Privacy Notice

How we use your information

Privacy Notice

This Privacy Notice explains how we collect, use, store, and protect your personal information when you use our services. We are committed to ensuring that your privacy is protected and that we comply with applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Our approach aligns with principles commonly adopted across NHS Trusts, including transparency, fairness, and accountability.

Who We Are

We provide services for healthcare professionals and are responsible for processing your personal data. We act as a “data controller” for the purposes of data protection law.

Information We Collect

We may collect and process the following types of personal information:

  • Name, job title, and professional details
  • Contact information such as email address, telephone number, and postal address
  • Organisation/employer details
  • Information relevant to enquiries or service provision
  • Website usage data (via cookies and analytics tools)

Additional Information for Training Course Bookings

With the introduction of our new website and training services, we will also collect:

  • Booking and registration details for training courses
  • Billing information (such as billing address and payment-related details, where applicable)
  • Attendance records and course preferences
  • Communication preferences regarding future courses and professional updates

How We Use Your Information

We use your personal data to:

  • Provide and manage our services
  • Respond to enquiries and requests
  • Maintain accurate records
  • Improve our services and website functionality

For Training Courses, We Will Also Use Your Information To:

  • Process bookings and manage your course registration
  • Facilitate billing and payment processes
  • Communicate important information about your course (e.g. confirmations, updates, materials)
  • Inform you about future training opportunities, events, and service developments relevant to healthcare professionals (where permitted)

We will only use your information where we have a lawful basis to do so, such as fulfilling a contract, complying with legal obligations, or where we have your consent.

Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Contractual obligation – to deliver services and training courses you have requested
  • Legal obligation – to comply with regulatory or financial requirements
  • Legitimate interests – to improve services and communicate relevant updates
  • Consent – where required, particularly for marketing communications

You may withdraw your consent at any time.

Information Sharing

We do not sell your personal data. We may share your information with:

  • Trusted service providers who support our operations (e.g. IT systems, payment processors)
  • Regulatory bodies where required by law
  • Healthcare organisations where necessary for service delivery

All third parties are required to respect the security of your personal data and to treat it in accordance with the law.

NHS Dermatology Service Data

NHS Dermatology data is collected and managed in the same manner as a healthcare record and is subject to NHS information governance requirements.

Where dermatology services are delivered in partnership with NHS organisations, relevant personal health information may be held by the NHS Trust responsible for your care.

Should an individual or organisation require access to personal Dermatology healthcare information, requests should be directed to Portsmouth Hospitals University NHS Trust via email at pho-tr.PHTHealthRecords@nhs.net or by submitting an online Subject Access Request.

For further information, you may contact the Portsmouth Hospitals University NHS Trust Governance Department on 02392 286000 ext. 1288.

Data Security

We are committed to ensuring that your information is secure. We have appropriate technical and organisational measures in place to prevent unauthorised access, loss, or misuse of your personal data. These measures are consistent with standards expected within healthcare environments, including those aligned with NHS information governance practices.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Service delivery and training administration
  • Financial record-keeping requirements
  • Legal and regulatory obligations

Retention periods are regularly reviewed.

Your Rights

Under data protection law, you have rights including:

  • The right to access your personal data
  • The right to request correction of inaccurate data
  • The right to request erasure of your data (where applicable)
  • The right to restrict or object to processing
  • The right to data portability

To exercise any of these rights, please contact us using the details below.

Cookies

Our website uses cookies to enhance user experience and analyse website performance. You can control cookie preferences through your browser settings.

Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our services, including the introduction of training course provision. Updates will be published on this page.

Contact Us

If you have any questions about this Privacy Notice or how your data is handled, please contact us via the details provided on our website.

This notice reflects our commitment to protecting personal data in line with healthcare sector expectations, including transparency, data minimisation, and secure handling of information.

READ OUR FAQS • READ OUR FAQS •