Privacy Policy

Important information 

This notice is provided for visitors to our website, potential customers, current customers, suppliers and any other persons whose information is processed by Capri Healthcare as a data controller. This notice explains how and why we collect and process your personal data. 

In addition, privacy information is provided to Capri Healthcare staff via an Internal Privacy Notice and to job applicants via the Job Applicant Privacy Notice. 

The provision of private information is primarily the responsibility of data controllers and patients of our customers should refer to the privacy notice on their Practice’s website.

They may also find the information on our Data Processing Agreement page, which details how we comply with data protection requirements when delivering our services to Practices. 

Leaving our site

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should be aware that we don’t have any control over the other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites.

Information that we collect 

We currently collect and process the following information: 

  • Personal identifiers- first name, surname, title, contact address, email address, telephone number 
  • Transactional data- invoicing information, order forms and other information relating to products/services you have purchased from us and correspondence relevant to the delivery of a contract 
  • Technical Data- IP address

How we collect the information 

All of the information we process is provided to us directly by you for one of the following reasons:

  • So that you can make a general enquiry  
  • So that you can request more information about our products/services
  • So that you can enter into a contract with us for our products/services 

Our legal basis for collecting your information

It is necessary for us to process the personal data you have supplied in order for us to fulfil the contract between you and Capri Healthcare Ltd. Under the General Data Protection Regulation (GDPR), the lawful basis we rely on for processing this information are:

  • We have a contractual obligation 
  • We have a legitimate interest 
  • To fulfil a legal obligation 

Further processing may be necessary to support the delivery of our services and the fulfilment of our obligations in the legitimate interests of the business. We may process your information by sending you details of similar products or services to those previously delivered to you. This is also in the legitimate interests of Capri Healthcare Ltd and in accordance with the Privacy and Electronic Communications Regulations.

How we use your information 

We use the information you have given us in order to:

  • Respond to a general enquiry that you have made 
  • Respond to a request for more information about our products/services 
  • Enter into a contract with you
  • Fulfil our contractual and/or legal obligations 

We may share your personal data with the following third parties in order to support the performance of a contract or to fulfil a legal obligation:

  • Professional advisers acting a sub-processors or controllers e.g. lawyers, accountants
  • Government agencies such as HMRC  
  • Service providers acting as sub-processors that provide IT and admin support e.g. IONOS, AWS (Amazon Web Services) 

These third parties are subject to the same data protection requirements as Capri Healthcare and as part of the duty to you, we regularly review our terms and conditions with third parties to ensure ongoing compliance.

How we store your information 

Your information is securely stored within our IONOS virtual server located in England based Data Centre. Customer invoices are securely stored within a system called Crunch and Helpdesk correspondence is securely stored within a system called Zoho Desk.

We retain personal information only for as long as necessary to fulfil the purposes that we collected it for. Once we have entered into a contract with a customer, we will retain all information relevant to that contract, including invoicing records and identifiable data for a period of six years in line with legal requirements. Once the retention period has expired your information will be deleted from our online systems and any paper records physically destroyed using confidential shredding. 

We retain personal data relating to payments, VAT, tax and accounts for the minimum statutory periods required by UK law. We retain information relating to historical bookings and purchases to enable us to analyse the performance of the business over time and plan for the future success of the company. We only keep this information for as long as is necessary to perform this task.

Passing information to third parties

We will not sell, trade, transmit or otherwise pass on your personal information to a third party, except where it is necessary to deliver our services. This information is processed securely under contract with Capri Healthcare Ltd and is deleted once the contract is fulfilled.

Your data protection rights 

Under data protection law, you have rights including:

  • Your right of access- You have the right to ask for copies of your personal information 
  • Your right to rectification- You have the right to ask to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is complete 
  • Your right to erasure- You have the right to ask us to erase your personal information in certain circumstances
  • Your right to restriction of processing- You have the right to ask us to restrict the processing of your information in certain circumstances 
  • Your right to object to processing- You have the right to object to the processing of your personal data in certain circumstances 
  • Your right to data portability- You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances 

You are not required to pay any charge for exercising your rights. However, we can charge you a “reasonable fee” for the administrative costs of complying with your request if:

  • it is manifestly unfounded or excessive; or
  • you request further copies of your data following an initial request.

If you make a request, we have within one month to respond to you. If the request is complex or you have submitted a number of requests, we may inform you that we have extended this time period up to a maximum of a further two months. If you wish to make a request please contact us at:

Compliance Officer

Name: Capri Healthcare Ltd

Address: Suite 7, 4th Floor, Queens Gate

121 Suffolk Street, Birmingham B1 1LX

Phone Number: 0121 792 7695

E-mail: security@caprihealthcare.co.uk

How to complain 

We encourage you to bring concerns to our attention if you think that our collection or use of information is unfair, unlawful or misleading. If you wish to make a complaint please contact us in the first instance using the contact details referred to above.  You can also complain to the ICO if you are unhappy with how we have used your data. 

ICO – Registration Number  ZA543839

The ICO’s address is:

Information Commissioner’s Office

Wycliffe House

Water Lane, Wilmslow

Cheshire, SK9 5AF

Helpline number: 0303 123 1113

Review and monitoring  

We regularly review and, where necessary, update this notice. As a minimum, this notice is reviewed annually.

If we plan to use personal data for a new purpose, we will update our privacy information, communicate the changes to affected individuals and where necessary identify a new legal basis for processing before the new purpose is pursued.

Getting in touch and dealing with issues

You are guaranteed certain rights under UK and EU data protection law which Capri Healthcare Ltd will make every effort to meet. The GDPR provides the following rights for individuals: The right to be informed The right of access The right to rectification The right to erasure The right to restrict processing The right to data portability The right to object Rights in relation to automated decision making and profiling. Read more about rights for individuals.

If you have any issues regarding our Privacy Policy or the use of your information then you can contact us through the contact page of the website or using the details below.

Name: Capri Healthcare Ltd

Address: Suite 7, 4th Floor, Queens Gate

121 Suffolk Street, Birmingham B1 1LX

Phone Number: 0121 792 7695

E-mail: security@caprihealthcare.co.uk

The method to receive communication from Capri can be managed by visiting Manage Preferences. If you receive information emails and no longer wish to do so, you will be able to permanently unsubscribe from our email service by using a link in the email footer.