Last updated 1 May 2018
If you use one of CSL’s services, are a customer or supplier of CSL, , you can see how we use your data from that service by clicking on the relevant link below:
CSL also process pseudonymised information from NHS Digital’s Hospital Episode Statistics data set. To see more information about our processing of these data, click here – U – Privacy statement – HES.
Collection of Information on this website
We collect the following personally identifiable information when voluntarily submitted by our visitors to this website:
Your email address
Any personal data that you include in the message or subject sections of our contact form (for instance if you add your phone number to this section)
This information is only used to fulfil your specific request, unless you give us permission to use it in another manner, for example to add you to one of our mailing lists.
CSL hold limited personal details of individuals at customers, suppliers, prospects and industry organisations with whom we are currently engaged or have worked with in the past three years. This information includes names, work address, work phone number and work email address.
How we use your data
The information you provide through the contact sheet on our website is used to contact you in regard to your query, and in future related follow up.
CSL periodically use the details we hold to contact individuals with information we think is relevant to their role, such as newsletters or information on new or related services we may offer from time to time. We also use these data to contact individuals as part of the normal day to day business process.
Legal basis for processing your data
The data of individuals at prospects, industry organisations and those enquiring through our website are processed under CSL’s legitimate interest. Details of current customers and suppliers are held in order to fulfil our contractual obligations.
We retain the details of customers, suppliers and individuals at industry organisations for the duration of our engagement with their company, and then for a further three years, after which your information is deleted.
You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. This is known as the ‘right to object’ and ‘right to erasure’, or the ‘right to be forgotten’.
We may sometimes be able to restrict the use of your data. This means that it can only be used for certain things, such as legal claims or to exercise legal rights. In this situation, we would not use or share your information in other ways while it is restricted.
You can ask us to restrict the use of your personal information if:
- It is not accurate.
- It has been used unlawfully but you don’t want us to delete it.
- It not relevant any more, but you want us to keep it for use in legal claims.
- You have already asked us to stop using your data but you are waiting for us to tell you if we are allowed to keep on using it.
If you want to object to how we use your data, or ask us to delete it or restrict how we use it, please contact us using the Privacy Contact Information below.
If you no longer wish to receive information such as newsletters from us, you can unsubscribe by emailing “unsubscribe” to email@example.com from the relevant email address.
How to withdraw your consent
You can withdraw your consent at any time. Please contact us if you want to do so, being sure to name the service it is regarding (e.g eCoach).
If you withdraw your consent, we will not be able to continue to provide you with the service once your data has been erased.
How to complain
Please let us know if you are unhappy with how we have used your personal information. You can contact us using the Privacy Contact Information below.
You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern, https://ico.org.uk/.
The Site may use cookie and tracking technology depending on the features offered. Cookie and tracking technology are useful for gathering information such as browser type and operating system, tracking the number of visitors to the Site, and understanding how visitors use the Site. Cookies can also help customise the Site for visitors. Personal information cannot be collected via cookies and other tracking technology, however, if you previously provided personally identifiable information, cookies may be tied to such information. Aggregate cookie and tracking information may be shared with third parties.
Categories of data processed
We only require identifying data, to enable us to provide you with appropriate updates and information.
Location of processing
All data is stored and processed within the UK.
Distribution of Information
We may share information with governmental agencies or other companies assisting us in fraud prevention or investigation. We may do so when: (1) permitted or required by law; or, (2) trying to protect against or prevent actual or potential fraud or unauthorised transactions; or, (3) investigating fraud which has already taken place. The information is not provided to these companies for marketing purposes.
All information is shared with your organisation as requested by the department commissioning the KPID service.
Commitment to Data Security
Your personally identifiable information is kept secure. Only authorised employees, agents and contractors (who have agreed to keep information secure and confidential) have access to this information.
We take data security very seriously, and are ISO27001 certified.
Privacy Contact Information
By email: firstname.lastname@example.org
By Phone: ++44 (0) 1483 528 300
By Mail: Data Protection Officer, CSL, The Sussex Barn, Peper Harow Park, Godalming, Surrey, GU8 6BQ
We reserve the right to make changes to this policy. Any changes to this policy will be posted.