Privacy Notice

Privacy Policy

Version 1.0 | 27th March 2020

Added to Website on 5th May 2020

Introduction

Green Light PBS Ltd understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, https://switchedoncare.com/ (“Our Site”) and only collect and use your personal data as described in this Privacy Policy.   Any personal data we collect will only be used as permitted by law. Please read this Privacy Policy carefully and ensure that you understand it. 

Information About Us

Our Site is owned & operated by Green Light PBS Ltd, a limited company registered in England under company number 09496038

Registered address: 

Trading address:

VAT number: 

Mor Workspace, Treloggan Lane, Newquay, Cornwall, TR7 2FP

As above

N/A

Data Protection Officer:

Email address:

Telephone number: 

Postal address:

Richard Jackson (Pulse Cyber Security – DPO as a Service)

richard@pulsecyber.co.uk

07368 443343

Pulse Cyber Security, Trevenson House, Redruth, Cornwall, TR15 3PT

Representative:

Email address:

Telephone number: 

Postal address:

Jo Pyrah (Nominated Individual)

jo.pyrah@glpbs.com

01637 416444

Mor Workspace, Treloggan Lane, Newquay, Cornwall, TR7 2FP

1. What Does This Policy Cover?

This Privacy Policy applies only to your use of Our Site. Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

2. What Is Personal Data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

3. What Are My Rights?

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 10.

It is important that your personal data is kept accurate and up to date. If any of the personal data we hold about you changes, please keep us informed if we have that data.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau (CAB).

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO). We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first.

4. What Personal Data Do We Collect and How?

We obtain personal data about you, for example, when:

The information we hold about you may include the following:

5. How we use personal data we hold about you

Please note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.

a) Situations in which we will use your personal data

We may use your personal data in order to:

b) Change of purpose

Where we need to use your personal data for another reason, other than for the purpose for which we collected it, we will only use your personal data where that reason is compatible with the original purpose.

Should it be necessary to use your personal data for a new purpose, we will notify you and communicate the legal basis which allows us to do so before starting any new processing.

6. Do You Share My Personal Data?

a) Why might you share my personal data with third parties?

We will share your personal data with third parties where we are required by law, where it is necessary to administer the relationship between us or where we have another legitimate interest in doing so.

b) Which third-party service providers process my personal data?

“Third parties” includes third-party service providers. The following activities are carried out by third-party service providers: IT and cloud services, professional advisory services, administration services and payroll processing services.

All our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.

c) What about other third parties?

We may share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal data with a regulator or to otherwise comply with the law.

In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

7. How Can I Access My Personal Data?

If you want to know what personal data, we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

All subject access requests should be made in writing and sent to the email or postal addresses provided. To make this as easy as possible for you, a Subject Access Request Form is available for you to use. You do not have to use this form, but it is the easiest way to tell us everything we need to know to respond to your request as quickly as possible.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within one month and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

8. Privacy Overview

Here at Green Light PBS Ltd we are committed to building and keeping the trust and confidence of everyone we have contact with.  We think it’s important that you know that we record your personal data when you do things like visit our website, our Facebook page or use our online services in any way.  We want you to trust us with any information we collect and hold.

This privacy policy explains all you need to know about:

Green Light PBS Ltd is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).

If you are unhappy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).  However, we would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

It is very important that the information we hold about you is accurate and up to date.

9. Sensitive Data

We do not collect any Sensitive Data about you from this website.  Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.  We do not collect any information about criminal convictions and offences.

You are not required to provide any personal information on the public areas of this website; however, you may choose to do so by completing the application forms on various sections of our websites and Facebook pages, including:

We may also obtain personal information from your IP address, operating system and web browser that you use to access our website or Facebook site.  You may also provide us with personal information if you contact us by email, telephone or letter.

We require your explicit consent for processing sensitive data, and we will request your signature for this consent.

10. How we use your personal data  

We will only use your personal data when legally permitted.  The most common uses of your personal data are:

Generally, we do not rely on consent as a lawful basis for processing your personal data, other than in relation to sending marketing communications to you via email or text message.

You have the right to withdraw your consent to receiving marketing information from us at any time by emailing us at: dataprotection@glpbs.com

11. Purposes for processing your personal data  

Set out below is a description of the ways we intend to use your personal data and the legal grounds on which we will process such data.  We have also explained what our legitimate interests are where relevant.

We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data.

Please email us at dataprotection@glpbs.com if you need details about the specific lawful basis we are relying on to process your personal data where more than one ground has been set out in the table below:

Purpose / Activity Type of Data Lawful Basis for Processing
To register you as a new customer
  • Identity
  • Contact
Performance of a contract
To manage our relationship with you which will include:

Notifying you about changes to our terms or Privacy Policy

Asking you to leave a review or take a survey

  • Identity
  • Contact
  • Financial
  • Marketing and communications
Performance of a contract with you

Necessary to comply with a legal obligation

Necessary for our legitimate interests to keep our records updated and to study how customers use our services

To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
  • Identity
  • Contact
  • Technical
Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud, and in the context of a business reorganisation or group restructuring exercise

Necessary to comply with a legal obligation

To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising
  • Identity
  • Contact
  • Profile
  • Usage
  • Marketing and Communications
  • Technical
Necessary for our legitimate interests to study how customers use our services, to develop them, to grow our business and to inform our marketing strategy
To use data analytics to improve our website, services, marketing, customer relationships and experiences
  • Technical
  • Usage
Necessary for our legitimate interests to define types of customers for our services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy
To make suggestions and recommendations to you about goods or services that may be of interest to you
  • Identity
  • Contact
  • Technical
  • Usage
  • Profile
Necessary for our legitimate interests to develop our services and grow our business

12. Marketing communications

You will receive marketing communications from us if you have:

a. Requested information from us or purchased goods or services from us; or

b. If you provided us with your details and ticked the box at the point of entry of your details for us to send you marketing communications; and

c. In each case, you have not opted out of receiving that marketing

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

You can ask us or third parties to stop sending you marketing messages at any time by emailing us at dataprotection@glpbs.com at any time

Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product / service purchase, service experience or other transactions.

13. Disclosures of your personal data  

We may have to share your personal data with the parties set out below for the purposes set out in the table in paragraph 2 above:

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law.  We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

We share your personal data within our group of companies which involves transferring your data outside the European Economic Area (EEA).

Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.

Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:

If none of the above safeguards is available, we may request your explicit consent to the specific transfer.  You will have the right to withdraw this consent at any time.

Please email us at dataprotection@glpbs.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

14. How Do I Contact You?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

Email address: dataprotection@glpbs.com

Postal Address: FAO Data Protection Officer

Green Light PBS Ltd. Mor Workspace, Treloggan Lane, Newquay, Cornwall, TR7 2FD

Telephone number: 01637 416444

15. Changes to this Privacy Policy

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be immediately posted on Our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of Our Site following the alterations. We recommend that you check this page regularly to keep up to date. 

16. Regulatory Bodies & Memberships

We are regulated by the Care Quality Commission (CQC) 

Cornwall Council commission services and conduct periodical Quality Assurance Visits