disclose individually identifiable information to comply with applicable laws and lawful government requests, to operate our systems properly or to protect ourselves or our users. We also reserve the right to disclose individually identifiable information to third parties where a complaint arises concerning your use of the website and that use is deemed by us inconsistent with these terms and/or the additional terms.

We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. You can update your preferences by emailing us, writing to us or by logging into the website at any time.

Keeping your information

We will only use and store your information for as long as it is required for the purposes it was collected for. How long it will be stored for depends on the information in question, what it is being used for and, sometimes, statutory legal requirements.

Access to information

You have the right to access the information we hold about you by making a subject access request under the Data Protection Act 1998. A small fee of £10 may be payable. To request this information please write to us at:

NHS Providers
One Birdcage Walk
London
SW1H 9JJ

If you believe that any information we are holding on you is incorrect or incomplete, please write to at the above address or email the team and we will promptly update it.

Changes to our privacy policy

This policy was updated in May 2018. Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

Contact us

We welcome your questions and comments about privacy issues and how we are using your personal data.

If you would like to get in touch you can email the team or write to:

NHS Providers
One Birdcage Walk
London
SW1H 9JJ

Data protection officer

The nominated data controller is Ben Clacy, director of development and operations at NHS Providers, One Birdcage Walk, London SW1H 9JJ.

Privacy notice for non members

What information is collected?

We collect personal data in connection with specific activities such as signing up to newsletters, registration of events, associate membership sign up, placing an order and conducting research.

This personal data includes your email address, name, job title, organisation address, land and mobile phone numbers and other contact details.

How we use your personal data

We process your personal data to be able to:

Who we share your personal data with

We sometimes need to share the personal information we process with the individuals themselves and also with other organisations such as suppliers and service providers. Where this is necessary, we are required to comply with all aspects of the Data Protection Act (DPA), Privacy and Electronic Communications Regulation (PECR) and the EU General Data Protection Regulation (GDPR) as it applies.

How we contact you

If a stakeholder or commercial organisation has agreed to hear from us, we will periodically use their email address, mailing address or telephone number to send updated information, invitations to NHS Providers events, products and services.

Keeping your information

We will only use and store your information for as long as it is required for the purposes it was collected for. How long it will be stored for depends on the information in question, what it is being used for and, sometimes, statutory legal requirements.

Storage of data

We take appropriate technical and organisational measures to ensure that we keep your personal information secure, accurate and up to date. For example our internal spreadsheets are always encrypted and our network is protected and routinely monitored. 

NHS Providers are based in the UK and we store our data within the European Union (EU) using a virtual desktop system, VESK and through our CRM system, Microsoft Dynamics. Data from event registrations is stored by Eventsforce.

Some organisations which provide services to us may transfer data outside the European Economic Area but we’ll only allow this if your data is adequately protected. Some of our systems are provided by US companies and whilst it is our policy that we prefer data hosting and processing to remain on EU-based solutions, it may be that using their products results in data transfer to the USA.  However we only allow this when we certain it will be adequately protected. (e.g. US Privacy Shield or Standard EU contractual clauses). 

For more details on how VESK stores data please visit their website.

Changes to our privacy policy

This policy was updated in May 2018. Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

Access to information

You have the right to access the information we hold about you by making a subject access request under the Data Protection Act 1998. A small fee of £10 may be payable. To request this information please write to us at:

NHS Providers
One Birdcage Walk
London
SW1H 9JJ

If you believe that any information we are holding on you is incorrect or incomplete, please write to at the above address or email the team and we will promptly update it.

Contact us

We welcome your questions and comments about privacy issues and how we are using your personal data.

If you would like to get in touch you can email the team or write to:

NHS Providers
One Birdcage Walk
London
SW1H 9JJ

Data protection officer

For the purpose of the Data Protection Act 1998 the nominated data controller is Ben Clacy, director of development and operations at NHS Providers, One Birdcage Walk, London SW1H 9JJ.

 

We use cookies to ensure you have the best possible experience on our website. By continuing we’ll assume that you are happy to receive them. Close