- 1. How we use your personal data
We collect personal data about you to allow us to provide occupational health services for you or on behalf of your employer. This may include your name, date of birth, address, telephone numbers, email addresses, employer number, details of your work and gender. It may also include sensitive information about your health.
- 2. Disclosure of your personal data
We may at times have to share your personal data with our third-party providers. This will only be for the provision of occupational health services, and all medical data will be directed back to Assured OH for storing.
Our third-party providers may include individuals, companies, and organisations that carry out occupational health service interventions and legal services on our behalf, such as well being service providers, laboratory services, counselling or health intervention. We require all of these third-parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. They are only allowed to process your personal data on our instructions.
- 3. Data security
We have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breaches and will notify you and any applicable regulator where we are legally required to do so.
In certain circumstances you can ask us to delete your data. See the section entitled ‘your rights’ below for more information.
- 4. Data retention
We will only keep your personal data for as long as is necessary to fulfil the purposes for which we collected it. We may retain your data to satisfy any legal, accounting, or reporting requirements so for example we need to keep certain information about you for 6 years after you cease to be a client for tax purposes.
You have the right to ask us to delete the personal data we hold about you in certain circumstances. See section 6.
- 5. Your rights
You are able to exercise certain rights in relation to your personal data that we process. These are set out in more detail at
In relation to a Subject Access Right request, you may request that we inform you of the data we hold about you and how we process it. We will not charge a fee for responding to this request unless your request is clearly unfounded, repetitive or excessive in which case we may charge a reasonable fee or decline to respond.
We will, in most cases, reply within one month of the date of the request unless your request is complex or you have made a large number of
requests in which case we will notify you of any delay and will in any event reply within 3 months.
If you wish to make a Subject Access Request, please email email@example.com
- 6.Keeping your data up to date
We have a duty to keep your personal data up to date and accurate so from time to time we will contact you to ask you to confirm that your personal data is still accurate and up to date.
If there are any changes to your personal data (such as a change of address) please let us know as soon as possible by emailing the addresses set out in section 6 above.
We are committed to protecting your personal data but if for some reason you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.