Privacy Notice and Cookie Policy

Dated: 23rd May 2018 – Privacy Notice and Cookie Policy

This privacy notice and cookie policy is for the website; www.cbtclinics.co.uk and served by CBT Clinics who are registered at 12 Yorkersgate, Malton, North Yorkshire, YO17 7AA and governs the privacy of those who use it. This policy describes how CBT Clinics practices, controls, processes, and protects your personal information while browsing or using this website, including your rights under current laws and regulations.
We may change this policy from time to time by updating this page.
You should check this page from time to time to ensure that you are happy with any changes.

Your Individual rights

Under the GDPR (General Data Protection Regulation), your rights are as follows:
• The right to be informed
• The right of access
• The right of rectification
• The right to erasure
• The right to data portability
• The right to withdraw consent

We handle subject access requests in accordance with the GDPR.

How we collect personal information

We collect personal information from you and from third parties (anyone acting on your behalf, for example, solicitor, personal injury services, insurers etc.). Please see below for more information.

We collect personal information from you:
• Through your contact with us via phone (we may record or monitor phone calls for security and training purposes), email, our website or by post.

We also collect information from other people and organisations.

For all our customers, we may collect information from:
• A family member or someone acting on your behalf
• Doctors, clinicians, health care professionals, hospitals, clinics and other health care providers
• Any service providers who work with us in relation to your product or service
• Organisations and professional bodies such as but not limited to NMC, GMC, BABCP or HCPC who provide us with correct and up to date accreditation information

If we provide you with health care, we may collect information from:
• Your employer
• Your parent or guardian (if you’re under 18 years old)
• Those paying for the products or services we provide to you including other insurers.

Categories of personal information

We process two categories of information about you and (where this applies) your dependants:
• Standard personal information which helps us to contact, identify or manage our relationship with you; and
• Special Categories of information, which helps us to tailor your care.

Standard personal information includes:
• Contact information such as name, address, phone numbers and email address
• The country you live in, age, date of birth and national identifiers such as passport document or National Insurance number
• Employment details
• Details of any contact we had with you such as any complaints or incidents
• Financial details which if required, we store your card details on our secure Sage Pay service for 90 days, which are then deleted
• Information about how you use our website, apps, or other technology, including IP addresses or other device information.

Special Category information includes:
• Information about your physical or mental health, including genetic information or biometric information (we may get this information from application forms you have filled in, from notes and reports about your health and any treatment and care you have received or need, or it may be recorded in details of contact we have had with you such as information about complaints or incidents, and referrals from your existing insurance provider, quotes and records of medical services you have received);
• information about your race, ethnic origin and religion (we may get this information from your medical preferences to allow us to provide care that is tailored to your needs); and
• Information about any criminal convictions and offences (we may get this information when carrying out anti-fraud or anti-money-laundering checks, or other background screening activity

What we use your personal information for

We use your personal information for the purposes set out in this privacy notice.

We process standard personal information about you if this is:
• Necessary to provide the services set out in a contract
• In our or a third party’s legitimate interest
• Required or allowed by law

We process special category information about you because:
• It is necessary for the purposes of health prevention, assessment and treatment services
• It is necessary for insurance purpose
• It is necessary to establish, make or defend legal claims
• It is preventing or detecting an unlawful act, malpractice, dishonesty or other serious improper behaviour
• It is in the public interest; in line with any laws apply
• It is information that you have made public
• We have your permission

Legitimate Interest

CBT Clinics process your personal information for a number of legitimate interests including:
• To help manage our relationship with you, our business and third parties who provides products or services for us.
• To provide health care service on your behalf of a third party
• To investigate complaints and incidents
• To develop and carry out marketing activities.
• For statistical research and analysis so that we can monitor and improve our products and services.
• To monitor our clinical and non-clinical performance expectations.
• To enforce or apply our website terms of use, our policy terms and conditions or other contracts, or to protect our (or our customers’ or other people’s) rights, property or safety;
• To exercise our rights, to defend ourselves from claims and to keep to laws and regulations that apply to us and the third parties we work with
• To take part in, or be the subject of, any sale, purchase, merger or takeover of all or part of the CBT Clinics business

Sharing your information

We share your information within CBT Clinics, within relevant policyholders, with funders or people arranging services on your behalf and with others who help provide services to you, for example, medical experts. We also share information in line with the law.

For all our customers, we share information with:
• Doctors, clinicians and other health-care professionals, hospitals, clinics and other health-care providers
• Suppliers who help deliver products or services on our behalf
• People or organisations we have to, or are allowed to, share your personal information with by law (for example, for fraud-prevention or safeguarding purposes)
• The police and other law-enforcement agencies to help them perform their duties, or with others if we have to do this by law or under a court order
• If CBT Clinics sell or buy any business or assets, the potential buyer or seller of that business or those assets
• A third party who takes over any or all of CBT Clinics assets (in which case personal information we hold about our customers or visitors to the website may be one of the assets the third party takes over)
If we provide you with health care, we share information with:
• Your employer-If your employer is paying for the services we are providing
• Our insurance partners, for example, solicitors and interpreters
• Those paying for the products or services we provide to you
• Those providing your treatment
If CBT Clinics share your personal information, we will make sure suitable protection is in place to protect your personal information in line with data-protection laws.

Clinical Research and statistical purposes

We may use anonymised information or information that is combined with other people’s information for clinical research and statistical purposes. You cannot be identified from this information.
How long we keep your personal information
Personal Identifiable Data is stored within CBT Clinics case management system and will enter our archiving system 7 years from the date of closure of the case.

Internet Cookies

CBT Clinics uses cookies for the following:
• To provide a better user experience
• Identify yourself to us by filling out a web form (“Join our Expanding Network”, “Request a call back”)
• Allow you to share pages via social network widgets like Facebook and Twitter
• Track your visit for statistical analysis, allowing us to improve the usability, speed and security of our website.

We do not use cookies to collect any personal identifiable information or sensitive information (without your consent)
Cookies that we use are;

Social Media: CBT Clinics website may use social media features, such as Twitter (“Social Media Features”). These features may collect your IP address and which page you are visiting our web site, and may set a cookie to enable the feature to function properly. You may be given the option by such Social Media Features to post information about your activities our web site to a profile page of yours that is provided by a third party social media network in order to share with others within your network. Social Media Features are hosted by a third party or hosted directly our web site. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features.

• Word Press: Our website, either in full or in part, is built on the popular open-source CMS framework-Word Press. WordPress utilises cookies to allow visitors to register, login and comment on our website’s content.

• Google Analytics: CBT Clinics uses an analytics tracking service called Google Analytics, which is a web analytics service that provides statistics and basic analytical tools for search engine optimization (SEO) and marketing purposes. Google Analytics uses web beacons from your web browser and IP address to collect information and monitor the actions you take on the company’s website such as the web pages viewed and links clicked. Google Analytics collects no personal information.

• Gravity Forms: CBT Clinics currently uses two web forms on our website; “Joining our Expanding Network” and “Request a call back”. We use a Word Press plugin called Gravity Forms, which is designed to create forms to collect information. In order to prevent spam enquiries, we protect our forms with a “CAPTCHA” challenge to ensure the submissions if from a living person rather than a computer bot. This CAPTCHA challenge creates a cookie that is used only to check the input response from the user is correct. The CAPTCHA cookie does not store any other information from your enquiry.

Data Security and protection

We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.

Email Subscription

Under the GDPR, we use the consent lawful basis for anyone subscribing to our newsletter. We use a third party email marketing software called Campaign Monitor that holds the following information within their system:
• Email Address
• I.P Address
• Subscription time & date

Hosting and Data

The website is hosted on a third party host solution called TSO hosting and is designed and maintained by Blow Media who does not export or use any data stored on client websites.

Contact Us

For more information on our privacy policy, please contact CBT Clinics Data Protection Officer (DPO) at the following email address: [email protected] OR at the following address:

CBT Clinics
31 Bootham
York
North Yorkshire
YO30 7BT

News / Social

7th August 2018

CBT Clinics Celebrating Mental Health Excellence In The Workplace

Behind a strong, motivated and productive team is excellent, protected mental health. Our Founder & CEO Antony Brown will be [Read More]

24th July 2018

HAPPY App Launch

Here at CBT Clinics, we are delighted to announce the launch of HAPPY, a new app developed by Medelinked digital [Read More]

17th July 2018

Digital Innovation in Mental Health Conference 2018

CBT Clinics are looking forward to sharing our vision on technology and mental health during the Digital Innovation in Mental [Read More]

Newsletter Sign Up

Office Opening Times

Monday-Friday
08.00 – 19.00
Saturday
09.00 – 13.00

©2018 CBT Clinics. Website by Blowmedia

Contact Us

Call us on 01904 620 781 or email [email protected]

Alternatively complete the form below.