We will provide you with a FREE independent review of health insurance providers comparing cost and benefits in a price sensitive market. With over 25 years experince in this sector we will help you reduce cost as well as ensuring you gain the most from the cover you select.
Let us help you mitigate risk by providing innovative solutions to protect you and your employees, as well as offering to review any existing arrangements to ensure they are fit for purpose, with the aim of saving you time & money.
Healthwise specialises in all aspects of Occupational Health, from a simple Flu Jab, to On Site Mobile Health Screening, Long Term Sickness Referrals, Pre Employment Screening to Absence Management, if you have an requirement for Occupational Health services then talk to the experts.
Introduction
Healthwise Limited ("We") are committed to protecting and respecting your privacy.
This document (together with our terms of use www.healthwiseltd.co.uk) and any other documents referred to in it sets out how we handle what is known as your “personal data”. This is any information that relates to you or from which you can be identified from.
This Notice applies to situations where we collect personal data from you direct or indirectly through your employer.
If there is anything you do not understand please contact us.
Who are we?
Healthwise Limited, Unit 6, Castle Court 1, Castlegate Way, Dudley, West Midlands, DY1 4RD is the ‘Controller’ of your personal data. Our Data Protection Officer is Paul Swanson who can be contacted at the above address or 01384 456 345.
The purpose(s) of processing (‘using’) your personal data
We use your personal data for the following purposes:
We require information from you to better understand your demands & needs to either provide you or your employer with an insurance quotation or to provide other services as requested by you or your employer. Once we have collated your information we will arrange a policy/service with one of our insurance providers or service providers for one or more of the following reasons:
The categories of personal data we process.
We process some or all the following information depending on your requirements:
What is our legal basis for processing your personal data?
a) ‘Ordinary’ personal data (article 6 of GDPR)
There are various ways we can legally process (‘use’) your ordinary personal data. Some of them may overlap. These are:
With your Consent |
This will usually be where we collect your information direct from you. On other occasions we may collect your information from your employer and they will have demonstrated to us that they have your consent to pass your information to us and for us to make use of it. |
Processing necessary for compliance with a legal obligation |
We are required by law to keep accurate records of how we communicate with you and how/why we recommend an insurance contract/service to you/ your employer. This could include assisting with a complaint, handling a claim or handling a query to assist you. |
To take steps at your request prior to you entering in to a (typically) insurance contract or to perform the contract itself. |
This could include where you ask us to secure a quote or to arrange insurance for you. Where your employer passes information to us they will want us to take steps to find appropriate cover for you and (when we find the cover) to take steps to perform the contract i.e. handle claims. |
To protect your vital interests |
In a life and death situation we may disclose information about you to an insurer or other person/ body |
In our legitimate interests or those of your employer or another |
We as a business need to process your information as part of our day to day activities. Other situations might arise where it is in the interests of another for us to make use of your personal data. In these situations, we will always consider your interests before using your information. |
b) ‘Special’ personal data (article 9 of GDPR)
There are various ways we can legally process (‘use’) your special personal data. Some of them may overlap. These are:
Your explicit consent |
Where we are dealing with sensitive personal information such as a medical claim so that we can work on your behalf with an insurer. If we do, we will send an email to you setting out what we propose to do with your data and who we intend to share it with etc. We will ask you to email us back giving the necessary consent. If we are sent information from your employer about you, we will ask your employer to demonstrate they have your explicit consent to our processing it and sharing it with any third party such as an insurer. |
Processing necessary for reasons of preventative or occupational medicine, for assessing your working capacity, medical diagnosis, the provision of health or social care or treatment or management of health or social care systems and services based on EU or UK law or a contract with a health professional |
You may ask us to handle a claim for you which includes medical information, treatment, and medication and/or for occupational health reasons. You may ask us to arrange treatment and talk to other medical professionals |
Processing is necessary to protect your vital interests where you are not capable of giving consent |
As above – life and death situation – where we need to use your information to save your life. |
Processing is necessary for reasons of substantial public interest under EU/ UK law and we have regard to your rights and how to protect them |
This ground will typically be used where we are seeking an insurance product for you or making a claim on your behalf. |
Sharing your personal data
As part of the Aston Lark Group, Healthwise Limited seeks to offer clients a wide range of insurance broking and employee benefit consulting services. We will therefore share Personal Data with other Data Controllers in the Group in order to inform you of other similar contracts and services provided by our other group companies that we believe you may benefit from. We only share limited Personal Data to enable this, typically name, contact details and type of insurance / investment / pension contracts you have effected and its associated renewal date. We may also share special categories of Personal Data (as defined in the Regulation), criminal convictions data or children’s data with the Central Compliance Team in order to facilitate the investigation of any complaints submitted by you.
We may share your information with third parties only to the extent necessary to provide our services to you. These third parties may include:
We do not sell, rent or trade our mailing lists, phone numbers or email addresses.
How long do we keep your personal data?
We keep your personal data for no longer than 6 years to meet our legal requirements under the Financial Conduct Authority (FCA). Examples include: in case of any legal claims/complaints about us or your insurer; for safeguarding purposes, making a claim on a policy.
Providing us with your personal data
You are under no statutory or contractual requirement or obligation to provide us with your personal data. but failure to do so may have the following consequences.
Your rights and your personal data
Unless subject to a ‘restriction’ under the law you have the following rights with respect to your personal data:
Please note that where we need to retain your personal data for a reason(s) such as our regulatory requirements we will decline your request.
Please note that these are general rights. There are always exceptions and, as such, we may decline
your request in whole or in part.
Transfer of Data Abroad
We do not transfer personal data outside the EEA.
Automated Decision Making
We do not use any form of automated decision making in our business.
Security
The management have undertaken a full internal audit of our systems and procedures to ensure the continued protection of your data. We operate a single internal server which is protected by appropriate firewalls and antivirus/malware software to monitor and protect our systems. Our data is backed up twice daily and is removed from site. All users have unique log-ons and passwords which are regularly refreshed. Staff are provided with regular training to identify threats and to understand the importance of Data Protection. If we discover a data breach that puts you at risk, we will notify the Information Commissioner without undue delay and at the latest within 72 hours of discovery. Where there is a high risk to you we will also contact you. All staff have signed our security policy and have been provided with a full and detailed explanation of how important data protection is to you and us. When we transfer data to insurers or clients we will ensure appropriate protection by way of password protection or encryption are used.
How to make a complaint
To exercise all relevant rights, queries or complaints please in the first instance contact our Data Protection Officer on 01384 456 345.
If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.
Changes to our Privacy Notice
Any changes we may make to this Notice in the future will be posted on our web page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.