• (01147) 004 362
  • admin@nationoh.co.uk
NOH Portal
Nation OH Portal

Privacy Policy

1. Definitions and Interpretation
Nation Occupational Health understands that privacy is important and that care is needed about how personal data is used and shared.

In this policy, the following terms shall have the following meanings: Account Means an account required to access and/or use certain areas/features of our site.

Cookie – Means a small text file placed on your computer or device by our site when you visit certain parts of a website and/or when you use certain features of a website site. Details of cookies in relation to our website are set out in section 13. For further information visit www.aboutcookies.org or www.allaboutcookies.org Cookie Law Means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003.

Personal Data – Means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. This definition shall, where applicable, incorporate the definitions provided in the EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”).

Patient – Any person who is assessed by a Nation Occupational Health Ltd clinician. Customer Any organisation or person who buys services from Nation Occupational Health Ltd.

Manager – Anyone in the management structure of ‘patients’.

We/us/our – means Nation Occupational Health.

2. Information About Us
We are a full-service specialist occupational health and wellbeing service provider. We provide services such as pre-placement health services, occupational physician services, nursing, and technician medicals/services. Our registered office is Nation Occupational Health Ltd, First Floor, Swan Buildings, 20 Swan Street, Manchester, M4 5JW.

3. What Does This Policy Cover?
This privacy policy applies to the data held by Nation Occupational Health and the use of our site (https://www.nationoh.co.uk). Our site may contain links to other websites. Please note that we have no control over how data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

We respect and value the privacy of everyone who visits this website, and will only collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and data protection rights under the GDPR

Please read this privacy policy carefully and ensure that you understand it. Your acceptance of our privacy policy is deemed to occur upon your first use of our site. If you do not accept and agree with this privacy Nation Occupational Health Privacy and Cookie Policy policy, you must stop using our site immediately.

4. Your Rights
1. As a data subject, you have the following rights under the GDPR, which this policy and our use of personal data have been designed to uphold:
• The right to be informed about our collection and use of personal data
• The right of access to the personal data that we hold about you
• The right to rectification if any personal data we hold about you is inaccurate or incomplete
• The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you
(we only hold your personal data for a limited time, as explained in section 6)
• The right to restrict (i.e. prevent) the processing of your personal data
• The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation)
• The right to object to us using your personal data for particular purposes
• Rights with respect to automated decision making and profiling

2. If you have any cause for complaint about our use of your personal data, please contact us and we will do our best to solve the problem for you.

3. For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.

5. What Data Do We Collect?
We collect data from our customers, from patients, and from the managers of patients. Most of the data we collect relates to patients who are referred to us by their employer or who contact us directly. We may collect some or all of the following personal, and non-personal data:

• Name, and date of birth (to verify the identity of the individual)
• Contact information such as addresses, email addresses and telephone numbers (to enable us to contact and communicate with customers, managers, and patients)
• Standard identification information to verify the identity of the patient for certain medical assessments and blood tests

• Occupational health records • Email addresses of our customers for marketing purposes
• Our clinicians may need reports and information from other healthcare professional (such as GP, specialist doctor or nurse). If this is needed, we will always obtain written consent to do this

We don’t ask you for personal information unless we truly need it. Any personal data obtained shall only be for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with that purpose or those purposes. Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.

6. How Do We Use Your Data?
1. All personal data will be processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard data under the GDPR at all times. We will retain data according to the retention policies of our customers. Where we are responsible for holding data, we will use the following retention periods:

Clinical records Kept during the employment of the individual 6 years after last use for ‘leavers’
COSHH records 40 years
Ionising radiation records 30 years

2. Our use of personal data will always have a lawful basis. We will process data for the purposes of preventative/occupational medicine, or because you have consented to our use of your personal data (e.g. by subscribing to emails or signing consent forms). We will process data in line with the GDPR, General Medical Council guidelines, Faculty of Occupational Medicine Guidelines (Ethics Guidance for Occupational Health practice).

