Cookies and Privacy


Most websites you visit will use cookies in order to improve your user experience by enabling that website to ‘remember’ you. Cookies do lots of different jobs, like letting you navigate between pages efficiently, storing your preferences and generally improving your experience of a website. Cookies make the interaction between you and the website faster and easier. 

Cookies may be set by the website you are visiting or they may be set by other websites who run content on the page you are viewing.

What is in a cookie?

A cookie is a simple text file that is stored on your computer or mobile device by a website’s server and only that server will be able to retrieve or read the contents of that cookie. Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier and the site name and some digits and numbers. It allows a website to remember things like your preferences or login.

What to do if you don’t want cookies to be set

Some people find the idea of a website storing information on their computer or mobile device a bit intrusive, particularly when this information is stored and used by a third party without them knowing. Although this is generally quite harmless you may not, for example, want to see advertising that has been targeted to your interests. If you prefer, it is possible to block some or all cookies, or even to delete cookies that have already been set; but you need to be aware that you might lose some functions of that website. If you have any concerns about cookies, let us know

Google Analytics

NHS Southern Derbyshire CCG’s website uses Google Analytics, a third party web analytics service provided by Google, Inc. ("Google").When someone visits Google Analytics collects standard internet log information and details of visitor behaviour patterns. We do this to monitor the number of visitors to various parts of the site. This information is only processed - does not identify individuals. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

Google Analytics uses cookies, which are text files placed on your computer, to help the website analyse how users use the site.

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Search engine on our website

Search queries results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either ICO or any third party.

Links from our website

NHS Southern Derbyshire CCG’s website contains links to other websites of interest. However, once you have used these links to leave this website, you should note that we do not have any control over that other website. We cannot be responsible for the protection and privacy of any information which you provide while visiting such websites, and such websites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. We recommend that you review the websites privacy policy as a precautionary measure. The trust does not endorse any external sites and is not responsible for their content.

Apps for mobile phones

The applications (apps) that are created by NHS Southern Derbyshire CCG use analysis software which collects information about usage, downloads and page views. The information is not user identifiable and NHS Southern Derbyshire CCG does not make any attempt to find out the identities of the user. This information ensures that the user is receiving the most out of their app experience.

Privacy Notice

The Derbyshire Clinical Commissioning Groups (CCGs) are responsible for securing, planning, designing and paying for your NHS services, including planned and emergency hospital care, mental health services, rehabilitation and community services. We need to use information about you to enable us to do this effectively, efficiently and safely. As Data Controllers, we are responsible for how your information is used and explaining that to you. The Derbyshire CCGs (NHS Erewash, NHS Hardwick, NHS North Derbyshire and NHS Southern Derbyshire) share responsibility for commissioning services across the County and these are referred to as the lead commissioner.

Our Commitment to Data Privacy and Confidentiality Issues

We are committed to protecting your privacy and will only process data in accordance with the Data Protection Legislation.  This includes the General Data Protection Regulation (EU) 2016/679  (GDPR), the Data Protection Act (DPA) 2018, the Law Enforcement Directive (Directive (EU) 2016/680) (LED) and any applicable national Laws implementing them as amended from time to time. 

In addition, consideration will also be given to all applicable Law concerning privacy, confidentiality, the processing and sharing of personal data including the Human Rights Act 1998, the Health and Social Care Act 2012 as amended by the Health and Social Care (Safety and Quality) Act 2015, the common law duty of confidentiality and the Privacy and Electronic Communications (EC Directive) Regulations..

We do not process your information

Your information, which includes your name, the email address you give, the username and password you choose, date of registration, date(s) when you attempt the MCA eLearning course and, in some cases, a practice code is stored on the website so that you can access the MCA eLearning course contained within the website as and when you need to.

Sharing your personal information

We will not share your information with other organisations.

Your information will not be transferred outside the European Economic Area, unless this is stated in the privacy notice of the service you use.

Keeping your personal information

Your personal data will be deleted or anonymised when we no longer need to be able to identify you from that information.

You can ask for access to the information we hold on you

In cases where we hold your data to provide a service to you we would normally access that data when discussing your needs with you or as part of delivering that service.

However, you also have the right to ask for all the information we have about you and the services you receive from us also known as a Subject Access request (SAR). When we receive a request from you in writing, we must give you access to everything we’ve recorded about you unless an exemption applies. If you wish to make a Subject Access Request then please write to the address at the end of this notice.

You can ask to change information you think is inaccurate

You should let us know if you disagree with some information we hold about you.

We may not always be able to change or remove that information but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.

You can ask to delete information (right to be forgotten)

In some circumstances you can ask for your personal information to be deleted, for example: Where your personal information has been shared with others, we will inform them if we are erasing any data we have shared with them.

Please note that we can’t delete your information where:

You can ask to limit what we use your personal data for

You have the right to ask us to restrict what we use your personal information for where: When information is restricted it can’t be used other than to securely store the data and with your consent to handle legal claims and protect others, or where it’s for important public interests of the UK.

Where restriction of use has been granted, we’ll inform you before we carry on using your personal information.

You have the right to ask us to stop using your personal information for any CCG service. However, if this request is approved this may cause delays or prevent us delivering that service.

Where possible we’ll seek to comply with your request, but we may need to hold or use information because we are required to by law.

Our Data Processors

We ensure external data processors that support us are legally and contractually bound to operate and prove security arrangements are in place where data that could or does identify a person are processed. The CCG remains the data controller (the organisation responsible for determining the purposes for which and the manner in which personal data is used under Data Protection Legislation) of such information at all times. Please click here for a list of our Data Processors

Request a copy of your personal information

Write to us to request a copy of your information. To make sure it’s you and protect your data we may undertake some identity checks. We follow a procedure when we receive your request and will respond within 1 month. If you aren’t happy with our response, you can ask for a review.

Contact us

If you have any queries, concerns or want to request that we change or delete your information you may contact the Derbyshire CCGs at the following address:

Data Protection Officer
Toll Bar House
1 Derby Road


Data Protection Officers are responsible for upholding your rights and making sure we process your information correctly.

Concerns about how we are using your information

If you have any concerns about the processing of your information you may also contact the Data Protection Regulator:

Information Commissioner’s Office
Wycliffe House

[close]  [print]