Privacy Policy

  • Home
  • Privacy Policy

1. Introduction

At Medall Healthcare, we are dedicated to protecting your privacy and ensuring the security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard personal information in compliance with the UK GDPR, the Data Protection Act 2018, and other relevant laws.

This policy applies to employees, job applicants, clients, suppliers, patients, healthcare professionals, and any individuals whose data we process.

2. Information We Collect

  • Personal Information: Name, date of birth, contact details, identification documents, and employment eligibility.
  • Employment & Recruitment Data: CVs, employment history, payroll details, and right-to-work documents.
  • Healthcare-Specific Data: Pre-employment health checks, medical records (if required), and background checks.
  • Website & Communication Data: IP addresses, cookies, browsing activity, and communication records.

3. How We Collect Data

We collect data through direct interactions, third-party references, regulatory bodies, recruitment platforms, and online tracking technologies.

4. Purpose of Processing Personal Data

  • Recruitment & Employment: Processing job applications, verifying credentials, and managing employment contracts.
  • Patient Care & Healthcare Services: Delivering healthcare services and patient support.
  • Business Operations: Providing healthcare staffing services and ensuring smooth operations.
  • Legal & Compliance: Meeting regulatory, tax, and employment obligations.
  • Security & Fraud Prevention: Protecting against unauthorized access and fraudulent activities.
  • Marketing & Communication: Sending updates and promotional materials (with consent).

5. Legal Basis for Processing

We process personal data based on contractual obligations, legal compliance, legitimate interests, or explicit consent where necessary.

6. Data Sharing and Disclosure

  • Clients & Employers: For job placements and staffing services.
  • Service Providers: Payroll processors, background check agencies, and IT support.
  • Regulatory Authorities: Care Quality Commission (CQC), HMRC, Home Office, and law enforcement (if required).
  • Healthcare Partners: Medical institutions involved in patient care.
  • Business Partners: Third-party healthcare systems and insurance providers.

We do not sell or rent personal data to third parties.

7. Data Storage and Retention

  • Personal data is stored securely on encrypted systems.
  • Data is retained only for as long as required for legal and operational purposes.
  • When no longer needed, data is securely deleted or anonymized.

8. Data Security

  • Encryption & Secure Storage: To protect personal data.
  • Access Controls & Authentication: Ensuring only authorized personnel access sensitive data.
  • Regular Audits & Security Assessments: To identify vulnerabilities and maintain data protection.

9. Your Rights

  • Access: Request a copy of your personal data.
  • Rectification: Request corrections to inaccurate or incomplete data.
  • Erasure: Request deletion of personal data in specific circumstances.
  • Restriction: Limit how your data is processed.
  • Data Portability: Request data transfer to another provider.
  • Objection: Object to data processing for legitimate interests or marketing.
  • Withdraw Consent: Withdraw consent for processing at any time.

10. Cookies and Website Tracking

Our website uses cookies to improve user experience, track analytics, and personalize content. Users can manage cookie preferences via browser settings.

11. Third-Party Links

We are not responsible for the privacy practices of third-party websites linked from our site. We recommend reviewing their policies before sharing personal data.

12. Updates to This Policy

We may update this Privacy Policy periodically. Any changes will be posted on our website, with the latest revision date indicated. We encourage users to review the policy regularly.