3. Medical information is held confidentially and securely. Confidential medical information can only be accessed by authorised Nation Occupational Health employees. Managers are not able to access confidential medical information (clinical notes, GP reports etc.), but will have access to the occupational health report in line with the patients consent option (either seeing the report at the same time as the employer or previewing it 48 hours prior to correct any factual inaccuracies).

4. For our customers, and with their permission, we may also use their data for marketing purposes that may include contacting our customers by email, telephone, and/or post with information, alerts, and news on our services. We will not, however, send any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect our customer’s rights and comply with our obligations under the GDPR.

5. Third parties whose content appears on our site may use third party cookies. Please note that we do not control the activities of such third parties, nor the data they collect and use and advise you to check the privacy policies of any such third parties.

6. You have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it.

7. We do not keep personal data for any longer than is necessary in light of the reason(s) for which it was first collected.

The data we collect is required to help us understand your needs and provide you with a better service, and in particular for the following reasons:
• Internal record keeping
• The provision of our business/services you and your employer (where appropriate and agreed with all parties).
• We may use the information to improve our products and services (from feedback received).
• To identify you when dealing with your requests – which may include queries, feedback or complaints
• *From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, or mail. We may use the information to customise the website according to your interests.
* we only do this with your consent, and we will ask you for your permission before we send you anything

7. How and Where Do We Store Your Data?
1. We only keep personal data for as long as we need to in order to use it as described above and/or for as long as we have your permission to keep it.
2. Data will only be stored in the EU.
3. Data security is very important to us, and to protect data we have taken suitable measures to safeguard and secure data collected.


8. Do We Share Your Data?
a. Subject to section 8.2, we will not share or sell any of your data with any third parties for any purposes.
b. In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, for legal proceedings, where we are complying with legal obligations, a court order, or a governmental authority.
c. We may also share your data to comply with the contract specification for the delivery of our services to your organisation, or to protect our rights.

9. What Happens If Our Business Changes Hands?
a. We may, from time to time, expand or reduce our business and this may involve the acquisition, sale and/or the transfer of a part of the business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the same purposes for which it was originally collected by us.
b. In the event that any of your data is to be transferred in such a manner, you will be contacted in advance and informed and consulted of the changes.


10. How Can You Control Your Data?
1. In addition to your rights under the GDPR, set out in section 4, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us).
2. You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.

11.Your Right to Withhold Information
You may access certain areas of our website without having to provide any data at all.

12. How Can You Access Your Data?
You have the right to ask for a copy of any of your personal data held by us (where such data is held). Under the GDPR, no fee is payable and we will provide any and all information in response to your request free of charge. Please contact us for more details.

13.Our Use of Cookies
1. Our website does not use cookies. We do not track a user’s movement on or after leaving our site.
2. Certain visitors to the Nation Occupational Health website choose to interact with Nation Occupational Health in ways that require Nation Occupational Health to gather personally-identifying information. This may include requesting a quote from us by entering information into the enquiry ‘contact us’ function. The amount and type of information that Nation Occupational Health gathers depends on the nature of the interaction. For example, for those who wish to receive a quote for service, we collect information such as name; contact phone number, email address and the nature of their enquiry. In each case, Nation Occupational Health collects such information only insofar as is necessary or appropriate to fulfil the purpose of the visitor’s interaction with Nation Occupational Health. Nation Occupational Health does not disclose personally-identifying information other than as described in this policy. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.

14. Contacting Us
If you have any questions, comments or queries about this privacy policy or about your data, please contact us by email at admin@nationoh.co.uk. Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you.

15.Changes to Our Privacy Policy
We may change this privacy policy from time to time (for example, if the law changes). Any changes will be immediately posted on our site and you will be deemed to have accepted the terms of the privacy policy on your first use of our site following the alterations. We recommend that you check this page regularly to keep up-to-date.

16. Additional references
https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/
https://ico.org.uk/for-organisations/guide-to-data-protection/data-protection-principles/
https://www.gov.uk/data-protection