Privacy notice and cookies

What is personal data?

Personal data is information about a living, identifiable individual. Therefore, your personal data is any information that can be attributed to you personally, including your name, weight, height, date of birth, health conditions and treatments you receive. So long as you can be identified from that information, it becomes your personal data.

Organisations that use personal data must do so in line with the provisions of the Data Protection Act 2018. The Act applies to personal data held in both electronic and physical media.

An example of the types of personal data that the Trust uses are:

  • Name, address, date of birth, NHS Number and next of kin
  • Contact information i.e. telephone number
  • Contacts we have had with you such as clinic visits
  • Details of diagnosis and treatment
  • Allergies and physical or mental health conditions
  • Racial or Ethnic Origin
  • Religious or other beliefs of a similar nature
  • Offences, criminal proceedings, outcomes and sentences.
  • Family, lifestyle and social circumstances
  • Education and training details
  • Employment details
  • Financial details

We may need to keep records about the health care and treatment you receive as one of our patients. This helps to ensure that you receive the best possible care from us and that full information is readily available if you see another doctor, or are referred to a specialist or another part of the NHS.

We also keep records relating to staff, for the purpose of appointments or removals, pay, discipline, superannuation, work management or other personnel matters. This is to ensure that employment at the Trust is managed to a high standard and that staff are provided with the information and training required to carry out their role.

We may use personal data for the following purposes:

  • To prepare statistics on NHS performance
  • To audit NHS Services
  • To monitor how we spend public money
  • To plan and manage the health service
  • To teach and train healthcare professionals and NHS employees
  • To conduct health research and development

All of the personal data that we collect and use is handled in accordance with the Data Protection Act principles. These state that:

  • We must satisfy lawful conditions in order to use personal data. (These conditions include, but are not limited to, obtaining consent from the individual to use their personal data; and/or needing the personal data to protect someone from serious harm; and/or using the personal data in order to exercise one of our statutory duties)
  • We must let individuals know why we are using their personal data. This webpage helps us to do that.
  • We must use the personal data in a manner compatible with that purpose.
  • We must only use the personal data that is relevant to the purpose; i.e., not obtain or use more than we need to.
  • We must keep your personal data accurate and up-to-date.
  • We must not keep your personal data longer than is necessary
  • We must use in line with your Data Protection rights; for example, the right to obtain a copy of the personal data we hold about you.
  • We must keep your personal data safe and secure.
  • We must only transfer your personal data outside of the European Economic Area if we have ensure that adequate safeguards are in place.

Torbay and South Devon NHS Foundation Trust shares data with a range of organisations. We will always endeavour to share the minimum amount of personal data required, even anonymising data where we possible. However, there will be some instances where personal data will need to be shared with other organisations for the purposes of caring for a patient. In such instances we will need to ensure that the information shared is adequate so that the patient is properly cared for.

We may share personal data with the following organisations for the purposes of delivering or improving healthcare, or where there is a legal requirement for us to do so:

  • Clinical Commissioning Groups
  • Health authorities
  • Other NHS Trusts
  • General Practitioners (GPs)
  • Ambulance services
  • Other NHS common services agencies such as primary care agencies
  • Social services
  • Education services
  • Local authorities
  • Police
  • Department for Work & Pensions
  • Voluntary sector providers and private sector providers

All our records are destroyed in accordance with the NHS Retention Schedule, which sets out the appropriate length of time each type of NHS records is retained. We do not keep your records for longer than necessary.

All records are destroyed confidentially once their retention period has been met, and the Trust has made the decision that the records are no longer required.

Torbay and South Devon NHS Foundation Trust is committed to securing your personal information from unauthorised access, use or disclosure. We secure the personal data you provide on computer servers in a controlled, secure environment. We also train our staff and have policies and procedures in place so that everyone working in the Trust is aware of the high standards we expect them to adhere to when handling your personal data.

If you have a concern about any aspect of your care or treatment at this hospital or about the way your records have been managed, please contact the Trust’s Patient Advice and Liaison Service (PALS).

Additionally, you have a right to complain to the Data Protection regulator, the Information Commissioner, if you are dissatisfied with the way the Trust has handled or shared your personal information:

Information Commissioner’s Office
Wycliffe House
Water Lane
Cheshire SK9 5AF

Tel: 0303 123 1113 (or 01625 545745 or 44 1625 545745 if calling from overseas)
Fax: 01625 524510

We will occasionally update this Privacy and Fair Collection web page to reflect company and customer feedback. We therefore encourage you to periodically review this web page in case of any changes.

To learn more about how we use, manage and maintain confidentiality of your information, please speak to the health professionals concerned with your care.

The NHS is committed to respecting the privacy of individuals using this website. Torbay and South Devon NHS Foundation Trust does not collect any personal information about those using the site, or use cookies to track or log information about users. We do analyse the server log files which contain details of the Internet Protocol address (IP address) of computers using the site, pages looked at, the times of day and the type of web browser used. None of this information is linked to individuals or distributed to third parties.

There are two types of cookie you may encounter:

First party cookies: these are our own cookies, controlled by us and used to provide information about usage of our site.

Third party cookies: these are cookies found in other companies’ internet tools which we are using to enhance our site, for example Facebook or Twitter have their own cookies, which are controlled by them

First party cookies

A to Z list (filter): We use cookies for the a to z filter on our services page. This allows your browser to remember which letter you selected when returning to the page.

Accessibility control (style): We use cookies for the size and contrast accessibility setting on the website. The cookie stores no information other than your preferred setting.

Third party cookies

Browsealoud: Our website uses the Browsealoud plugin which allows text on the page to be read aloud. Cookies may be set to store information and preferences when using the plugin. To find out more please visit Texthelp.

Google: We use Google Analytics to collect statistics about site usage such as when the visitor last visited the site. The cookie contains no personal information and is used only for web analytics. This information is used by us to help to improve the experience for you on our website.
Some of our pages include interactive Google maps. Cookies may be set to store information and preferences about these maps or other associated services on pages where we embed Google maps. To find out more please visit Google’s Privacy Policy page.

SiteImprove: The SiteImprove nmstat cookie contains a randomly generated ID used to recognise your browser when you read a page. It collects statistics about site usage such as when the visitor last visited the site. The cookie contains no personal information and is used only for web analytics. This information is used by us to help to improve the experience for you on our website. To find out more please visit SiteImprove.

Vimeo: We embed videos from our Vimeo channel. Vimeo sets a number of cookies on any page that embeds a Vimeo video. These cookies appear to include a mixture of pieces of information to measure the number and behaviour of Vimeo viewers, to hold information about current viewing video settings as well as a personal identification token, if you are logged into Vimeo. To find out more please visit Vimeos’ cookie policy information page.

YouTube: We embed videos from our YouTube channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode. To find out more please visit YouTube’s embedding videos information page.

How to control and delete cookies

If you wish to restrict or block the cookies which are set by the Torbay and South Devon NHS Foundation Trust website, or indeed any other website, you can do this through your browser settings. Each browser is different, so check the ‘Help’ menu of your particular browser (or your mobile phone’s handset manual) to learn how to change your cookie preferences.

The websites or contains comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your machine as well as more general information about cookies.

Please be aware that restricting cookies may cause the Torbay and South Devon NHS Foundation Trust website to work incorrectly.

Translate this page: