LOCUMLINK ASSOCIATES LIMITED T/A LOCUMLINK HEALTHCARE
This policy statement provides full details on the following;
1. PERSONAL DATA COLLECTION
1.1 We may collect and process personal data in the following ways:
(b) Persons under 16 years of age should not provide any personal data without consent from a parent or guardian.
Personal data: This is data supplied to us when a data subject, or agency provides personal data via our website/s or our cloud based platform, or by corresponding with us by phone, email or otherwise, and is provided entirely voluntarily. The data may include a person’s name, contact details (such as phone number, email address and postal address), enquiry details and an opinion of our products.
We may automatically collect personal data from our web servers as part of standard details relating to browser and operating systems, additional personal data may be automatically collected from our website, to include pages visited and the date of visit. Personal data may also be automatically collected for security reasons, e.g. to identify attacks on our website, this may include data relating to the Internet protocol (IP) address assigned by an internet service. We may collect some of this information using cookies – see Cookies in Section 7 for further information. We may also collect personal data that is shared as part of a person’s public profile on a third party social network.
We may also receive certain personal data from other contract agencies and/or recruitment agencies within the Irish Jurisdiction.
This information may include:
Personal data collected from the data subject by recruitment agency and/or other third party. It is a contract requirement to provide all personal data requested on this form, failure to provide such personal data may preclude us from completing the contract. The personal data collected may include a person’s name, postal address, contact information, telephone number, email address, or any other personal information.
Please see Section 2 for further details outlining how we use personal data and for details of the purposes for which we use the personal data we obtain from these sources and the legal basis on which we rely to process such information. The remaining provisions of this policy also apply to any personal data we obtain from these sources.
2. HOW PERSONAL DATA MAY BE USED
Use of personal data under EU data protection laws must be justified under one of a number of legal grounds and we are required to set out the grounds in respect of each use in this policy. An explanation of the scope of these grounds is listed below:
2.1 Where valid consent is provided
We may use and process personal data where consent is agreed for the following purposes. (Please note that consent will be agreed via a consent form in relation to any such use and may be withdrawn at any time. Please see withdrawing consent in Section 6 for further details).
2.2 Where we are required to perform a contract
We may use and process personal data where it is necessary for the performance of a contract.
2.3 Where required to comply with Legal Obligations
We may use personal data to comply with our legal obligations in, (a) assisting an Garda Síochána, or any other public authority or statutory authority for the purposes of criminal or other related investigations, (b) so as to enable legitimate identification in complying with our legal obligations, and (c) to verify the accuracy of the data that we hold.
2.4 Where there is a Legitimate Interest
We may use and process personal data where it is necessary for us to pursue our legitimate interests as a business, and where our reasons for using it outweigh any prejudice to data protection rights, as follows:
3. THIRD PARTIES WHO MAY PROCESS PERSONAL DATA
3.1 Healthcare Service Providers
We may share data with other Healthcare Service Providers. These Companies, may use personal data in similar ways to that outlined in Section 2 of this policy document.
Our cloud based platform/websites may also contain personal data supplied from third parties for the purposes of recruitment processing activities. Third party agencies who operate/use our cloud based platform for the purpose of logging personal data acknowledge that we will transfer this data to healthcare service providers.
When we use social plug-ins on our websites from social networks such as Facebook, Twitter and Google+, we integrate them as follows:
Social plug-ins are deactivated on our websites (i.e. no data is transmitted to the operators of these networks). To use one of these networks, click on the respective social plug-in to establish a direct connection to the server of the respective network.
A user account holder on the network, who has activated the social plug-in, can be associated to the network visit to our websites/cloud based platform.
When a social plug-in is activated, the network transfers the content that becomes available directly to the user’s browser, which integrates it into our websites. In this situation, data transmissions can also take place that are initiated and controlled by the respective social network. Connection to a social network, the data transfers taking place between the network and a user system, and user interactions on that platform are governed solely by the privacy policies of that network.
The social plug-in remains active until deactivated or deleted in cookies.
3.2 Contracted suppliers and Healthcare service providers
We may disclose personal data to our third-party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to a customer on our behalf. Such third parties may include cloud services providers (such as hosting and email management) or advertising agencies, administrative services or other third parties who provide services to us.
When we use third party service providers, we only disclose to them any personal data that is necessary for them to provide their service and we commit to ensuring valid Data Protection Agreements are in place with all third parties so as to ensure all personal data is secure and only used in accordance with our specific contract terms and conditions.
3.3 Third parties who provide products and services
Personal data which we collect may be transferred to third parties with customer consent.
Such data is shared in a secure manner, using a consistent security protocol. When we share data with other parties we ensure that they only use the data for the purpose it was collected.
