Policy and Procedure

Corporate Governance

KERA Consultancy Ltd Privacy Notice

KERA Consultancy Ltd and its associates understand how important it is to keep your personal information safe and secure and we take this very seriously. We have taken steps to make sure your personal information is looked after in the best possible way. We review our procedures regularly.

Please read this privacy notice (‘Privacy Notice’) carefully, as it contains important information about how we use the personal information we collect on your behalf.

VERSION	Date Reviewd	Reviewed by	Date Approved	Approved By	Comments
01	JUNE 2023	KATE PEARCE	23 JUNE 2023	DAVID COWAN	CREATION OF POLICY

1. Purpose  

KERA are required by law to provide you with this Privacy Notice. The purpose of this document is to explain how we use the personal information we collect, store and hold about you. If you are unclear about how we process or use your personal information, or you have a question about this Privacy Notice or any other issue regarding your personal information, then please do contact us. 

The Law says: 

1. We must let you know why we collect personal information about you; 

2. We must let you know how we use any personal information on you; 

3. We need to inform you in respect of what we do with it; 

4. We need to tell you about who we share it with or pass it on to and why; and; 

5. We need to let you know how long we keep it for. 

KERA collects and processes data relating to its associates in order to manage its relationships with them. We are committed to being transparent about how we collect and use that data and to meeting out data protection obligations. 

2. Contacting us 

The Managing Director is Mr David Cowan. Please contact us via support@keraconsultancyltd.com if you wish to contact us about: 

• How we store or use your information as a company; 
• You have any questions about how your information is being held; 
• If you wish to make a complaint about anything to do with the personal information we hold about you;  

• Request access to your information or if you wish to make a change to your information; 
• Make a Subject Access Request;  
• Or any other query relating to this Policy and your rights 

3. The Data Protection Officer 

The Data Protection Officer for KERA is David Cowan. 

You can contact him by email at david.cowan@keraconsultancyltd.com if: 

• You have any further questions about how your information is being held; 
• If you’re not satisfied with how we have dealt with your request or information; 
• If you have any further questions or would like to dispute a complaint procedure regarding your data. 

4. Information we collect 

The information we may collect from you will include: 

Your contact details (such as your name and email address, including place of work and work contact details); 

1. Details and contact numbers of your emergency contact; 

2. Your age range, gender, ethnicity, language, disability status, information we need to allow us to provide information in a more accessible format to you; 

3. Any terms and conditions relating to our engagement;  

4. details of qualification, skills, experience, career history; 

5. information about remuneration, days of service or hours of service; 

6. details of bank account (and VAT registration if relevant); 

7. details of insurances if relevant; 

8. photographs and videos if relevant 

We collect this information in a variety of ways. For example, through CVs or resumes, forms completed by yourself or from correspondence with you. 

Data is stored in a range of different places including our MS Teams sharepoint, Secure email system or other IT system. 

We may also collect personal information about you when it is sent to us from the following: 

1. Data provided from contracts we become involved in for data collection purposes: 

2. any organisation who you give permission to ask for your information 

5. Who we may provide your information to, and why 

Your information will be accessible to our management team internally and our admin function where relevant. IT staff may access your data if this in necessary for their roles. 

We may only share your data with third partied to process data on our behalf if this is in connection with making payments. 

We may pass your personal information on to the following people or organisations, because these 

organisations may require your information to assist them in the provision the services you requested from us. It, therefore, may be important for them to be able to access your information in order to 

ensure they may properly deliver their services to you, these are also the systems we may use: 

1. Castle Health & Coaching Ltd 

2. Smart Survey 

3. Mentimeter 

4. DocuSign 

Should we be required to share your data wider we will contact you beforehand to inform you of the process and gain your consent. 

6. Other people who we may support  

1. Commissioners; 

2. Integrated Care Boards (ICBs) formally known as Clinical Commissioning Groups (CCGs); 

3. Local authorities; 

4. Community health services;  

5. For the purposes of complying with the law e.g. Police, Solicitors, Insurance Companies; 

There are good reasons why the ICBs may require this pseudonymised information, these are as follows: 

1. For example; to better plan the provision of services across a wider locality than practice level 

7. Anonymised Information 

Sometimes we may provide information about you in an anonymised form. If we do so, then none of 

the information we provide to any other party will identify you as an individual and cannot be traced 

back to you. 

8. Your Rights  

The Law gives you certain rights to your personal information that we hold, as set out below: 

1. Access and Subject Access Requests 

You have the right to see what information we hold about you and to request a copy of this information. 

If you would like a copy of the information we hold about you please contact us in writing following a SAR procedure.  

There is one month to reply to you and give you the information that you require. We would ask, therefore, that any requests you make are in writing and it is made clear to us what and how much information you require. 

2. Correction 

We want to make sure that your personal information is accurate and up to date. You may ask us to correct any information you think is inaccurate. It is very important that you make sure you tell us if your contact details including your mobile phone number has changed. 

3. Removal 

You have the right to ask for your information to be removed. 

4. Objection  

We cannot share your information with anyone else for a purpose that is not directly related to. We would ask you for your consent in order to do this however, you have the right to request that your personal information is not shared by us in this way. Please note the Anonymised Information section in this Privacy Notice. 

9. How we use the Information about You 

We use your personal information in the following ways: 

1. To provide you with information about or relevant to your role 

2. To provide you with resources and access to events 

3. To provide you with access to peers 

4. To provide you with services commissioned by your locality 

5. To engage with you about services we offer 

We will never pass on your personal information to anyone else who does not need it, or has no right to it, unless you give us clear consent to do so. 

10. Legal Justification for Collecting and Using Your Information 

The Law says we need a legal basis to handle your personal and healthcare information. 

CONTRACT: We have a contract with NHS organisations to deliver development or training services to you. This contract provides that we are under a legal obligation to ensure that we deliver services to the workforce. 

CONSENT: Sometimes we also rely on the fact that you give us consent to use your personal information. 

Please note that you have the right to withdraw consent at any time if you no longer wish to receive 

services from us. 

11. How Long We Keep Your Personal Information 

We carefully consider any personal information that we store about you, and we will not keep your information for longer than is necessary for the purposes as set out in this Privacy Notice.  

12. If English Is Not Your First Language 

If English is not your first language you can request a translation of this Privacy Notice. Please contact our us. 

13. Complaints 

If you have a concern about the way we handle your personal data or you have a complaint about what we are doing, or how we have used or handled your personal information, then please contact our Data Protection Officer. However, you have a right to raise any concern or complaint with the UK information regulator, at the Information Commissioner’s Office: https://ico.org.uk/. 

14. Cookies 

Our website uses cookies. For more information on which cookies are used please visit our cookies policy.  

15. Security 

We take the security of your information very seriously and we do everything we can to ensure that your information is always protected and secure. We regularly update our processes and systems and we also ensure that our staff are properly trained. We also carry out assessments and audits of the information that we hold about you and make sure that if we provide any other services, we carry out proper assessments and security reviews. 

16. Email, Telephone and Contacting You 

Because we are obliged to protect any confidential information we hold about you and we take this very seriously, it is imperative that you let us know immediately if you change any of your contact details. This is to ensure we are sure we are actually contacting you and not another person. If you do not wish to be contacted by text or email please notify us. 

17. Where to Find our Privacy Notice 

You may find a copy of this Privacy Notice on our website or a copy may be provided on request. 

18. Changes to our Privacy Notice 

We regularly review and update our Privacy Notice.