A privacy policy is a statement or legal document (in privacy law) that discloses some or all of the ways a party gathers, uses, discloses, and manages a customer or client's data. Personal information can be anything that can be used to identify an individual, not limited to the person's name, address, date of birth, marital status, contact information, financial records, credit information, medical history and intentions to acquire goods and services.
In the case of the NHS in Wales, it is often a statement that declares the policy on how it collects, stores, and releases personal information it collects. It informs the service user what specific information is collected, and whether it is kept confidential and where it is shared with partners.
Privacy policies typically represent a broader, more generalised treatment, as opposed to data use statements, which tend to be more detailed and specific.
This statement applies to all information collected or submitted on the NHS Wales Shared Services Partnership website. It details what information we collect, how and why we collect them.
As described within the provisions of the UK Data Protection Act 2018 (external website) and the General Data Protection Regulation (GDPR) 2018, we take appropriate measures to maintain the security of your data on our website. Information collected is governed by this privacy statement and use of this website signifies your agreement.
We do not collect personal information about site users. When you voluntarily submit identifiable data on this website (this includes submission of feedback forms, subscriptions or questionnaires), the information submitted is used solely to respond to your queries and for its intended purpose. We do not share web user information with third parties.
In respect of Personal or other identifiable confidential information, each service area that processes data has their own Privacy Notice or Policy that explains the use of data provided to the organisation by specific department.
These include (as an example)
Legal and Risk Services’ Privacy Notice
Under GDPR, you have rights as an individual which you can exercise in relation to the information we hold about you. These are:
For more on your rights as a service user, please visit the “Data Matters” pages on the Information Commissioner’s Office website.
The Facebook page and Twitter page for this campaign are managed by NHS Wales Shared Services Partnership (NWSSP) Communications Team.
We will monitor our Facebook and Twitter pages and will have access to any private or public messages sent. We may ask for additional information. We will use this information to provide you with most relevant response to your query.
In some cases, the information may need to be shared with third party organisations, e.g. another department or a Health Board in Wales if you are interested in working for them / in a certain area – this will not be done without your express consent.
If you send us a public message, we will use the information to respond to your query and we may share or retweet your message.
We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with the government. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy policy was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of this site’s' collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
If this privacy policy changes in any way, we will place an updated version on this page. Regularly reviewing this page ensures you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.
This privacy policy was last updated on 22/04/2022
We welcome your feedback. If you contact us asking for information, we may need to contact other government departments to find that information. If your question is technical, we may need to pass it to our technology suppliers.
We do not pass on any of your personal information when dealing with your enquiry, unless you have given us permission to do so. Once we have replied to you, we keep a record of your message for audit purposes.
If you have any further questions about how your data will be used, please write to us via our feedback form.
We monitor user activity to enhance content provided on the site. Google Analytics (external website) is a free service provided by Google (external website) that generates detailed statistics about the visitors to a website.
Information collected includes referring / exit web pages, click patterns, most / least viewed web pages, session duration, number of visitors, browser type, operating system, etc. Information is collected by using cookies.
This website may use Google Analytics (external website), a web analytics service provided by Google Inc. ('Google'). Google Analytics uses 'cookies' and JavaScript code to help analyse user activity on websites. The information generated about your use of the website (including your IP address) will be transmitted to and stored on Google servers in the United States.
Google will use this information to produce user activity reports for this website. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.
Google will not associate your IP address with any other data previously held. You may refuse the use of cookies by selecting the appropriate settings on your browser. Please note that if cookies are disabled, you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Read Google's Full Privacy Policy (external website) and Terms of Service (external website) for detailed information.
Cookies are small files that websites put on your computer hard disk drive when you visit. Cookies pass information back to websites each time you visit. They are used to uniquely identify web browsers, track user trends and store information about user preferences. You can restrict/disable cookies on your browser; please note that some website features may not function properly without cookies.
By understanding user behaviour and preferences, we are able to improve our website content to meet user expectations and needs.
This statement does not apply to external links; collection of information by such sites is subject to relevant privacy policies. We are not responsible or liable for the privacy practices of external websites and use of such websites is at your discretion. We encourage you to read the privacy statements on the other websites you visit.