4. STORAGE OF PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA (EEA)
Data provided to us may be transferred to countries outside the EEA. By way of example, this may happen where any of our group companies are incorporated in a country outside of the EEA or if any of our servers or those of our third-party service providers are from time to time located in a country outside of the EEA. These countries may not have similar GDPR data protection laws.
If we transfer data outside of the EEA in this way, we will ensure that appropriate security measures are taken with the aim of ensuring that data privacy rights continue to be protected as outlined in this policy. These steps include imposing contractual obligations on the recipient of personal data or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection of personal data.
The use of our services whilst outside the EEA, may involve the onward transfer of data outside the EEA in order to provide those services.
5. HOW LONG DO WE KEEP PERSONAL DATA
When we collect/receive personal data, the length of time we retain it is determined by a number of factors including the purpose for which we use that data and our obligations under GDPR and related laws. We do not retain personal data for longer than is necessary.
We may need personal data in the bringing or in defence of a legal claim, in which case we will retain personal data for a period of seven years after the last occasion on which we have used the personal data as specified in Section 2 of this policy document.
The only exceptions to this are; (a) where the law requires us to hold personal data for a longer period or (b) when requested to have the data deleted if we do not need to hold it in connection with any of the reasons permitted in Section 6 of this policy document.
6. DATA SUBJECTS RIGHTS
6.1 Rights as a ‘Data Subject’
A data subject, has the right of access (Art. 15 GDPR), right to rectification (Art. 16 GDPR), right to erasure (Art. 17 GDPR), right to restriction of processing (Art. 18 GDPR) and right to data portability (Art. 20 GDPR). A person’s rights as a Data Subject include the following:
The right of consent to the processing of personal data by us may be revoked at any time. The legality of processing personal data before revocation remains unaffected. We may further process such data pursuant to another applicable legal basis, e.g. for the fulfilment of our legal obligations.
A data subject has the right to object at any time to the processing of personal data (Art 21 GDPR). In such circumstances we will only process personal data if we can prove compelling legitimate reasons that outweigh a person’s interests, rights and freedoms, or for the establishment, exercise or defense of a legal claim.
If a person believes that the processing of personal data violates legal requirements, that person has the right to lodge a complaint with the Offices of the Data Protection Commissioner (Art. 77 GDPR).
7. SECURITY / COOKIES / LINKS / SOCIAL PLUGINS
We at all times use technical and organisational security measures to protect the personal data supplied and managed by us against manipulation, loss, destruction and access by third parties. Our security measures are continually improved in line with technological developments.
Unfortunately, the transmission of data via the internet is not completely secure. We will do our utmost to protect personal data, however we cannot guarantee the security of all data whilst in transit to our website, transmission is at the user’s own risk.
Where we have given (or where chosen) a password which enables access to an account, the user is responsible for keeping this password confidential. Do not share this password with any other person.
7.1 Use of 'cookies'
By clicking on to a link of an offer or by activating a social plug-in, personal data may reach providers in countries outside the European Economic Area (EEA) that, from the point of view of the European Union ("EU"), may not guarantee an "adequate level of protection" for the processing of personal data in accordance with EU standards. Please be aware of this alert before clicking on a link or activating a social plug-in and thereby triggering a transfer of data.
Cookies are small files that are placed on a desktop, notebook or mobile device by a website visited. From this we can, for example, recognise whether there has already been a connection between a device and our websites, or which language or other settings the user prefers. Cookies may also contain personal data.
7.4 Links to other websites
In addition, if linked to our website from a third-party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party website and recommend that all users check the policy of all third-party websites.
7.5 Social plugins
We use so-called social plugins (buttons) of social networks such as Facebook, Google+ and Twitter.
When visiting our website, these ‘buttons’ are deactivated by default, i.e. without intervention they will not send any data to the respective social networks. These ‘buttons’ are activated by clicking on them. They remain active until deactivated or deleted.
After their activation, a direct link to the server of the respective social network is established. The contents of the ‘button’ are then transmitted from the social network directly to the user’s browser and incorporated in the website.
After activation of a ‘button’, the social network can retrieve data, independently of whether interaction with the ‘button’ took place. When logged on to a social network, the network can assign a visit to the website of the user account. A social network cannot assign a visit to websites operated by our other group companies unless and until activation.
Data provided in subscribing to a newsletter offered on our website will only be used in order to provide the newsletter, unless agreed for further use. Subscription to the newsletter can be withdrawn at any time using the unsubscribe option provided.
9. Contact Us
Customers may contact our offices with any questions or suggestions regarding the processing of personal data or if they wish to amend/update their personal data, please contact the offices of;
32 Ranelagh Road