We are committed to complying with General Data Protection Regulation
What Information is collected?
SWIMS Ltd collects both personal and sensitive information including some or all the following information where relevant and necessary:
- Name
- Date of Birth
- Job Title
- Relevant medical, personal, and job history
- Health assessment results
- Medical records (if relevant)
Who is collecting it?
Data is only processed by staff at Knowle and Exeter clinical facilities.
How is it collected?
The information is collected mainly from you, from assessments either on the phone or in person. Some information will also be obtained from your employer where necessary such as when they make a referral for our services.
Why is it being collected?
The information we collect is to help keep you healthy and safe whilst at work, or to help aid in your work or safe return to work.
What is the lawful basis for processing the information?
We seek to process your information with your consent. We are a provider who likes to discuss our report with you before we send it out. However, under the General Data Protection Regulations (GDPR) we can lawfully process your information where ‘Processing is necessary for the purposes of preventative or occupational medicine, for assessing the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services on the basis of Union or Member State law or a contract with a health professional’.
How will it be used?
The information we collect is used to monitor your health and to help you to be safe and healthy at work. The information we collect will be used to write reports to your employer to keep them informed about your health to help them make decisions to best offer you a safe working environment, and to maintain legal employment health requirements.
What are the interests of the data controller?
The interests of the data controller are to obtain the information needed to offer the best occupational health support.
Who will the data be shared with?
Your data will be shared where necessary with external providers if specialist support is required e.g. other occupational health physicians or hospital specialists. Your information is only shared to support in keeping you healthy and safe whilst at work, and/or to help aid in your return to work. Your employer will only receive information relevant to them, your health records are private and confidential.
How long will my data be kept?
Retention periods, for records held at SWIMS Ltd, are 40 years for COSHH assessment data, and 10 years from final contact for general health records. You will need to consult with your employer if the data is kept on site with them or they change providers.
What will the effect by to me?
We hope that by collecting this information we can help both you and your employer make the best decision regarding your health and wellbeing in the work place.
What are my rights?
Under GDPR (May 2018) your rights are as follows:
The right to be informed how we use your personal data
This privacy notice is used to inform you of how we use your personal data, however if you have any questions please contact us at any time on the details below.
The right to access your personal data
If you would like to access your personal information we hold, please send a subject access request in writing via email or post (contact details below).
The right to be forgotten and have your data deleted in specific circumstances
This right only applies when there is no compelling reason for its continued processing or the personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
The right to data portability to transfer your data to another service provider
This right applies:
- to personal data you provided
- where the processing is based on your consent
- And when processing is carried out by automated means
The right to have information corrected if it’s out of date, incomplete or incorrect
If this is the case then please do contact us as soon as possible, including if your contact details change.
The right to object to, or stop, your data being processed on certain grounds
This is mostly aimed at marketing and research purposes
You have the right to object to:
Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
Direct marketing (including profiling); and
Processing for purposes of scientific/historical research and statistics.
We can carry on processing the information if:
We can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms or
The processing is for the establishment, exercise or defence of legal claims.
The right to restrict processing, meaning you can request that your data is only kept on file and not used for processing
This right in these situations:
You contest the accuracy of the personal data, meaning processing must be restricted until the accuracy of the personal data has been verified.
Where you objected to the processing, and we are considering whether our organisation’s legitimate grounds override yours.
When processing is unlawful, and you oppose erasure and request restriction instead.
If we no longer need the personal data but you require the data to establish, exercise or defend a legal claim.
Rights in relation to automated decision making and profiling, meaning that in some cases individuals have the right not to be subject to a decision that is based on an automated process.
SWIMS Ltd does not use automated decision making or profiling. Our recommendations are formed from the information we receive and are only our opinion.
Any concerns or complaints?
If you do have any concerns, worries, questions, or complaints about the process then please contact Dr Alan Bray or speak to the representative from your company dealing with your case. If you feel it relevant you can also complain to the Information Commission Authority (ICO).
SWIMS Ltd contact:
Dr A J Bray
01564 778865
info@swims-ltd.co.uk