For Customers; Potential Customers and End Users
(1) Our lawful basis for processing personal data is principally to perform contracts.
(a) We process the personal data of employees to perform contracts of employment.
(b) We process the personal data of other individuals to perform commercial contracts.
(2) We do NOT sell our data to, or share our data with, any other organisation or people.
Alarm Receiving Centre (ARC) – Customers and Lone Workers
(1) We hold the following details of people who work for customers of our ARC:
|Names and phone numbers of lone workers;|
|Where contract requires||Addresses of lone workers;|
|Vehicle registrations of lone workers;|
|Name and phone numbers of line managers;|
|Customers’ escalation phone numbers;|
|Relevant medical details (i.e. sensitive personal data);|
|Names and contact details of partners and/or family.|
(2) We process this data to perform a contract, to provide a lone worker protection service.
(3) Our customers provide (to us) the details of the lone workers that work for them.
(4) We do not disclose the details of any lone worker to any other organisation or person, unless contractually required to do so, e.g., to escalate an alert to one or more emergency service.
(5) We remove the details of a lone worker when a customer informs us that the person no longer works for them.
(6) We remove the details of the lone workers that work for a customer after our contract with the customer ends. We may retain some or all of the details for an interim period to enable reporting and/or invoicing etc.
(1) Payment Portal retains and stores the following information:
Card expiry date, where needed for notification of subscription expiry.
(2) Payment Portal only retains or stores the following information if a customer requests it:
(3) Payment Portal never stores the full card number or CVV security code.
Patient Partner and Repeat Prescriptions, Voicemail and Auto‑attendant
(1) Patient Partner and Repeat Prescriptions are products that we provide to medical practices. Voicemail and Auto‑attendant are products that we provide to a diverse range of customers. These process personal data but belong to the customer. Patient Partner processes telephone numbers and dates of birth. Repeat Prescriptions also processes details of medication. Voicemail records voice messages that callers leave. It is impossible to control the content of these. The owners of these products are legally responsible for the processing of personal data that these products perform.
(2) We must sometimes process personal data to perform a (maintenance) contract to provide technical support.
(3) We do not record any personal data in our permanent records of technical support.
(4) We delete any required personal data after a technical support issue is resolved and closed.
Voice Connect Communications Portal and Medical Messenger
(1) The Voice Connect Communications Portal can send single and bulk SMS text messages, and single and bulk postal messages through VC SmartMail.
(2) Medical Messenger communicates with a medical practice information system, and the Voice Connect Communications Portal, to enable a medical practice to send single and bulk SMS text, email and postal messages, via the cheapest type of message, to patients.
(3) The Voice Connect Communications Portal retains records of messages for the following periods.
|14 days (default – this can be changed);|
|SMS||2 months if sent via NHS.net|
|6 months if sent via the Voice Connect Communications Portal|
(4) After a customer cancels the service, we delete all of the customer’s data within 30 days.