Cookies and Privacy
Cookies may be set by the website you are visiting or they may be set by other websites who run content on the page you are viewing.
What is in a cookie?
A cookie is a simple text file that is stored on your computer or mobile device by a website’s server and only that server will be able to retrieve or read the contents of that cookie. Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier and the site name and some digits and numbers. It allows a website to remember things like your preferences or login.
What to do if you don’t want cookies to be set
Some people find the idea of a website storing information on their computer or mobile device a bit intrusive, particularly when this information is stored and used by a third party without them knowing. Although this is generally quite harmless you may not, for example, want to see advertising that has been targeted to your interests. If you prefer, it is possible to block some or all cookies, or even to delete cookies that have already been set; but you need to be aware that you might lose some functions of that website. If you have any concerns about cookies, let us know.
NHS Southern Derbyshire CCG’s website uses Google Analytics, a third party web analytics service provided by Google, Inc. ("Google").When someone visits www.southernderbyshireccg.nhs.uk Google Analytics collects standard internet log information and details of visitor behaviour patterns. We do this to monitor the number of visitors to various parts of the site. This information is only processed - does not identify individuals. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Search engine on our website
Search queries results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either ICO https://ico.org.uk/ or any third party.
Links from our website
Apps for mobile phones
The applications (apps) that are created by NHS Southern Derbyshire CCG use analysis software which collects information about usage, downloads and page views. The information is not user identifiable and NHS Southern Derbyshire CCG does not make any attempt to find out the identities of the user. This information ensures that the user is receiving the most out of their app experience.
The Derbyshire Clinical Commissioning Groups (CCGs) are responsible for securing, planning, designing and paying for your NHS services, including planned and emergency hospital care, mental health services, rehabilitation and community services. We need to use information about you to enable us to do this effectively, efficiently and safely. As Data Controllers, we are responsible for how your information is used and explaining that to you. The Derbyshire CCGs (NHS Erewash, NHS Hardwick, NHS North Derbyshire and NHS Southern Derbyshire) share responsibility for commissioning services across the County and these are referred to as the lead commissioner.
Our Commitment to Data Privacy and Confidentiality Issues
We are committed to protecting your privacy and will only process data in accordance with the Data Protection Legislation. This includes the General Data Protection Regulation (EU) 2016/679 (GDPR), the Data Protection Act (DPA) 2018, the Law Enforcement Directive (Directive (EU) 2016/680) (LED) and any applicable national Laws implementing them as amended from time to time.
In addition, consideration will also be given to all applicable Law concerning privacy, confidentiality, the processing and sharing of personal data including the Human Rights Act 1998, the Health and Social Care Act 2012 as amended by the Health and Social Care (Safety and Quality) Act 2015, the common law duty of confidentiality and the Privacy and Electronic Communications (EC Directive) Regulations..
We do not process your information
Your information, which includes your name, the email address you give, the username and password you choose, date of registration, date(s) when you attempt the MCA eLearning course and, in some cases, a practice code is stored on the website so that you can access the MCA eLearning course contained within the website as and when you need to.
Sharing your personal information
We will not share your information with other organisations.
Your information will not be transferred outside the European Economic Area, unless this is stated in the privacy notice of the service you use.
Keeping your personal information
Your personal data will be deleted or anonymised when we no longer need to be able to identify you from that information.
You can ask for access to the information we hold on you
In cases where we hold your data to provide a service to you we would normally access that data when discussing your needs with you or as part of delivering that service.
However, you also have the right to ask for all the information we have about you and the services you receive from us also known as a Subject Access request (SAR). When we receive a request from you in writing, we must give you access to everything we’ve recorded about you unless an exemption applies. If you wish to make a Subject Access Request then please write to the address at the end of this notice.
You can ask to change information you think is inaccurate
You should let us know if you disagree with some information we hold about you.
We may not always be able to change or remove that information but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
You can ask to delete information (right to be forgotten)
In some circumstances you can ask for your personal information to be deleted, for example:
Where your personal information has been shared with others, we will inform them if we are erasing any data we have shared with them.
Please note that we can’t delete your information where:
- Where your personal information is no longer needed for the reason why it was collected in the first place
- Where you have removed your consent for us to use your information (where there is no other legal reason us to use it)
- Where there is no legal reason for the use of your information
- Where deleting the information is a legal requirement
- we are required to have it by law
- it is used for freedom of expression
- it is used for public health purposes
- it is for, scientific or historical research, or statistical purposes where it would make information unusable
- it is necessary for legal claims
You can ask to limit what we use your personal data for
You have the right to ask us to restrict what we use your personal information for where:
When information is restricted it can’t be used other than to securely store the data and with your consent to handle legal claims and protect others, or where it’s for important public interests of the UK.
Where restriction of use has been granted, we’ll inform you before we carry on using your personal information.
You have the right to ask us to stop using your personal information for any CCG service. However, if this request is approved this may cause delays or prevent us delivering that service.
Where possible we’ll seek to comply with your request, but we may need to hold or use information because we are required to by law.
- you have identified inaccurate information, and have told us of it
- where we have no legal reason to use that information but you want us to restrict what we use it for rather than erase the information altogether
Our Data Processors
We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed. The CCG remains the data controller (the organisation responsible for determining the purposes for which and the manner in which personal data is used under Data Protection Legislation) of such information at all times. Please click here for a list of our Data Processors
Request a copy of your personal information
Write to us to request a copy of your information. To make sure it’s you and protect your data we may undertake some identity checks. We follow a procedure when we receive your request and will respond within 1 month. If you aren’t happy with our response, you can ask for a review.
If you have any queries, concerns or want to request that we change or delete your information you may contact the Derbyshire CCGs at the following address:
Data Protection Officer
Toll Bar House
1 Derby Road
Data Protection Officers are responsible for upholding your rights and making sure we process your information correctly.
Concerns about how we are using your information
If you have any concerns about the processing of your information you may also contact the Data Protection Regulator:
Information Commissioner’s Office