Privacy Policy
1. Introduction
Lawyers Medical Agency takes your privacy and the privacy of referred clients' extremely seriously. This policy sets out how we collect and process any personal data provided to us when using our services and website http://www.lawyersmedicalagency.com
This policy applies where Lawyers Medical Agency (referred to as "we", "us" or "our" in this Privacy Policy) identify as the Data Controller and where we are responsible for your or your referred clients' personal data.
Contacting us
Lawyers Medical Agency have appointed a Data Protection manager who will be responsible for privacy matters and the protection of personal data we hold as an organisation, their details are below:
Name: Dave Wise
Email address:Â davew@lawyersmedicalagency.com
Telephone number: 0161 908 0399
Lawyers Medical Agency is an LLP registered in England and Wales registration number whose registered office is:
The Triangle
8 Cross Street
Altrincham
WA14 1EQ
Making complaints
If you are unhappy with the way we collect or process your or your referred clients' personal information, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) who are the UK's supervisory authority for data protection.
Complaints and concerns can be lodged with the ICO via this link: https://ico.org.uk/concerns/
We kindly ask that before any complaints are lodged with the ICO, that you contact us first to try and resolve any issues you may have.
2. What data do we collect?
Personal information we may collect and process from you or your company includes:
- Client contact information such as name, address, telephone number and email address;
- Client's personal details such as date of birth;
- Client's medical information such as medical history, medical conditions and medication, treatment records and medical reports;
- Any other personal information you may provide to us in the process of us providing you or your referred clients with our services;
- Details of contact we have had with you or your referred clients in relation to the provision, or the proposed provision, of our services;
- Our correspondence and communications with you or your referred clients;
- Information about any complaints and enquiries you or your referred clients make to us.
Sensitive personal data
Under the General Data Protection Regulation/Data Protection Act 2018, sensitive personal data is data which includes information about a person's race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about a person's health and genetic and biometric data.
Lawyers Medical Agency does collect sensitive personal data as part of our service. When we do this, we will either gain your or your referred clients' explicit consent, or we will use the data in the pursuit of a legal claim on your or your referred clients' behalf.
3. How do we use personal data?
We will only use your or your referred clients' personal data for the following reasons:
- To provide you or your referred clients with the services we offer as a business;
- To provide you or your referred clients with information you or they have requested from us;
- To fulfil any legal or contractual obligations we may have which require the processing of personal data.
4. How do we obtain your or your referred clients' data?
We can collect data about you or your referred clients via a variety of methods:
- From treatment providers in relation to the reports that they provide;
- From direct actions we may have with you or your referred clients by communicating via phone, email or post.
5. Our lawful purposes for collecting and processing your or your referred clients' information
We have identified that we will use your or your referred clients' information for the following reasons:
- Where we need to perform the contract between us;
- To support our legal requirements to hold medical information;
- Where it is necessary for our legitimate interests (or those of a third party) and your or your referred clients' interests and fundamental rights do not override those interests;
- Where we need to comply with a legal or regulatory obligation;
- With your and your referred clients' explicit consent.
Where we rely on consent as a lawful purpose for processing your or your referred clients' sensitive personal data, you or your referred clients have the right to withdraw consent (where applicable) at any time by contacting our Data Protection Officer.
6. Who do we share personal information with?
We need to share your or your referred clients' information with third parties in order to provide our services, these third parties include:
- Physiotherapy Clinics
- Psychological Therapists
- Medical Agencies
- Diagnostic Providers
- Legal Representatives
- GPs
Where we do share information with third parties, we ensure that the highest levels of data protection are in place in accordance with the law.
Third parties with whom we share data are only permitted to process this data for the specified purposes we stipulate with them.
We do not sell your or your referred clients' information on to third parties.
7. International transfers
Where possible, we ensure that data is stored within the European Economic Area (EEA), however, some of our storage locations and service providers may be hosted outside of the EEA. When we do need to transfer personal data out of the EEA, we ensure one of the following safeguards is in place to provide a similar level of security of data:
- Your personal data or the data of your referred clients has been transferred to a country that has been deemed to provide an adequate level of protection for personal data by the European Commission; or
- The hosting environment we use has specific contracts, codes of conduct or certification mechanisms in-place which have been approved by the European Commission; or
- Where we transfer data to the United States, we ensure our providers are certified as part of the EU-US Privacy Shield programme.
If none of these safeguards are available, we will only transfer the data with your or your referred clients explicit consent which can be removed at any time by contacting us.
Please contact our Data Protection Officer if you want further information on the specific mechanism used by us when transferring your or your referred clients personal data out of the EEA.
8. Retention periods
Personal information will be retained in accordance with our Data Retention Policy which categorises all of the data assets held by us and specifies the appropriate retention period for each data asset.
These periods are based on the requirements to keep the data for as long as necessary to fulfil the purpose for which it was collected, to meet any legal requirements or to satisfy any reporting, accounting or contractual needs.
9. You and your referred clients' rights
Under the Data Protection Act (2018), you or your referred clients have certain rights regarding personal data, these include the right to:
- Request access to personal data
- Request correction of personal data
- Request erasure of personal data
- Object to processing of personal data
- Request restriction of processing personal data
- Request transfer of personal data
- Right to withdraw consent
You or your referred clients may exercise any of these rights by raising a Subject Access Request with us. This can be done by contacting our Data Protection Officer.
We will not charge you or your referred clients for making a request and we will make all reasonable efforts to respond within 30 days. Sometimes it may take longer than 30 days to gather all the information we may hold, in this situation, we will keep all parties updated at all times.
We may refuse your or your referred clients request or withhold any personal information that is requested if there is an overriding legal reason for us to do so.
10. Information security
Lawyers Medical Agency takes the security of you and your referred clients information extremely seriously. In order to protect this data, we implement a risk-based approach to adopt the strongest organisational and technical controls in order to protect the confidentiality, integrity and availability of the data.
11. Cookies
Our website does not use cookies.
12. Changes to this privacy policy
We keep this policy under regular review. This policy was last reviewed on 25th May 2018.